Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Configure LDAP with Netweaver CE 7.1

Former Member

‎11-15-2010 5:22 PM

0 Kudos

Hi All,

We were trying to implement single sign-on with MII 12.1.5 (Build 85) and Microsft ADS (Windows 2008 Server R2) via LDAP. Followed the steps in wikis and Netweaver Help documents.

In the UME configuration page, the data source is selected as "Microsoft ADS Read-Only (Deep Hierarchy)Database+", configured the LDAP Server tab using ADS service account (was able to browse the user path from the ADS tree), validated and restarted all services.

However, we were unable to login to the MII after the service restart using the database accounts and network login as well (even the administrator login didn't work). In order to bring it back to normal, we had to edit the config tool to change the Data Source to 'Database only". One thing we have noted in the Config tool is that we were not seeing the "UME LDAP Data" link.

Also tried the Kerberos authentication using SPNEGO and by following the steps in SAP notes but was not successful. Service Principal Names (SPN) has been set and MII server and ADS server are friends.

Any help would be appreciated.

Thanks,

Johnson George

4 REPLIES 4

desiree_matas
Contributor

‎11-16-2010 2:28 PM

0 Kudos

Hello Johnson,

Well, you are talking about 2 different things:

1 --> configure the LDAP as datasource for your UME.

2 --> configure spnego for SSO.

What are doing at this moment? Which errors did yo receive?

Best regards,

Désiré

Former Member
In response to desiree_matas

‎11-16-2010 4:24 PM

0 Kudos

Hi Desiree,

Thanks for the reply.

Well, lets talk about #1. We tried #2 because we were not successful in configuring LDAP as a datasource in UME.

Even though we selected "Microsoft ADS Read-Only (Deep Hierarchy)+Database" in the UME, we were not able to login to the server after restarting the services(by using database accounts and ADS accounts as well). We were getting the normal "Authentication did not succeed." error on the Log.

Also, as I stated in the previous message we were wondering why we are not seeing the "UME LDAP Data" link in the config tool. I am just mentioning it to see whether it rings a bell or not.

Thanks,

Johnson George

desiree_matas
Contributor

‎11-17-2010 8:21 AM

0 Kudos

Hi,

Have you verified that the users are unique in the datasource (I mean, that they exist in the database or in the LDAP, but not in both of them)? I guess you were using a database only datasource, right? Which documentation are you following?

SAP note 673824 may be also interesting.

Regards,

Désiré

former_member246543
Participant
In response to desiree_matas

‎06-18-2012 11:42 AM

0 Kudos

Hi Desiree/Johnson,

Actually I also want to implement SSO in MII 12.1 . Could you please guide me and tell which document should I follow.

Regards,

Sanjeev Sharma