on 04-16-2013 10:30 PM
Hi All
I have below questions :
1.Is there any way we can restrict or pull users from a particular LDAP Groups only into GRC AC 10.0 system front-end.If yes how to write the base entry for the same.
2.In my LDAP search I am getting users from LDAP search in GRC but both firstname and surname are same as firstname(Screenshot attached below)
3.Can I extend or delimit the number of entries for search or finding.As I get error message in transaction LDAP when I try to find users from directory saying "Maximum number of find results exceeded.
Hi Pradeep
Question 1
Not sure if SAP LDAP can lookup users who belong to a specific LDAP group
If your IT can do this, another option is to build an LDAP (read only) is populated by a script (e.g. refresh every night). The script is used to only select the AD users who belong to the specific group. You can then connect the SAP LDAP to this LDAP instead. It means work outside of SAP and you would need to make this LDAP highly-available.
Question 2
Question 3
Would this be the Page Size set in transaction LDAP > LDAP Connectors: Use "
This allows you to avoid restrictions with regard to the maximum number of hits that exist in some directory servers."
Also - when you search in question 3 what criteria are you entering? It may be need to restrict in your search.
If you are still having issues, I would recommend you post some screen shots of your configuration for LDAP and Conenctor AC Field mappings.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.