Solved: SAP IDM with MS Active Directory (OU names in Arab...

Former Member · ‎07-21-2014

Dear Gurus,

With SAP IDM , we need to integrate with MS Active directory such a way that SAP IDM only fetches users who have “SAP” in one of the AD field. That means do not read entire AD but only fetches users in SAP who have “SAP” tagged in one of the AD field.

Is it possible ? We tried that in SAP LDAP connector but its not possible in LDAP connector in SAP as LDAP connector is reading through all the users in our CUA system.

Question is it possible through SAP IDM that we use some thing (maybe BAPI) to restrict users and do not read all users but only users having “SAP” in one of the AD field.

Also note that our AD has some OU's name in Arabic.

Regards,

Former Member · ‎07-21-2014

If you want to filter this in the ADS Initial Load job then you can modify the repository LDAP Filter:

(&(objectclass=person)(orgUnit=SAP))

Replace orgUnit=SAP with your your attribute and tag.

Br,

Chris

Steffi_Warnecke · ‎07-21-2014

You set the filter in IdM in the "From LDAP"-pass on the "Source"-tab.

Steffi_Warnecke · ‎07-21-2014

Hello,

you can just read the AD users with a "From LDAP directory"-pass into a temp-table and use that one for the query in a "To Identity story" to filter for those users (e.g. with "SAP" in a certain field), you want to create and update in IdM.

Regards,

Steffi.

SAP IDM with MS Active Directory (OU names in Arabic)

Accepted Solutions (1)

Accepted Solutions (1)

Answers (2)

Answers (2)

Re: How can assign in Identity Authentication Serv...

Re: Are there plans to update the Spring framework...

Vendor Invoice Screen 'Payment' tab screen field '...

I have data like Date, Net, Gross. I want to deriv...

Re: Re Generate Co files and data files