on 11-12-2014 12:01 PM
Hello GRC Experts
We configured the LDAP connection for End User Logon and tested the connection OK in SM59. But this connection cannot be connected in End User Logon.
For more detail, please refer to the following snapshot
1. the LDAP connection configuration
2. The connection can work
3. The connector is active
4. LDAP Server setting, the setting is in different client, we config the server in client 100 but test the funciton in client 200(Because the connection is cross client). For the port number, we also tested 389
5. Data source setting
6. error message
If anyone can offer any advice on where to look or what to try it would be greatly appreciated.
Best regards
James
Hi James,
Also refer notes1604946.
Also as Prasant suggested check with S_LDAP auth object and Activity 51.
Thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi All
I added the S_LDAP authorization issue, I traced the ABAP code to kernal call, and found return code is 5, the identifier which have been sent to LDAP is "BC_LDAP+SAPGRC"(SAPGRC is the connection acccount we created in AD), is that means that I should create a connection account named BC_LDAP_SAPGRC in AD? But I tried to directly pass into SAPGRC, the return code is same 5
Hi James,
please check the privileges of your application user in LDAP, especially privileges to path set up as base entry.
Regards, Andrzej
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Please check the authorization of user mapped to webservice in SICF.
normally need S_LDAP object.
if dev environment try assign SAP ALL and test it.
Hope your sync job ran successfully
Regards,
Prasant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.