on 02-06-2015 12:23 AM
Hi All,
We are in the planning to setup AD integration with our present sap system, where ad user name is differently maintained and sap user ids are different. we don't have any java systems in our landscape. our requirement is simple , user id and password authentication should be through AD.
However was not able to find any specific implementation guide, it would be great if any one can share the best possible solution with steps to take an approach.
I have already gone through many post but couldn't find any thing suitable for our scenario.
Please help.
Thanks and Regards
JADS.
Dear All ,
Just wanted to add our AD and SAP environment is running on windows 2008 r2.
Regards
Jads.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Jads,
as you are in the forum for the SAP NetWeaver Single-Sign On product, do you have SAP NW SSO installed? If yes, please have a look at the docs for the solution.
There is also an implementation guide.
The AS ABAP does not nativly support an AD integration for password based login.
Kind regards,
Patrick
Hi Patrick,
Thanks for the link , we do not have SSO installed ,do we have to installation sso. if yes could you please let me know were can I find the installation Guide for the same.
1. Our requirement is very simple we want achieve the user id disable unable locked unlock through AD and our ad user names and sap user names are different. and we have only abap systems as you mentioned abap does not support ad integration. what will be the best Approch if we have to achieve this in our landscape.
Kindly help since im new to ad integration.
Regards
Jads.
Hi Jads,
the videos describe a feature of the SAP NetWeaver SSO product.
Yes, you will have to install this first.
Yes, only videos one to three apply for ABAP.
To install SAP NW SSO, please check the documentation.
The features you requested are only available via an add-on product and not nativly supported by the SAP ABAP system.
Kind regards,
Patrick
Can you confirm if you want SSO or just AD authentication ? e.g. Do you want users to have to enter their AD user id and password during logon to the SAP system, or do you want users to logon to Windows and then login to SAP without being prompted to enter any credentials during the SAP system logon ?
Thanks
Tim
Hi Nicolas,
when using SAP GUI you could map several SAP backend users to the same AD account. The system would then let you decide at login which backend user your want to be. However, this only makes sense if there is a limited, known number of backend users for each AD user. Also, this only works in SAP GUI, not in the browser or NWBC. So it should not be the basis of a long term SSO strategy.
Best regards,
Christian
Thank you for your answer Christian.
I understand that it is not a long term strategy, but even if we use NWBC 5.0 or SAP Business Client 6.0 with windows SSO, we would like to be able to use test user without logout from windows session. Does SAP Single Sign-On 2.0 support this kind of scenarios ?
Regards,
Nicolas
Hi Nicolas,
with NWBC this is a bit more difficult, as the authentication is done using SPNEGO on the HTTPS connection and the user cannot interfere with this.
You could define a separate ICF node for NWBC access to the backend system, and disable SSO on the backend for this node.
Best regards,
Christian
User | Count |
---|---|
92 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.