cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

integration between MS Active directory and SAP

Former Member

on ‎05-18-2008 10:57 AM

0 Kudos

Dear All,

i want to get your advice regarding this matter

i want to integrate MS Active directory to SAP systems, i have ERP "DEV(2 clients), QAS(3 clients),PRD(1 client)" and BI "DEV (1 client),PRD(1client)"

but not all the users have authorization to all the systems

i mean some of them has authorization for all the system and the others have authorization for some of the systems.

i don't have till now Centgral User administration.

first question:

can i make the integration betweenthe active directory with my SAP landscape or i have first to configure the SAP Central User Adminstration then integrate it with MS active directory?

second question:

will all SAP roles be mapped to the active directory or i have to login to the SAP systems to assign the roles to the users

i mean, if i create a new user in the active directory can i assign roles to him from the active directory or should i login to the systems and assign roles manually?

please help

thanks

Sherif

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

JPReyes
Active Contributor
‎05-19-2008 9:13 AM
0 Kudos

Read,

https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/8302a929-0501-0010-05b5-d48...

Regards

Juan

Show replies
Show replies
Former Member
‎05-19-2008 10:30 AM
0 Kudos

thanks Juan for your help, i had that file already but i'm still need help from any one did this scenarion before

i want to get answers for the above questions

thanks for your reply

SH..

JPReyes
Active Contributor
‎05-19-2008 10:45 AM
0 Kudos

first question:

can i make the integration between the active directory with my SAP landscape or i have first to configure the SAP Central User Adminstration then integrate it with MS active directory?

As far as i know you don't have to configure CUA to intergrate a system with LDAP... Systems can be configured individually to use LDAP as a datasource.

second question:

will all SAP roles be mapped to the active directory or i have to login to the SAP systems to assign the roles to the users

i mean, if i create a new user in the active directory can i assign roles to him from the active directory or should i login to the systems and assign roles manually?

You need to do the role assigment from SAP.... AD will provide the the user but the role/profile assigment and all user details will be kept on the SAP side.

Regards

Juan

Former Member
‎05-27-2008 8:47 AM
0 Kudos

Thanks Juan,

I did the following steps

1- create RFC connection for the LDAP_RFC from SM59

2- create connector for that RFC from LDAP t-code

3- create System User to be used during connection to the Active directory

4- create server using the settings of the physical active directory server

Result: I can reach to the active directory from SAP.

Problem

i'm following the SAP Help but when in

[Generate Schema Extension |http://help.sap.com/saphelp_nw2004s/helpdata/en/57/b30c3c30a85b4ee10000000a11402f/content.htm]

step i get the LDF file successfully but when i'm importing it into Active Directory it says done but i can't recognize the result

i mean there is no new attributes added to the Active directory.

so could you please tell me why this happan?

thanks

sherif

Former Member
‎07-09-2008 3:26 PM
0 Kudos

sap support replied and told me that this issue related to the active directory vendor.

so it is not related to the SAP itself.

Ask a Question