on 06-18-2008 6:00 AM
Hi,
I need to set up a LDAP connector, but unsure how I can do it with a LDAP that requires anonymous bind.
No matter what I put in, I just get "Connection failed". Using LDAP Browser, I can connect just fine.
Thanks
Henrik
Henrik-
We implemented a LDAP connection with an anonymous bind. You should work with your LDAP team to obtain the correct:
Server Name
Domain
Port
User Principal Name
Password
What kind of LDAP are you trying to connect? Active Directory? SUN One?...
Ankur
GRC Consultant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ankur,
Thanks for the response, and sorry I haven't gotten back to you earlier.
It's an active directory ldap.
I have got the correct information regarding servername etc, as I can connect using LDAP browser (freeware tool), when using anonymous bind. But since I can't use anonymous bind in AE, then what? Should I have an authorised user set up? Surely AE should be able to handle anonymous
Henrik-
To my understanding, if you change the seventh character of the dsHeuristics attribute to 2, anonymous clients can perform any operation through LDAP. Then you can use the exact same directory object to execute your searches.
Please ensure, this is valid in the UME settings and the Config Tool settings.
If this does not work, then let me know, and I will talk to my LDAP person...
Ankur
GRC Consultant
Henrik-
What I was trying to say is that it is not easy to create an anonymous bind with LDAP, and that is not normal practice to do so.
The UME is connected to LDAP for authentication and LDAP sources. You can see this in the configuration. For authentication port 636 is used and for data sources port 389 is used...
Ankur
GRC Consultant
Henrik-
Yes, my point was, you don't have to change anything with the LDAP. You need the correct directory string to access it. We are using an anonymous bind for our LDAP.
You have confirm with your LDAP person, if your attempt to access the LDAP through your Freeware browser actually tried to fetch data from it, or was it only authenticating. There is a big difference between the two. I used a Freeware browser to attempt to solve our LDAP problem.
So:
- Apply the latest SP to AE (SP 9 was just released today).
- Define the correct string to fetch data from the LDAP.
- Use the correct LDAP port (I believe it's 389 for fetching data).
We could not get our LDAP to work with AE until SAP released a patch in SP 8.
Hope this helps. If not, then create an OSS Note to SAP...
Ankur
GRC Consultant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.