The user's portal user ID is stored in the central user repository for the Enterprise Portal. Typically this is a corporate LDAP directory. To enable Single Sign-On, a user's portal user ID must be mapped to the corresponding user ID for each system in which the user ID is different.
The Enterprise Portal provides you with a user interface for entering mapping data. The data is stored in the portal LDAP directory.
User mapping is required for two methods of Single Sign-On:
The requirement is that the user ID be the same for all SAP Systems using logon tickets for Single Sign-On. If the SAP user IDs are the same as the portal user IDs, there is no need for mapping. If the SAP user IDs are different to the portal user IDs, you must define an SAP reference system. This is the system that is then used for user mapping. In other words, users map their portal user ID to the user ID in the SAP reference system.
A user's portal user ID and the SAP user ID are stored in the user's SAP logon ticket. When the user tries to access a component system, the system extracts the user ID from the logon ticket.
For more details on defining an SAP reference system, see
You can map either a user, group, or role to a user ID in a system connected to the portal. When a user tries to access an iView that requires data from a connected system that does not support SAP logon tickets, the procedure is as follows:
If the component system supports SAP logon tickets, the user ID is already contained in the ticket.
You have set up a corporate LDAP directory or other repository that stores user data for all portal users. You have configured the location of this repository as described inDefining Location of Central User Data Repository.
Typically, user mapping data is stored on the portal LDAP directory. You have configured where this data is stored as described inDefining Location of User Mapping Data.
You have defined the system landscape as described inDefining the System Landscape.
You have defined any unifier projects as portal data sources.
There are three methods for entering mapping data: