The Enterprise Portal integrates a corporate LDAP directory as its primary store for central user data in the portal. One possible scenario is that you have been using an SAP R/3 System to administer your central user data, for example using Central User Administration (CUA). This means that you now need to populate the LDAP directory with user data from an SAP R/3 System. Possibly you wish to continue using the SAP R/3 System for central user management and would like to synchronize this data with the corporate LDAP directory at regular intervals.

Systems based on SAP Web Application Server (SAP Web AS) Release 6.10 or higher provide a directory interface for user management. This interface allows data from R/3 user management to be exported to a directory server and, if required, to be synchronized periodically.

Passwords are however not synchronized from the SAP Web AS to the corporate LDAP directory. This means that if your corporate LDAP directory contains user data that has been synchronized from a SAP Web AS, it does not contain any passwords and the Enterprise Portal cannot authenticate users against the corporate LDAP directory. You must set up the portal to authenticate users against the SAP Web AS or another SAP R/3 System directly.

You have developed a concept for data flows between SAP systems and your corporate LDAP directory. Note that only systems based on SAP Web Application Server 6.10 or higher can use the interface to an LDAP directory. SAP recommends that you use a 6.10 System for Central User Administration (CUA), which collects all the user data from connected SAP Systems. The data in the CUA System can then be synchronized with the directory. The following diagram shows an example of a system landscape with a directory.

First you synchronize the data from an SAP Web AS to the corporate LDAP directory. The process is described in the documentation for the SAP Web Application Server. See SAP Web Application Server ® Security (BC-SEC) ® Directory Services (BC-SEC-DIR).