Administrator

Adding a Production-Grade Provider

Modify the Admin security profile to add a production-grade provider, typically Directory Service (LDAP/AD). Most companies use an LDAP directory to maintain internal user accounts. This provider integrates with most LDAP servers, including Active Directory.

Prerequisites

Determine what values are needed for the security provider properties in SAP Mobile Platform by gathering this information from the security provider you plan to use. For example, for the Directory Service (LDAP/AD) authentication provider, you need values for the providerURL, serverType, bind user, bind password, search base, and so on.

Context

Configure the Admin security profile to authenticate administrative users only. SAP recommends that you create custom security profiles for SAP Mobile Platform application users. The steps here include examples for adding an LDAP provider.

Procedure

  1. In Management Cockpit, select Start of the navigation path Settings Next navigation step Security Profiles End of the navigation path.
  2. Click admin (Cannot be deleted) to select the installer-defined administrativer user.
  3. Under Authentication Providers, click New.
  4. Select a provider from the list, for example Directory Service (LDAP/AD), and click Create.
  5. Configure the values as determined by you and your provider administrator.
  6. Click Save; click OK; click Save.

Next Steps

Map the SAP Mobile Platform Administrator and Helpdesk logical roles to physical roles in your back-end system to enable administrator and helpdesk users to use Management Cockpit. You must restart the server to recognize role-mapping changes before affected users can log in.