Show TOC

Mapping X.509 Certificates in Table USREXTIDLocate this document in the navigation structure

Use

Use this procedure to map users of SAP NetWeaver Application Server (AS) ABAP to external IDs used in X.509 certificates.

Recommendation

Maintaining table USREXTID is a manual process. We recommend you use rule-based mapping for X.509 certificates.

Prerequisites

If you mass configure user mappings, you have determined what common factor to use to create the external ID. You can choose from the following:

  • User ID

  • Logon alias

  • A value determined by a custom BAdI

    You must create your own BAdI. SAP provides the BAdI USREXTIDMAPPING as an example of just such an implementation.

Procedure

Performing Mass Configuration of Mapping Data

  1. In transaction SA38, open report RSUSREXT.

  2. In the User section, determine the selection criteria for the users to which you want to map external IDs.

  3. In the Ext. Name Changed section, enter the following data:

    • Enter DN in the External ID type field.

    • Enter any text that is to appear before or after the common part of the external name ID.

      Example

      Enter CN= as the prefix and , O=EXAMPLE, C=US as the suffix.

    • Choose the source for the common part of the external name ID.

  4. Enter further options as required.

  5. Choose Execute.

Mapping a Single User

  1. In transaction SM30, open view VUSREXTID.

  2. Enter DN in the External ID type field.

  3. Edit the table entries.

  4. Set the Activated indicator to activate the client certificate logon for the user.

  5. Save your entries.