Use
The PAS must be able to determine the user's ID in the SAP system so that it can issue the user his or her SAP logon ticket. For this purpose, maintain the user's information in the user external ID mapping table (USREXTID).
If you use an external authentication mechanism that provides the user’s ID for the SAP system directly, then you can skip this procedure. For more information, see
Prerequisites
The type of external user ID that you define in the mapping table must match the type of user ID defined in the PAS's service file.
Procedure
Maintain the table USREXTID on the ticket-issuing application server. You can either use table maintenance (transaction SM30, view VUSREXTID) or the reports RSUSREXT or RSUSREXTID to maintain the user information.
Use the following information:
Field |
Description |
Possible Values |
Default |
Type of external ID |
Type of external ID. The value must match the type of authentication used. |
DN (Distinguished Name for X.509)NT (Windows NTLM or password verification using the Windows domain controller)LD (LDAP bind)<User-defined> (For other external authentication mechanisms) |
None |
External ID |
User's external ID. The syntax is determined by the authentication mechanism used. |
String value (case-sensitive) |
None |
Seq. no . |
Optional. Use if multiple entries for the same user ID exist. |
000 – 999 |
None |
User |
User's ID for the SAP system |
Valid user in the SAP system |
None |
Min. date |
Optional. First valid date for the external ID mapping. |
Date |
None |
Indicator: Activated |
Check to activate the user mapping. |
On or off |
Off |
The external ID entries in USREXTID are case-sensitive. Therefore, to avoid case problems, we recommend maintaining the external ID entries in capital letters and setting the ITS parameter
~login_to_upcase = 1 in the PAS's service file.