Entering the Connection Data for the LDAP
Server 
Use
To use an LDAP
server as data source for the UME,
you have to specify the data source configuration file to use and provide
connection data for the LDAP server. This section describes how to do this
using the 
LDAP
configuration tool. You can
also use the user management
configuration tool. For more information, see Defining an LDAP
Directory as a Data Source.
Prerequisites
All cluster elements are shut down.
Procedure
...
1. Start the Config Tool by executing <SAPJ2EEEngine_installation>\j2ee\configtool\configtool.bat.
2. In the Config Tool, choose UME LDAP data.
3.
In the Configuration file list box, choose the appropriate
configuration file. For a list of the available configuration files for LDAP
directories, see LDAP Directory as Data
Source.
If the file
you require is not there, upload a new configuration file as described in UME LDAP
Configuration Tool. For example, you may need to adapt the attribute
mapping section of the configuration file, if your LDAP directory does not
adhere to the X.500 standard. In this case, you would adapt a copy of an
existing configuration file and then upload the adapted file.
If the configuration file already contains some configuration data, this data is displayed in the configuration tool and cannot be overwritten.
4. If your configuration file defines more than one LDAP data source, choose the one you want to configure in LDAP data source ID.
5. Enter the connection details for your LDAP data source as follows:
Field Name |
Value |
LDAP server type |
Type of the LDAP directory server, for example SUN. For more
information on the possible values, see the ume.ldap.access.server_type property at |
Server name |
Host of the LDAP directory server. |
Server port |
Port of the LDAP directory server. |
User |
Distinguished name (DN) of user that is used to connect (bind) to the LDAP directory server. This user should have read and search permissions for all branches of the LDAP directory. If UME also needs to write to the LDAP directory, the user must additionally have create and change authorizations. |
Password |
Password of user that is used to connect (bind) to the LDAP directory server. When you enter the password in the Config Tool, it is displayed as asterisks. |
User path |
Distinguished name
of branch of directory where information about users is stored. If you have a
Use the Browse button to browse to the correct path on the LDAP server. |
Group path |
Distinguished name
of branch of directory where information about groups is stored. If you have a
Use the Browse button to browse to the correct path on the LDAP server. |
Use UME unique id with unique LDAP attribute |
Enable this option to use a unique ID instead of a distinguished name to identify a user account. Which LDAP attribute is used as the unique ID is defined in the data source configuration file and is display as the default value, when you select this option. This enables you to physically move users in your LDAP directory structure and still be able to find them, because the user ID is based on the unique ID and not the distinguished name. See also SAP Note 777640. |
6. To test the data you entered:
¡ Choose Test connection to establish a connection with the user ID and password you entered.
¡ Choose Test authentication to establish a connection with a user ID and password that you provide in a dialog box.
7. To save your entries, choose Apply changes.
8. Restart the java application server.
Example
The following table lists example values to enter when using a Novell eDirectory with a flat hierarchy as LDAP directory. Access to the LDAP directory is read/write. Secure Sockets Layer (SSL) is not used to access the LDAP directory.
Field name |
Value |
Configuration file |
dataSourceConfiguration_novell_not_readonly_db.xml |
LDAP server type |
NOVELL ( you do not need to enter this as it is predefined in the configuration file) |
Server name |
myserver |
Server port |
390 |
User |
cn=admin,o=ume |
Password |
Admin (The password is displayed as asterisks on the screen.) |
SSL |
Not selected |
User path |
o=ume |
Group path |
o=ume |