Use this procedure if your user management engine (UME) uses SAP NetWeaver Application Server (AS) ABAP as the data source, but you have an LDAP directory with information you want to use, such as the following:
You can also use this procedure if you have an existing AS ABAP synchronized with a directory service and you want to add an AS Java to the landscape.
Users log on to the AS Java using the password stored in the directory service, even though the AS ABAP is the data source for the AS Java. If necessary, the AS ABAP synchronizes its user data with the directory service. The figure below illustrates this system landscape.
AS ABAP with Directory Service Synchronization as Data Source for AS Java
Users logged into the AS Java cannot access content in the AS ABAP. To enable logon to the AS ABAP, enable Single Sign-On with logon tickets and enable logon ticket support for the AS ABAP.
For more information, see SAP NetWeaver Application Server for ABAP User Management as Data Source .
For more information, see the directory service documentation.
The directory service configuration file governs the configuration between the AS Java and the directory service. If your directory service configuration demands it, you can customize the configuration. For example, if you want to support a deep hierarchy or Secure Sockets Layer (SSL).
We recommend you use the standard configuration files whenever possible. To configure SSL between the UME and the directory service, you must customize the directory service configuration file. The directory service configuration for the Microsoft directory service supports SSL by default.
More information: Customizing a Directory Service Configuration File .
Do not use the data source configuration files for directory services or attempt to configure the directory service connection from the UMEconfiguration user interface.
For more information, see Configuring User Management .
The table below lists the configuration settings for LDAP integration with an AS ABAP data source.
Configuration Settings for LDAP Integration
LDAP Server ID
Select from the LDAP directory servers configured for directory service synchronization.
LDAP Server Password
Enter the password used by the communications user in the ABAP system for directory server. Choose the Refresh pushbutton to display the name of the user in the LDAP Server User field.
LDAP Logon Attribute
Indicates the mapped attribute set with the Filter indicator.
You can enter a different directory attribute with the logon ID for users.
If the test fails, check the connection parameters a try again.
The UME first checks in the directory service for the user, identifying the user by the logon attribute selected in the AS ABAP configuration for the directory service synchronization.
Flowchart of Logon Process