Show TOC Start of Content Area

This graphic is explained in the accompanying text Example: Self-Managed Passwords  Locate the document in its SAP Library structure

Denise DeLassandros wants to read her user data from the LDAP directory, but wants to enable users to change their own passwords. She sets all user attributes to read-only, except for j_password.

Note

Some LDAP directories require you to use Secure Sockets Layer (SSL) to protect communication between the user management engine (UME) and the LDAP directory.

For more information, see Configuring SSL Between the UME and an LDAP Directory.

 

Denise modifies her data source configuration file as follows:

Example

<dataSource id="CORP_LDAP" 
      className="<impl class>" 
      isReadonly="false" 
      isPrimary="true">
    ...
    <responsibleFor>

        
<principal type="user">
            
<nameSpace name="com.sap.security.core.usermanagement">
                <attribute name="uniquename" readonly="true"/>
                <attribute name="firstname" readonly="true"/>
                <attribute name="lastname" readonly="true"/>
                <attribute name="..." readonly="true"/>
        ...
            
</nameSpace>
        
</principal>
        
<principal type="account">
            <nameSpace name="com.sap.security.core.usermanagement">
                <attribute name="j_user" readonly="true"/>
                <attribute name="j_password"/>
                <attribute name="..." readonly="true"/>
        
            
</nameSpace>
        
</principal>
    
</responsibleFor>
    
...
  
</dataSource>

 

 

 

End of Content Area