Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Changing Users in MS Active Directory from SAP

Go to solution
Former Member

‎2013 Jul 04 3:48 PM

0 Likes
768

Hi experts

In our company we have legacy system which creates users in MS Active Directory and then saves username and e-mail created on IT0105 on HCM.

Now when an employee changes some of his information (eg. Building or extension) we must to change it on AD.

Our Basis have configured a conection with AD on LDAP txn and SAP is conecting succesfully on AD. But when we run our test report to conect no AD and receive logins that already exists LDAP_READ returns nothing. Do you have any idea of what we might have missed on this configuration?

REPORT zteste30.

DATA :    attributes_ldap    TYPE ldapastab,

             wa_attributes_ldap TYPE ldapas,

             basisdn       TYPE LDAPDEFS-BASE,

             filter        TYPE ldap_filts,

             ldaprc        TYPE ldapdefs-ldrc,

             entries_ldap       TYPE ldapetab,

             serverid      TYPE  ldapserver-serverid.

CLEAR attributes_ldap.

   wa_attributes_ldap-name = 'OBJECTCLASS'.

   wa_attributes_ldap-typ = 'C'.

   APPEND wa_attributes_ldap TO attributes_ldap.

basisdn = 'CN=SAPHRLDAPQ,OU=Contas de Servicos,OU=Usuarios,OU=Eletrobras,DC=int,DC=eletrobras,DC=gov,DC=br'

   serverid = 'ELB1101'.

   CALL FUNCTION 'LDAP_SYSTEMBIND'

     EXPORTING

       serverid     = serverid

       writeread    = 'W'

     EXCEPTIONS

       no_authoriz  = 1

       config_error = 2

       nomore_conns = 3

       ldap_failure = 4

       not_alive    = 5

       other_error  = 6

       OTHERS       = 7.

   IF sy-subrc EQ 0.

     CALL FUNCTION 'LDAP_READ'

       EXPORTING

         base          = basisdn

*        base_string   = basisdn

         scope         = 2

         filter_string = filter

         attributes    = attributes_ldap

       IMPORTING

         ldaprc        = ldaprc

         entries       = entries_ldap

       EXCEPTIONS

         no_authoriz   = 1

         conn_outdate  = 2

         ldap_failure  = 3

         not_alive     = 4

         other_error   = 5

         OTHERS        = 6.

     IF sy-subrc EQ 0.

       IF entries_ldap[] IS NOT INITIAL.

"        p_lv_exist = 'X'.

       ENDIF.

     ENDIF.

   ENDIF.

   CALL FUNCTION 'LDAP_UNBIND'

     EXCEPTIONS

       conn_outdate = 1

       ldap_failure = 2

       not_alive    = 3

       other_error  = 4

       OTHERS       = 5.

Thanks in Advance

Josie Nascimento

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2013 Jul 04 3:53 PM

0 Likes
617

Check once http://scn.sap.com/thread/1243903

2 REPLIES 2
Read only

Go to solution
Former Member

‎2013 Jul 04 3:53 PM

0 Likes
618

Check once http://scn.sap.com/thread/1243903

Read only

Go to solution
Former Member
In response to Former Member

‎2013 Aug 09 9:28 PM

0 Likes
617

Soumyasanto thanks for your answers but we solved our own.

We've talked with our AD administrator and found out our basisdn field was filled wrong.

Now we can retrieve entries on AD using FM LDAP_READ.

The table ENTRIES_LDAP returns all logins on AD on field DN and a table ATRIBUTES with all field of AD.

We are using the importing field ATRIBUTES of FM LDAP_READ to select an exact entrie of AD we want to change.