Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Initial password when LDAP user created i SAP?

Former Member
0 Kudos
423

Hi,

I'm about to configure LDAP integration with SAP, where users that exist only on the LDAP server are created in SAP.

Are any initial passwords automatically set for these users in SAP, or will an administrator have to go in and set an initial password for all created users?

Thanks, Oscar

4 REPLIES 4

Former Member
0 Kudos
156

Hi,

I assume you will use the LDAP synchronization in an ABAP system. Here you have to maintain the fields to be synchronized. The password field is typically not synchronized but you can fill in the logondata hashvalue. I never tried to get the hashvalue out of LDAP because LDAP and SAP may use different hash algorithms. The better way is to set a fixed value in the mapping. You can use SAP functions to maintain the hashvalue.

Transaction for maintaining the mapping: LDAPMAP.

Regards

Rainer

0 Kudos
156

This sounds interesting. I've used LDAPMAP to map by SAP fields to LDAP fields, but I thought I always had to provide an LDAP field in my mapping. Do you mean I can map a SAP field (e.g. BAPIPWD) using LDAPMAP to a function module (that e.g. generates an initial password), without mapping it to a LDAP field?

Thanks

Former Member
0 Kudos
156

Just ran a synchronization and noticed the password was deactived for newly created users, which is perfectly fine.

However, I'm still interested in if you can assign a value to SAP fields manually through LDAPMAP without entering any directory attribute. E.g. if I want to import 1000 users from SAP to AD and want to automatically give all a very basic role in SAP (that does not have any relation to their LDAP role). But his might be easier to achive after importing them?

0 Kudos
156

Have you solved this problem?

I need the same requirement...