-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
- SAP Community
- Products and Technology
- Product Lifecycle Management
- PLM Q&A
- UME & LDAP setting, Cannot add more UME MII users ...
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
UME & LDAP setting, Cannot add more UME MII users in NW7.1/MII 12.1.5
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on ‎2011 Apr 28 3:54 PM
- SAP Managed Tags
- SAP Manufacturing Integration and Intelligence
- MAN (Manufacturing)
We're using MII 12.1.5 (Build 85), configured with standard DB+LDAP authentication.
Data source: MicrosoftADS (Deep Hierarchy) + Database
Data Source File Name: dataSourceConfiguration_ads_deep_writable_db.xml
I need to a dd some users to the system, not existing in the Active Directory list (i.e. temporary access). When I try to add them to the UME database, the system is telling me I'm in trouble.
[LDAP: error code 50 - 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 ]
Where should I look to elevate my rights, since I'm already logging in with the highest access on the system?
Regards,
paul.
Need more details?
Request clarification before answering.
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Paul,
I am no UME expert (so far I've had only read only rights to UME ) but just googling your error tells me that this is coming from the Active Directory as in you are trying to create a user in AD (via UME) as opposed to in the UME itself.
May be this is what is going wrong in your case.
Just a thought, hope it helps.
Thanks
Udayan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Udayan,
If NW wants to add an user in AD, then the AD user specified in the configuration has to have enough rights to do that (which doesn't unfortunately, and won't have ever). I am looking to add more users in UME, not in AD.
In my case, the Active Directory structure extends on multiple levels. For example, there is an AD server for corporate and then another AD servers for plants. The users in the plants are able to connect to the plant MII using their local credentials, but they cannot authenticate to the corporate MII development box (not being visible from the corporate AD leaf). Therefore, being a handful of names, I was thinking to add them in UME and bypass the AD authentication in their case (not being an AD expert) for the development server.
Who said networking is easy? I can't remember ..
j/k
paul.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Florin,
Here we go,
<dataSources>
<dataSource id="PRIVATE_DATASOURCE" className="com.sap.security.core.persistence.datasource.imp.DataBasePersistence" isReadonly="false" isPrimary="true">
...
<dataSource id="CORP_LDAP" className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence" isReadonly="false" isPrimary="true">
Looking at this cfg xml .. can be both primary?
paul.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi (Salut) Paul
Please search for a property like
<homeFor>
<principals>
<principal type="user"/>
</principals>
</homeFor>
If it's defined for both datasources then when you try to create a user, it doesn't know where to create it.
if it's not defined for none of the datasource, then just add in the datasource where you want to create the users.
you can get more details regarding your error from defaulttrace
Regards,
Florin
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sal'tare!
We've found something which might solve the issue .. eventually. The LDAP Groups were changed (i.e. in fact the server alltogether was changed, and now the MII groups settings do not reflect the reality). I'll let you know what happens after the LDAP communication is restored ..
many thanks
paul.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Answers (0)
Bluesky- New Content Updates for Product Compliance in Product Lifecycle Management Blog Posts by SAP
- Extending Standard Timesheet v4 App Using SAPUI5 Adaptation Project in BAS – Is in Product Lifecycle Management Q&A
- What are the best practices for setting up SAP PLM in a new S/4HANA environment? in Product Lifecycle Management Q&A
- Step-by-Step Guide to Setting Up Retrofit in SAP Cloud ALM in Product Lifecycle Management Blog Posts by Members
- How to apply a filter on a single property of a data set using more than one value of this property in Product Lifecycle Management Q&A
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.