cancel
Showing results for 
Search instead for 
Did you mean: 

GRC AC 10.1 - LDAP Synchronization Issue

0 Kudos
1,461

Hi Experts!

We are implementing GRC AC 10.1 and i´m having an issue with LDAP User Synchronization. Company has AD with users in several OU so we need to do synchronization at root level (i think is not possible to configure multiple base entry).

Im able to use "find" option from LDAP transaction at root level and this is working fine; even if i do a synchronization configuring only one OU like base entry it works fine too. But, if i want to do synchronization at root level, it does not work (i get total count:0  from synchronization).

Im working with GRAC AC10.1, SP 7. I have followed several SCN threads and SAP Notes about LDAP Sync issues but i haven´t had any success.

I have tried using port 3268 and 389. From SLG1 i only get a warning: user adapter is empty (for the record, i have already read this ) and SAP note 1755767).

LDAP connector name is identical to LDAP Server name

Any suggestions or comments would be appreciated.

Thanks!

View Entire Topic
0 Kudos

Rafael / Paichha:

Thanks for your replies, i could made a full synchronization with AD by increasing "maxpagesize" parameter in AD configuration (following note 1823253) and making page size = 500 in LDAP tcode .

Now im tryng to use a filter for the register that sync job brings. For example, we need to synchronize only users with extensionAttribute1=Activo to reduce amount of registers in synchornization.

At this moment job is synchonizating deactive users, computers, printers, etc. and we only need active users.

¿Any idea about it?


Thanks again!

Emiliano

former_member193066
Active Contributor
0 Kudos

Hello,

I hope you followed the guide LDAP config guide,

The filter are choosed from Maintain mapping for action and connection type.

there might be note for deactivated users.

Regards,'

Prasant

0 Kudos

Hello Emiliano,

Actually I am not familiarized with adding parameters in sync, but I think the only way is in SPRO, assigning attributes to the connector, with parameter OTHERS.

Kind Regards,

Rafael Guimbala