Hi @all
at first, i am not a SAP Guy. Hopefully you will support me too.
We try to use our LDAP-Directory as a single point for "basic user information adminstration".
This means: All our Basic-Informations like surenames, givennames, sap-logonname (equal the samaccountname), tel, and so on are administered in the LDAP.
Now we used in our testenvironment the LDAP-SYNC Report to synchronize the user from LDAP to SAP an the neccesarry attributes. This works fine.
But this report always sync all users!
In our case, we need to set a filter for all our sap systems.
This means: not all of our LDAP User are in all of our SAP-System. I must use a filteroption.
i understand there are two was to do this:
the first way is to put all users to an sperate OU in the LDAP - eg. all IS-U User in OU IS-U - all SRM User to SRM and so on. This don't work for us, cause many customers are in multiple sap-systems.
the second way ist to use a seperate LDAP attributt. eg. to extend the LDAP schema with attrbutes like sapsrmusername, sapisuusername and so. now i can use the filteroption in ldap_map report.
But we won't to extend out LDAP!
My plan is to use a filter in the RSLDAPSYNC_USER report by LDAP-Groups . eg. to use the "memberof" attribut or something else. Like: Sync only User if User a member of LDAP-Groupe SRM.
But i can't find any Option to do this.
Is it possble to filter by a membership?
There are to Options in the RSLDAPSYNC_USER for that i can't find definitions.
1.) "Use User Selection in LDAP Search Filter"
2.) User group (from / to)
Anyone an idea for me?
Best regards