SAP Knowledge Base Article - Preview

1923036 - Wildcard attribute mapping for creating users in UME

Symptom

You want to specify on which data source a principal should be created. For that, tags <homeFor> and <notHomeFor> are being used in the datasource configuration xml file.

As example, in the following case the users with ATTRIBUTE:SALES-001 as 'orgunit' will be created in CORP_LDAP, and not in PRIVATE_DATASOURCE. 

dataSource isPrimary="true" isReadonly="false" className="com.sap.security.core.persistence.datasource.imp.DataBasePersistence" id="PRIVATE_DATASOURCE">
<notHomeFor> 
  <principal type="user">
    <nameSpace name="com.sap.security.core.usermanagement">
      <attribute name="orgunit">
        <values>
          <value>ATTRIBUTE:SALES-001</value>
        </values> 
      </attribute>
    </nameSpace>
  </principal>
</notHomeFor>

<dataSource isPrimary="true" isReadonly="false" className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence" id="CORP_LDAP">
<homeFor> 
  <principal type="account"/>
  <principal type="user"> -
    <nameSpace name="com.sap.security.core.usermanagement">
      <attribute name="orgunit">
        <values>
          <value>ATTRIBUTE:SALES-001</value>
        </values>
      </attribute>
    </nameSpace>
  </principal>
</homeFor>

But usually there are several possible values for 'orgunit', and with that configuration they will not be taken into account. You need to specify all the possible values. Depending on the number of values you can think about using wildcards to save some time, setting a value as <value>*SALES*</value>, but this does not work as expected.


Read more...

Environment

  • SAP NetWeaver 7.3
  • SAP enhancement package 1 for SAP NetWeaver 7.3
  • SAP NetWeaver 7.4
  • SAP NetWeaver Composition Environment 7.1
  • SAP enhancement package 1 for SAP NetWeaver Composition Environment 7.1
  • SAP NetWeaver Composition Environment 7.2

Product

SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP NetWeaver 7.5 ; SAP NetWeaver Composition Environment 7.1 ; SAP NetWeaver Composition Environment 7.2 ; SAP enhancement package 1 for SAP NetWeaver 7.3 ; SAP enhancement package 1 for SAP NetWeaver Composition Environment 7.1

Keywords

wildcards, LDAP, UME, datasource, homefor, nothomefor   , KBA , BC-JAS-SEC-UME , User Management Engine , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.