/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
Customers on NEO IPS tenants that have real time user sync enabled, or want to enable real time user sync, need to upload the renewed LMS certification in IPS by September 4th on preview environments and September 7th-8th in production at the latest. Customers with converged IPS tenants are not affected.
Neo tenants have URLs of the following format:
- *ips-<customer_account>.dispatcher.hana.ondemand.com/
- For example: https://ips-a12345sdf678.dispatcher.ca1.hana.ondemand.com/webapp/index.html
Converged cloud tenants have URLs of the following format:
- *.accounts.ondemand.com/ips
- For example: https://best-run.accounts.ondemand.com/ips
More info on Tenant Infrastructure: here
Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.
Environment
- SAP SuccessFactors Learning
- SAP Cloud Identity Services
Resolution
Consequences
For NEO IPS customers already activated with LMS-IAS without the new LMS certificate: newly created users will not be created in IAS near real-time; however, they would be created in IAS and receive the activation email the next time the IPS read job runs.
For NEO IPS customers wishing to upgrade to LMS-IAS without the new LMS certificate: the real time user sync test as part of the activation wizard will fail.
Resolution Options
- Customers can migrate their NEO IPS tenant to SAP Cloud Identity infrastructure following the steps outlined here. Once migrated customers will not have to import the new certificate.
- Customers can import the new mTLS certificate to their NEO IPS tenant following the steps below:
- IMPORTANT: Only delete the old certificate after the Learning tenant is upgraded to 2H 2023 version, otherwise the above consequences will happen. IPS supports multiple certificates at the same time.
- Download the certificate from the attachments of this KBA.
- In the Identity Provisioning admin console, select the LMS source system.
- Select the Inbound Certificates tab, choose Import, and select the new certificate (Note: you should delete the old certificate). More info on managing certificates here.
Keywords
IAS, IPS, cert, certificate, expired, expiration, user, creation, sync, real, time, update, read, job, , KBA , LOD-SF-LMS-IAS , LMS IAS Integration for External User , How To
Product
Attachments
| lms_ias_mtls_pub.zip |
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)