Skip to Content

Introduction:

This blog details information to establish connection between SAP Cloud Connector and LDAP server. For purpose of this blog I have used open source LDAP server and configured LDAP server on my local desktop and installed SAP Cloud Connector to communicate with LDAP server.

I used windows version of Cloud Connector (Version: 2.10.1):

https://tools.hana.ondemand.com/#cloud

For LDAP server on local desktop I used OpenLDAP for windows:

https://www.userbooster.de/en/download/openldap-for-windows.aspx

Finally I used SAP Cloud Integration iFlow to update users in LDAP server using LDAP Adapter.

 

Installing & Configuring SAP Cloud Connector:

By no means I’m expert on Cloud Connector but by exploring existing blogs and SAP help site I was able to install windows version of Cloud Connector on my desktop.

References for Cloud Connector Installation/Configuration:

https://help.sap.com/viewer/cca91383641e40ffbe03bdc78f00f681/Cloud/en-US/204aaad4270245f3baa0c57c8ab1dd60.html

https://blogs.sap.com/2015/07/13/cloud-connector-a-brief-guide-for-beginners/

https://blogs.sap.com/2017/02/01/new-release-of-the-sap-hana-cloud-connector-v.2.9./

After successful installation of SAP Cloud Connector you will login into Cloud Connector localhost web-application.

Logon to the cloud connector administration UI by invoking the URL https://localhost:8443 using pre-defined user Administrator and password manage.

After the first logon, the initial password needs to be changed.

After successful installing of SAP Cloud Connector next step is to connect SAP Cloud Connector to your HCP sub-account.

Select Add Subaccount and provide details as shown below.

 

After adding Sub Account details status should show as connected. In my configuration I used location Id as SCP_TO_AD 

Similarly, when you log into HCP Cockpit you should see that SAP Cloud Connector is connected to your Subaccount.

This completes configuration of SAP Cloud Connector with HCP Subaccount.

 

Installing free Open-Source LDAP server & Configuration:

For this exercise, I installed free Open-Source LDAP server for Windows on my desktop. I used OpenLDAP for windows available here : https://www.userbooster.de/en/download/openldap-for-windows.aspx

It is light-weight, easy to install and to setup.

I followed setup instructions from their website listed here for installing their server.

https://www.userbooster.de/en/support/feature-articles/openldap-for-windows-installation.aspx

To keep it simple I used default BaseDN and default Admin user.

BaseDN:  dc=maxcrc,dc=com

Admin User: cn=Manager,dc=maxcrc,dc=com

Admin password: What ever you choosed at install time.

Connecting to Local LDAP server:

Use any of your favorite LDAP client and connect to installed server. I used free jxplorer LDAP client.

You can download it from here http://jxplorer.org/downloads/users.html

 

Connect to LDAP server and add users:

After connecting to LDAP server Add test users to integration. I added 2 users for this exercise.

For this exercise, I will update user “Bhargav Gogineni” uid: Jack to “Jack Updated” using SAP Cloud platform Integration iFlow.

Configure LDAP Server details in Cloud Connector:

After Cloud Connector is configured in Initial step now its time to configure “Cloud to On-Premise” LDAP server in Cloud Connector portal.

When Adding System Mapping, Select Non-SAP System for Back-end-Type as shown/highlighted in below image.

  • Protocol: We can use LDAP or LDAPS, I used LDAP for this example.
  • Internal Host: Machine name where you installed LDAP server. In my case it is “gbk”
  • Internal Port: Default port of LDAP server, 389

Virtual Host and Port details can be left same as Internal Host & Port, In this case I provided different Host Name and port.

  • Virtual Host: v.gbk
  • Virtual Port: 9389

Virtual Host and Virtual Port will be later used to connect to LDAP server from SAP Cloud Platform integration iFlow.

After entering configuration parameters save details. Make sure that LDAP server is “Reachable” from your Cloud Connector Portal.

As shown below, it confirms that LDAP server is reachable from Cloud Connector Portal.

Validate the LDAP server with Virtual Host name is visible in SAP Cloud Platform Cockpit.

This complete configuring LDAP server with Cloud Connector.

 

iFlow to connect with LDAP Server using LDAP Adapter using SAP Cloud Platform Integration:

In this exercise we are going to update single user in LDAP server which we created earlier using LDAP client.

We are going to build integration using SAP Cloud Platform Integration platform and leverage LDAP Adapter to update users.

  • User to be updated in LDAP server:
    dn=”cn=Bhargav Gogineni,ou=People,dc=maxcrc,dc=com”
  • Attribute to be Updated: uid
    From “Jack” to “Jack Updated

iFlow:

Script (Javascript):

Below script will construct message object with JNDI attributes and pass message object to LDAP Adapter which in turn will connect to LDAP server configured in Cloud Connector and will update the LDAP user.

importClass(com.sap.gateway.ip.core.customdev.util.Message);
importClass(java.util.HashMap);
importClass(javax.naming.directory.Attribute);
importClass(javax.naming.directory.BasicAttribute);
importClass(javax.naming.directory.BasicAttributes);
importClass(javax.naming.directory.Attributes);
 
function processData(message) {
    var body = message.getBody();
    
    var dn= "cn=Bhargav Gogineni,ou=People,dc=maxcrc,dc=com";
    var givenNameAttr = new BasicAttribute("uid", "Jack Updated");
    
    var attributes = new BasicAttributes();
    attributes.put(givenNameAttr);
    var resultingMap = new HashMap();
    resultingMap.put("dn", dn);
    resultingMap.put("attributes", attributes);
    message.setBody(resultingMap);
    return message;
}

 

LDAP Receiver settings:

Receiver Processing details:

 

LDAP Credentials definition:

 

After configuring/setting the LDAP server details in LDAP Adapter deploy the process to run. Process should have run successfully and update LDAP user in LDAP server.

Updated user settings in LDAP server:

 

Hoping that I have explained most of the steps in detail with screen shots.

Happy Learning !!!

To report this post you need to login first.

1 Comment

You must be Logged on to comment or reply to a post.

Leave a Reply