Data Managed by LDAP and JD Edwards EnterpriseOne
This table explains how user data is managed by LDAP and EnterpriseOne, as well as how the security kernel uses this information:
Data Category |
LDAP |
EnterpriseOne |
Comment |
---|---|---|---|
EnterpriseOne User ID |
Yes |
Yes F0092 |
If you enable LDAP support in EnterpriseOne, the security kernel validates the user from the LDAP database. The security kernel synchronizes this data from LDAP to EnterpriseOne only when this data is in the LDAP server and not in EnterpriseOne. |
Enterpriseone Long User ID |
Yes |
Yes F0092L |
Long user ID to short user ID mapping table. |
EnterpriseOne User Password |
Yes |
Yes F98OWSEC |
If LDAP is enabled, the user password is always stored in LDAP. If LDAP is not enabled, the user password is stored in the F98OWSEC table in EnterpriseOne. |
User-Role Relationship |
Yes |
Yes F95921 |
If the user-role relationship is defined to execute through LDAP, the user-role relationship is synchronized from the LDAP server to EnterpriseOne. If the user-role relationship is defined to execute through EnterpriseOne, the data is stored in the EnterpriseOne database in the F95921 table. |
EnterpriseOne System User |
No |
Yes F98OWSEC |
Not managed in the LDAP server. EnterpriseOne requires each user to have a system user specified for access to the EnterpriseOne database. The database user is set by the EnterpriseOne system administrator in the EnterpriseOne security table, F98OWSEC. If there are no valid system user settings, the EnterpriseOne security kernel will not validate the user. |
Definition of Role |
Yes |
Yes F0092 |
The user-role relationship is synchronized from the LDAP server to the EnterpriseOne database for roles defined in the EnterpriseOne database. However, the system does not synchronize role definitions from the LDAP server to the EnterpriseOne database. Therefore, role definitions must exist in both systems. |
EnterpriseOne User Profile Attributes |
No |
Yes F00921 and F0092 |
Not managed in LDAP. EnterpriseOne requires additional user profile attributes that are not generally defined through equivalent attributes in LDAP. Therefore, you can manually set these attributes. You can also specify these values in the default user profile settings for LDAP so that these settings are included for each user that is synchronized from LDAP to EnterpriseOne. See Modifying the LDAP Default User Profile Settings. Some of these attributes include:
|