LDAP and JD Edwards EnterpriseOne Relationships

The LDAP system administrator must understand the logical and database-dependent relationships between the LDAP server and EnterpriseOne. The administrator directly or indirectly controls the logical flow of events and where specific data resides based on the setting of system variables in the EnterpriseOne Enterprise Server jde.ini file and settings specified in the LDAP Server Configuration Workbench application (P95928).

The security kernel on the Enterprise Server is responsible for ensuring the integrity of the security within EnterpriseOne. If this kernel is not running correctly or cannot locate requisite data, users cannot sign in to EnterpriseOne. However, when the security kernel is properly configured, the system verifies the user credentials from data within the user profiles. In this case, the following two scenarios are possible:

• You can configure EnterpriseOne to use LDAP to manage user profiles.

• You can configure EnterpriseOne to use LDAP to manage user-role relationship data.

LDAP does not support certain user profile information. Such information remains in the domain of the EnterpriseOne Server and must be maintained by the EnterpriseOne system administrator. Therefore, two distinct and separate user profiles may exist:

• LDAP user profile

  This profile includes the user ID and password and can include user-role relationships.

• JD Edwards EnterpriseOne user profile

  The information contained in this profile is stored in the EnterpriseOne database. Examples of such information include the date separator, the decimal separator, and so on.