Easily Query Active Directory Information Using Lightweight Directory Access Protocol

  • by Sebastian Jungels, Senior Consultant, ecenta AG
  • May 26, 2011
Many companies store their user-related data in a central repository rather than in multiple locations. Applications used by employees access this data in order to prevent redundant data storage and additional data maintenance activities. See how to set up a connection to an Active Directory in SAP CRM, how to access it with Lightweight Directory Access Protocol (LDAP), and how to execute queries. Two examples show how to configure the necessary steps in SAP CRM and process the data that is returned by an LDAP query.
Key Concept
Lightweight Directory Access Protocol (LDAP) allows you to access an Active Directory (e.g. a company’s corporate address book, phone book, etc). Depending on the user’s access, the user can search, create, or manipulate existing and new data. LDAP specifies the communication between an LDAP server and its clients. The LDAP directory is a hierarchical, tree-like structure with roots as the top node and multiple entries that have a name and one or more attributes. The attributes are described in a schema. The protocol provides different methods to establish a connection (bind) to an LDAP server, to end a connection (unbind), as well as to search, read, create, and change entries in a directory. 

The majority of queries on an Active Directory are most likely to be determined during runtime and therefore created dynamically by some sort of code. A Lightweight Directory Access Protocol (LDAP) browser can be helpful to test or verify that a query returns the required information. It is also very convenient to browse the directory’s structure as you can see how the organizational units (the entities within an Active Directory, not SAP CRM’s organizational model) and the respective entities (e.g. users, computers, printers) fit together. An organizational unit in the LDAP sense reflects a logical grouping of entities (e.g., a group of users of different locations within an enterprise). The Softerra LDAP Browser, which is well-known for browsing and analyzing LDAP directories, is available for free downloading at http://www.ldapbrowser.com/download.htm.

Use Cases

As I mentioned earlier, the purpose of a directory within an organization is to store phone numbers, address information, etc., in a central place that can be accessed by different tools (e.g., a mail program). The use cases below show how LDAP can integrate into SAP CRM:

Sebastian Jungels

Sebastian Jungels is a senior consultant with ecenta AG and has several years of experience in international SAP projects focusing on SAP CRM implementations. He has a both a technical and functional background, and his project roles include team lead and project manager.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.