JDE E1 - LDAP Support

Have a new install of JDE E1. AS400 back-end, Linux 5 OAS.

Will the OAS OSSO LDAP support allow me to use Microsoft Active Directory usernames ( longer then 10 chars ), with MSAD passwords ( 10 chars or less )?

Or do I have to go the OID route. Oracle Identity Manager on a separate server.

If you have done this, please tell what you minimum install footprint was. The CNC I am working with has never done this before and we need some help.

No, you can't do that with the LDAP support, regardless of which LDAP server you use. There is also no requirement to use OID or Oracle SSO in any configuration. When you're talking basic LDAP support for user authentication, it's important to recognize that it is different than redirecting authentication to an access or single sign-on server. With EnterpriseOne, you can use the former for either thick or thin clients, and the latter for only the HTML client.

You could accomplish this long username support with Oracle Access Manager or Oracle SSO at the JAS layer.

Thanks, I did a post similar to this one in that long thread about SSO & LDAP. Just want confirmation to be sure I understand.

We have current release of E1 on AS400 and OAS 10.1.3.3. on Linux 5.

My goal is to authenticate web client users to MS Active directory using long usernames with a 10 char limited password. Users will enter usernames and password on JDE login web page. Fat clients will use short E1 IDs.

So my question is: Can OAS 10.1.3.3 with SSO module loaded be setup to do this without OID or other infrastructure? Assuming I set it up correctly in JAS instance and populate long user name mapping in the SSO Environment Configuration Tools.

Or am I missing something.

[ QUOTE ]

So my question is: Can OAS 10.1.3.3 with SSO module loaded be setup to do this without OID or other infrastructure? Assuming I set it up correctly in JAS instance and populate long user name mapping in the SSO Environment Configuration Tools.


[/ QUOTE ]

You still need other infrastructure.

With Oracle Access Manager (OAM), you can....but it's not as simple as enabling SSO support in JAS and pointing it to an Active Directory server.

OAM doesn't require OID or other Oracle SSO infrastructure, but it is still a separate suite of components. The real benefit there is it is meant to work with both OAS and WAS...but you're already on OAS, so the WAS support isn't really much of a benefit to you I would have to assume.

You might be able to do something else that is not supported, but as it stands, OAM and, separately, Oracle OID/SSO are the two supported methods of which I'm presently aware.

[ QUOTE ]
but as it stands, OAM and, separately, Oracle OID/SSO are the two supported methods of which I'm presently aware.

[/ QUOTE ]

If these are separate I am left confessed by that attached document. It seems to suggest using SSO alone or OAM. Maybe I miss read it and both together.

Will following pages 4-7 ONLY work, or do I follow this entire document to get want I am looking for.

Any insight to this document and the 2 sections would be appreciated.

[ QUOTE ]
Will following pages 4-7 ONLY work, or do I follow this entire document to get want I am looking for.

[/ QUOTE ]

I got an answer from a Identity Management specialist at Oracle. Pages 4 -7 assume you have OID in place. OSSO only works with Oracle's LDAP server.

They went on to say that if a customer does not have Oracle's LDAP directory, then Oracle Access Manager is the better way; this is the direction Oracle is headed in the future.