Skip Headers
Oracle® Identity Manager Connector Guide for SAP User Management
Release 9.0.4

E10444-10
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

1 About the Connector

Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. This guide discusses the procedure to deploy the connector that is used to integrate Oracle Identity Manager with SAP User Management.

Note:

Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.

This chapter contains the following sections:

Note:

In this guide, the term Oracle Identity Manager server refers to the computer on which Oracle Identity Manager is installed.

At some places in this guide, SAP User Management has been referred to as the target system.

1.1 Reconciliation Module

Reconciliation involves duplicating in Oracle Identity Manager the creation of and modifications to user accounts on the target system. It is an automated process initiated by a scheduled task that you configure.

See Also:

The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Concepts Guide for conceptual information about reconciliation configurations

This section discusses the elements that are extracted from the target system by the reconciliation module for constructing reconciliation event records. The following are features of the reconciliation module:

Based on the type of data reconciled from the target system, reconciliation can be divided into the following types:

1.1.1 Lookup Data Reconciliation

The following lookup fields are reconciled:

  • Lookup.SAP.R3.Roles

  • Lookup.SAP.R3.TimeZone

  • Lookup.SAP.R3.LangComm

  • Lookup.SAP.R3.UserTitle

  • Lookup.SAP.R3.DecimalNotation

  • Lookup.SAP.R3.DateFormat

  • Lookup.SAP.R3.UserGroups

  • Lookup.SAP.R3.CommType

  • Lookup.SAP.R3.Profiles

The following lookup fields are not reconciled:

  • Lookup.SAP.R3.UserType

  • Lookup.SAP.LockUnlock

  • Lookup.SAP.R3.FieldNames

  • Lookup.SAP.R3.FieldNamesX

  • Lookup.SAP.R3.BAPIKeys

  • Lookup.SAP.R3.BAPIXKeys

1.1.2 User Reconciliation

User reconciliation can be divided into the following:

1.1.2.1 Reconciled SAP User Management Resource Object Fields

The following fields are reconciled:

  • Extension

  • Telephone

  • Time Zone

  • Lang Logon

  • User Group

  • Department

  • Lang Comm

  • Last Name

  • First Name

  • User Title

  • User ID

  • Start Menu

  • User Type

  • Alias

  • Lock User

  • Communication Type

  • Code

  • Building

  • Floor

  • Room No

  • Function

  • Decimal Notation

  • Date Format

  • Email Address

  • Fax

  • User Profile

  • User Role

1.1.2.2 Reconciled Xellerate User (OIM User) Fields

If trusted source reconciliation is implemented, then the following fields are reconciled:

  • User ID

  • FirstName

  • LastName

  • Organization

  • Email

  • Employee Type

  • User Type

1.2 Provisioning Module

Provisioning involves creating or modifying a user's account on the target system through Oracle Identity Manager. You use the Oracle Identity Manager Administrative and User Console to perform provisioning operations.

See Also:

The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Concepts Guide for conceptual information about provisioning

For this target system, the following fields are provisioned:

1.3 Supported Functionality

The following table lists the functions that are available with this connector.

Function Type Description
Create User Provisioning Creates a user in SAP User Management
Update User Provisioning Updates a user in SAP User Management
Delete User Provisioning Deletes a user from SAP User Management
Lock User Provisioning Locks a user in SAP User Management
UnLock User Provisioning Unlocks a user in SAP User Management
Add User Role Provisioning Adds a role to a user in SAP User Management
Add User Profile Provisioning Adds a profile to a user in SAP User Management
Remove User Role Provisioning Removes the role of a user in SAP User Management
Remove User Profile Provisioning Removes the profile of a user in SAP User Management
List Roles of User Provisioning Lists the roles of a user in SAP User Management
List Profiles of User Provisioning Lists the profiles of a user in SAP User Management
List All Roles Provisioning Lists all the roles present in SAP User Management
List All Profiles Provisioning Lists all the profiles present in SAP User Management
Reconciliation Insert Received Reconciliation Creates a user in Oracle Identity Manager if a user is created in SAP User Management
Reconciliation Update Received Reconciliation Updates a user in Oracle Identity Manager if a user is updated in SAP User Management
Reconciliation Delete Received Reconciliation Deletes a user from Oracle Identity Manager if a user is deleted from SAP User Management

See Also:

Appendix A for information about attribute mappings between Oracle Identity Manager and SAP User Management.

1.4 Multilanguage Support

This release of the connector supports the following languages:

See Also:

Oracle Identity Manager Globalization Guide for information about supported special characters

1.5 Files and Directories on the Installation Media

The files and directories on the installation media are listed and described in Table 1-1.

Table 1-1 Files and Directories on the Installation Media

File in the Installation Media Directory Description
Configuration/SAPBIW-CI.xml
Configuration/SAPCRM-CI.xml
Configuration/SAPR3-CI.xml

This connector supports the following target systems:

  • SAP BIW

  • SAP CRM

  • SAP R/3

These XML files contain configuration information that is used during connector installation.

BAPI/xlsapcar.sar

This file contains information for configuring the SAP system so that the connector is able to access the APIs on the target system.

lib/SAPAdapter.jar

This JAR file contains the class files that are required for provisioning. During connector deployment, this file is copied into the following directory:

OIM_HOME/xellerate/JavaTasks
lib/SAPAdapterRecon.jar

This JAR file contains the class files that are required for reconciliation. During connector deployment, this file is copied into the following directory:

OIM_HOME/xellerate/ScheduleTask

Files in the resources directory

Each of these resource bundle files contains language-specific information that is used by the connector. During connector deployment, this file is copied into the following directory:

OIM_HOME/xellerate/connectorResources

Note: A resource bundle is a file containing localized versions of the text strings that are displayed on the Administrative and User Console. These text strings include GUI element labels and messages.

test/troubleshoot/troubleShootingUtility.class

This utility is used to test connector functionality.

test/troubleshoot/global.properties

This file is used to specify the parameters and settings required to connect to the target system by using the testing utility.

test/troubleshoot/log.properties

This file is used to specify the log level and the directory in which the log file is to be created when you run the testing utility.

xml/SAPBIWResourceObject.xml

This file contains definitions for the following components of the SAP BIW connector:

  • IT resource definition

  • SAP User form

  • Lookup definitions

  • Connectors

  • Resource object

  • Reconciliation scheduled tasks

xml/SAPBIWXLResourceObject.xml

This XML file contains the configuration for the Xellerate User (OIM User). You must import this file only if you plan to use the connector in trusted source reconciliation mode.

xml/SAPCRMResourceObject.xml

This file contains definitions for the following components of the SAP CRM connector:

  • IT resource definition

  • SAP User form

  • Lookup definitions

  • Connectors

  • Resource object

  • Process definition

  • Reconciliation scheduled tasks

xml/SAPCRMXLResourceObject.xml

This file is used only if the connector is configured as a trusted source. The SAPCRMXLResourceObject.xml file contains only the Oracle Identity Manager resource objects and dependent values.

xml/SAPR3ResourceObject.xml

This XML file contains definitions for the following components of the connector:

  • IT resource definition

  • SAP User form

  • Lookup definitions

  • Adapters

  • Resource object

  • Process definition

  • Reconciliation scheduled tasks

xml/SAPR3XLResourceObject.xml

This XML file contains the configuration for the Xellerate User (OIM User). You must import this file only if you plan to use the connector in trusted source reconciliation mode.


Note:

The files in the troubleshoot directory are used only to run tests on the connector.

1.6 Determining the Release Number of the Connector

You might have a deployment of an earlier release of the connector. While deploying the latest release, you might want to know the release number of the earlier release. To determine the release number of the connector that has already been deployed:

  1. In a temporary directory, extract the contents of the following JAR file:

    OIM_HOME/xellerate/JavaTasks/SAPAdapter.jar
    
  2. Open the manifest.mf file in a text editor. The manifest.mf file is one of the files bundled inside the SAPAdapter.jar file.

    In the manifest.mf file, the release number of the connector is displayed as the value of the Version property.