Skip Headers
Oracle® Identity Manager Connector Guide for SAP Enterprise Portal
Release 9.0.1
Part Number B31136-01
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us
Go to previous page
Previous		 Go to next page
Next
View PDF

2 Deploying the Connector

Deploying the connector involves the following steps:

Step 1: Verifying Deployment Requirements

The following table lists the deployment requirements for the connector.

Item Requirement
Oracle Identity Manager Oracle Identity Manager release 8.5.3 or later
Target system host platform SAP 4.7
Infrastructure requirements SAPEP 6.0 with WAS 6.2 on SAP 4.7, UME 4.0 on SAPEP 6.0, and Axis 1.3
External code Apache Axis JAR files. These are listed in Files and Directories That Comprise the Connector.

Step 2: Copying the Connector Files and External Code

This section describes how you can access the connector files, download external code files, and copy these into appropriate locations to deploy the connector. This section contains the following subsections:

See Also:

Files and Directories That Comprise the Connector

Downloading JAR files from SAP Enterprise Portal

To download these JAR files from SAP Enterprise Portal:

  1. Open the WinRar utility.

  2. Browse to the D:\usr\sap\EP6J\j2ee\j2ee_00\cluster\server\services\servlet_jsp\work\jspTemp\irj\root\ directory in WinRar.

  3. Click the Find button in WinRar.

  4. Enter the class name in the File Names field to find and keep Disks and folders to Current folder.

  5. Specify * as the archive type.

  6. Select all three check boxes that begin with the word Find, and ensure that the remaining check boxes are not selected.

  7. Click OK.

  8. Note the directory path in the results displayed.

  9. Copy the JAR file from the directory whose path that you noted.

Downloading the External Code: Apache Axis JAR Files

Download the Apache Axis JAR files that are required for SOAP communication with the Web service running on the SAPEP 6.0 server. The version of Axis used is axis-1_3. You can download the JAR files from

http://ws.apache.org/axis/

Copy these JAR files into the JavaTasks directory of Oracle Identity Manager.

Copying the Connector Files

The following table describes the files that you need to copy from the SAP Enterprise Portal_versionno directory and the respective destination directories.

File to Be Copied Destination
xml\SAPEPResourceObject.xml

xml\SAPEPXLResourceObject.xml

 OIM_HOME\Xellerate\SAP_EP1.0.0\xml 
lib\SAP_EP_jar\SAPEPConnector.jar
OIM_HOME\Xellerate\JavaTasks
All JAR files in the lib\SAP_EP_jar.zip file OIM_HOME\Xellerate\JavaTasks
par\WSPortlet.par See Step 3: Deploying Web Services on the Target System
JAR files in the lib\SAP_EP_par.zip file \lib directory of the SAP Enterprise Portal installation. For example:

D:\usr\sap\EP6J\j2ee\j2ee_00\cluster\server\services\servlet_jsp\work\jspTemp\irj\root\WEB-INF\portal\lib directory
troubleshoot/troubleshoot.properties

troubleshoot/TroubleShootingUtility.class

 Any folder where you intend to run test cases and troubleshoot from.

For example: C:\test\troubleshoot

 
docs\B31136_01.pdf
docs\html
OIM_HOME\Xellerate\SAP_EP1.0.0\docs\

Step 3: Deploying Web Services on the Target System

To be able to use Web Services with the SAP Enterprise Portal connector, you need to deploy the WSPortlet.par file as follows:

  1. Log in to SAP Enterprise Portal as the administrator.

  2. Click the Java Development tab, the Development secondary tab, and then Component Manager.

  3. In the Archive Uploader area, browse to the WSPortlet.par file, and then click Upload. After the file is uploaded, an INFO message is displayed.

  4. From the list in the Archive Deployment Checker area, select WSPortlet, and then click Refresh.

Step 4: Importing the Connector XML File

To import the connector XML file into Oracle Identity Manager:

  1. Open the Oracle Identity Manager Administrative and User Console.

  2. Click the Deployment Management link on the left navigation bar.

  3. Click the Import link under Deployment Management. A dialog box for locating files is displayed.

  4. Locate and open the SAPEPResourceObject.xml file, which is in the OIM_HOME\Xellerate\xml directory. Details of this XML file are shown on the File Preview page.

  5. Click Add File. The Substitutions page is displayed.

  6. Click Next. The Confirmation page is displayed.

  7. Click Next. The Provide IT Resource Instance Data page for the SAP EP IT resource is displayed.

  8. Specify values for the parameters of the SAP EP IT resource. Refer to the table in the Defining IT Resources section for information about the values to be specified.

  9. Click Next. The Provide IT Resource Instance Data page for a new instance of the SAP EP IT resource type is displayed.

  10. Click Skip to specify that you do not want to define another IT resource. The Confirmation page is displayed.

    See Also:

    If you want to define another IT resource, then refer to Oracle Identity Manager Tools Reference Guide for instructions.

  11. Click View Selections.

    The contents of the XML file are displayed on the Import page. You may see a cross-shaped icon along with some nodes. You must remove these nodes. To do this, right-click each such node and then select Remove.

  12. Click Import. The connector file is imported into Oracle Identity Manager.

  13. If you plan to use the connector in trusted source reconciliation mode, then perform the same procedure to import the SAPEPXLResourceObject.xml file. This file is in the OIM_HOME\Xellerate\xml directory.

    Caution:

    Only one connector can be configured as a trusted source. If you import the SAPEPXLResourceObject.xml file while you have another trusted source configured, then both connector reconciliations would stop working.

Defining IT Resources

You must specify values for the SAP EP IT resource parameters in the following table.

Parameter Description and Sample Values
SAPUMLocation

For example: D:/EP/properties/

 This parameter holds information about the target SAP Enterprise Portal system. The sapum.properties file contains the configuration details required to integrate the target system.
TimeStamp

For example: Apr 07, 2006 at 10:00:00 GMT+05:30

 The parameter does not hold any value for the first reconciliation run. After the first reconciliation run, this parameter holds the time at which the last reconciliation run was completed.
WSDLLocation

For example: http://mlbpsap02:50000/irj/servlet/prt/soap/com.sap.portal.prt.soap.RolePortalService?style=rpc_lit

 This parameter holds the location of the WSDL URL, where the Web service is running in SAP Enterprise Portal 6.0.

After you specify values for these IT resource parameters, go to Step 9 of the procedure to import connector XML files.

Step 5: Configuring Reconciliation

Configuring reconciliation involves creating scheduled tasks for lookup fields and user reconciliations. To create these scheduled tasks:

  1. Open the Oracle Identity Manager Design Console.

  2. Expand the Xellerate Administration folder.

  3. Select Task Scheduler.

  4. Click Find. The details of the predefined scheduled tasks are displayed on two different tabs.

  5. Enter a number in the Max Retries field. This number represents the number of times Oracle Identity Manager should attempt to complete the task before assigning the ERROR status to the task.

  6. Ensure that the Disabled and Stop Execution check boxes are cleared.

  7. In the Start region, double-click the Start Time field. From the date-time editor that is displayed, select the date and time at which you want the task to run.

  8. In the Interval region, set the following schedule parameters:

    • To set the task to run on a recurring basis, select the Daily, Weekly, Recurring Intervals, Monthly, or Yearly option.

      If you select the Recurring Intervals option, then you must also specify the time interval at which you want the task to run on a recurring basis.

    • To set the task to run only once, select the Once option.

  9. Provide values for the attributes of the scheduled task. Refer to the appropriate table in the Specifying Values for the Scheduled Task Attributessection for information about the values to be specified.

    See Also:

    Oracle Identity Manager Design Console Guide for information about adding and removing task attributes

  10. Click Save. The scheduled task is created. The INACTIVE status is displayed in the Status field, because the task is not currently running. The task is run at the date and time that you set in Step 7.

  11. Repeat Steps 5 through 10 to create the second scheduled task.

After you create both scheduled tasks, proceed to the Step 6: Compiling Adapters section.

Specifying Values for the Scheduled Task Attributes

This section provides information about the values to be specified for the following scheduled tasks:

Lookup Fields Reconciliation Scheduled Task

You must specify values for the following attributes of the lookup fields reconciliation scheduled task.

Note:

Attribute values are predefined in the connector XML file that you import. Specify values only for those attributes that you want to change.
Parameter Name Sample Value Description
ITResource SAP EP IT Resource Name of the IT Resource for making connection to SAP Enterprise Portal

The SAPEP Lookup Recon lookup field is not reconciled.

After you specify values for these task attributes, go to Step 10 of the procedure to create scheduled tasks.

User Reconciliation Scheduled Task

You must specify values for the following attributes of the user reconciliation scheduled task.

Note:

Attribute values are predefined in the connector XML file that you import. Specify values only for those attributes that you want to change.
Parameter Name Sample Value Description
Organization OIM Users Default organization assigned to a new user
Xellerate type End-User Administrator Default type Assigned to a new user
Role Consultant Default role Assigned to a new user
ITResource SAP EP IT Resource Name of the IT Resource for making connection to SAP
ResourceObject SAP EP Resource Object Name of the resource object that is used for user reconciliation
IsTrustedSource False Configuration for trusted/nontrusted target

If true, then it is a trusted target. If false, then the target is a nontrusted target. By default, the value is false.
FirstTimeReconRecords 5000 Number of records to be fetched during first time reconciliation if the operation is timed out on the target SAP system
Password Dummy Default dummy password
XLDeleteUsersAllowed False Flag that determines whether or not users are to be deleted in Oracle Identity Manager during user reconciliation

After you specify values for these task attributes, go to Step 10 of the procedure to create scheduled tasks.

See Also:

Reconciliation Module

Step 6: Compiling Adapters

The following adapters are imported into Oracle Identity Manager when the connector XML file is deployed. You must compile these adapters before you can use them to provision accounts on the target system.

Note:

To compile multiple adapters simultaneously, use the Adapter Manager form. To compile one adapter at a time, use the Adapter Factory form.

To compile adapters by using the Adapter Manager form:

  1. Open the Adapter Manager form.

  2. To compile all the adapters that you import into the current database, select the Compile All option.

    To compile multiple (but not all) adapters, select the adapters you want to compile. Then, select the Compile Selected option.

  3. Click Start. Oracle Identity Manager compiles the adapters that you specify.

See Also:

Oracle Identity Manager Design Console Guide for information about how to use these forms.

To view detailed information about an adapter:

  1. Highlight the adapter in the Adapter Manager form.

  2. Double-click the row header of the adapter, or right-click the adapter.

  3. Select Launch Adapter from the shortcut menu that is displayed. Details of the adapter are displayed.

Step 7: Changing Passwords on SAP Enterprise Portal

The Configuration parameter of this connector affects the behavior of the Change Password function. You can configure password behavior in scenarios such as when a user profile gets locked or expires on the target system. In such a case, you can configure the system such that the administrator will not be able to reset the password for such a profile to prevent discrepancies between the Oracle Identity Manager system and the target system.

To configure the Configuration parameter of the Change Password function, do the following:

  1. In the Administrative and User Console, select Process Management and Process Definition.

  2. Select the Password Updated task.

  3. Specify values for the following parameters:

    • ValidityChange: This is a flag that can accept the value true or false.

      • True: If the user's validity period has expired, then it is extended to the date specified in the validityDate parameter.

      • False: If the user's validity period has expired, then it does not extend the validity and the user's password cannot be changed.

    • lockChange: This is a flag that can accept the value true or false.

      • True: If the user is locked but not by the administrator, then the user is unlocked before the change of password. If the user is locked by the administrator, then the password cannot be changed.

      • False: If the user is locked, then the password cannot be changed.

    • ValidTo: Date to which the user's validity must be extended. The date format must be as follows:

      Apr 1 10 11:18:29 AM

      If this field is left empty, then the value is set to 1970-01-01, which is the default date.

Go to previous page
Previous		 Go to next page
Next
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us