1 About the Connector

Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. The connector for SAP User Management is used to integrate Oracle Identity Manager with SAP User Management.

Note:

Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.

This chapter contains the following sections:

• Supported Functionality

• Provisioning Module

• Reconciliation Module

• Files and Directories That Comprise the Connector

Supported Functionality

This section discusses the functions available with this connector.

Function	Type	Description
Create User	Provisioning	Creates a user in the target system
Update User	Provisioning	Updates the user in the target system
Delete User	Provisioning	Deletes a user from the target system
Lock User	Provisioning	Locks the user in the target system
UnLock User	Provisioning	Unlocks the user in the target system
Add User Role	Provisioning	Adds a role to the user in the target system
Add User Profile	Provisioning	Adds a profile to the user in the target system
Remove User Role	Provisioning	Removes the role of the user in the target system
Remove User Profile	Provisioning	Removes the profile from the user in the target system
List Roles of User	Provisioning	Lists the roles of the user in the target system
List Profiles of User	Provisioning	Lists the profiles of the user in the target system
List All Roles	Provisioning	Lists all the roles present in the target system
List All Profiles	Provisioning	Lists all the Profiles present in the target system
Reconciliation Insert Received	Reconciliation	Inserts a user into Oracle Identity Manager if a user is created in the target system
Reconciliation Update Received	Reconciliation	Updates a user in the Oracle Identity Manager if a user is updated in the target system
Reconciliation Delete Received	Reconciliation	Deletes a user in the Oracle Identity Manager if a user is deleted in the target system

Reconciliation Module

This section describes the elements that are extracted from the target system by the reconciliation module for constructing a reconciliation event record. The following are features of the reconciliation module:

• The default data elements of each reconciliation event record are Organization, Xellerate Type, and Role.

• The default labels for the data elements in each reconciliation event record are as follows:

  • Event Linked (for successful reconciliation)

  • No Matched Found (for failed reconciliation)

• The TimeStamp parameter present in the IT Resource is used for reconciliation. Its value is the date and time at which reconciliation was last run.

• The connector has a configurable option to specify the trusted/nontrusted reconciliation. The Task Scheduler has the isTrusted parameter, which you can use to specify whether you want to perform trusted or nontrusted reconciliation.

Lookup Data Reconciliation

The following lookup fields are reconciled:

• Lookup.SAP.R3.Roles

• Lookup.SAP.R3.TimeZone

• Lookup.SAP.R3.LangComm

• Lookup.SAP.R3.UserTitle

• Lookup.SAP.R3.DecimalNotation

• Lookup.SAP.R3.DateFormat

• Lookup.SAP.R3.UserGroups

• Lookup.SAP.R3.CommType

• Lookup.SAP.R3.Profiles

The following lookup fields are not reconciled:

• Lookup.SAP.R3.UserType

• Lookup.SAP.R3.LockUser

User Reconciliation

This section discusses elements that are specific to user reconciliation with the SAP User Management connector.

Reconciled SAP R3 Resource Object Fields

The following fields are reconciled for SAP R3 resource objects:

• Extension

• Telephone

• Time Zone

• Lang Logon

• User Group

• Department

• Lang Comm

• Last Name

• First Name

• User Title

• Password

• User ID (Required Field)

• Start Menu

• User Type

• Alias

• Lock User

• Comm Type

• Code

• Building

• Floor

• Room No

• Function

• Decimal Notation

• Date Format

• Email

• Fax

• IT Resource Type

• User Profile

  • User Profile

• User Role

  • User Role

For user reconciliation to work, the following fields should be available in the lookup definition. In addition, the lookup values should be reconciled before the User Recon reconciliation scheduled task is run.

• Lookup.SAP.R3.Roles

• Lookup.SAP.R3.TimeZone

• Lookup.SAP.R3.LangComm

• Lookup.SAP.R3.UserTitle

• Lookup.SAP.R3.DecimalNotation

• Lookup.SAP.R3.DateFormat

• Lookup.SAP.R3.UserGroups

• Lookup.SAP.R3.CommType

• Lookup.SAP.R3.Profiles

Reconciled Xellerate User Fields

The following Xellerate user fields are reconciled:

• UserId

• Password

• Organization

• FirstName

• LastName

• Xellerate

• Role

• Xellerate Type

Provisioning Module

The following fields must be specified for a provisioning task to work for SAP R3 resource objects:

• User ID

• Password

• First Name

• Last Name

Files and Directories That Comprise the Connector

The files and directories that comprise this connector are compressed in the SAP User Management Rev 3.1.0.zip file, which is in the following directory on the installation media:

Enterprise Applications\SAP Enterprise Applications\

These files and directories are listed in the following table.

File	Description
xml\SAPR3ResourceObject.xml	This XML file contains all the components of the SAP R3 connector. These components include the following objects for SAP R3: IT Resource definition SAP User form Lookup definitions Connectors Resource object Process definition Reconciliation tasks Task Scheduler
xml\SAPR3XLResourceObject.xml	This file is used only if the connector is configured as a trusted source. The SAPR3XLResourceObject.xml file contains only the Oracle Identity Manager resource objects and dependent values.
xml\SAPCRMResourceObject.xml	This file contains all the components of the SAP CRM connector. These components include the following objects for SAP CRM: IT Resource definition SAP User form Lookup definitions Connectors Resource object Process definition Reconciliation tasks Task Scheduler
xml\SAPCRMXLResourceObject.xml	This file is used only if the connector is configured as a trusted source. The SAPCRMXLResourceObject.xml file contains only the Oracle Identity Manager resource objects and dependent values.
xml\SAPBIWResourceObject.xml	This file contains all the components of the SAP BIW connector. These components include the following objects for SAP BIW: IT Resource definition SAP User form Lookup definitions Connectors Resource object Reconciliation tasks Task Scheduler
SAPBIWXLResourceObject.xml	This file is used only if the connector is configured as a trusted source. The SAPBIWXLResourceObject.xml file contains only the Oracle Identity Manager resource objects and dependent values.
lib\XLSAPAdapter.jar	This file contains all the classes and definitions required for provisioning, reconciliation, master maintenance, and troubleshooting.
BAPI\xlsapcar.sar	This file contains information for configuring the SAP system for the connector to be able to access the APIs on the target system.
troubleshoot\log.properties troubleshoot\troubleshoot.properties	Property files where you can specify connection and task parameters.
troubleshoot\TroubleShootingUtility.class	The TroubleShootingUtility class file used to test the connector and debug any issues.
External code files: sapjco.jar For Microsoft Windows: sapjcorfc.dll librfc32.dll Version: 2.0.10 For Solaris and Linux: libsapjcorfc.so librfccm.so Version: 2.0.10	You can download these files from the SAP service Web site at https://websmp104.sap-ag.de/connectors This file is part of the Java connector java_connector.zip file. Note: A valid SAP license is required to download these files.
docs\B31137_01.pdf docs\html	Oracle Identity Manager Connector Guide for SAP User Management

See Also:

Step 2: Copying the Connector Files and External Code