1 About the Connector

Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. The connector for SAP User Management is used to integrate Oracle Identity Manager with SAP User Management.

Note:

Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.

This chapter contains the following sections:

Reconciliation Module
Provisioning Module
Supported Functionality
Multilanguage Support
Files and Directories That Comprise the Connector
Determining the Release Number of the Connector

Note:

At some places in this guide, SAP User Management has been referred to as the target system.

Reconciliation Module

Reconciliation involves duplicating in Oracle Identity Manager additions of and modifications to user accounts on the target system. It is an automated process initiated by a scheduled task that you configure.

See Also:

The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Framework Guide for conceptual information about reconciliation configurations

This section discusses the elements that are extracted from the target system by the reconciliation module for constructing reconciliation event records. The following are features of the reconciliation module:

The default data elements of each reconciliation event record are Organization, User Type, and Employee Type.
The default labels for the data elements in each reconciliation event record are as follows:
- Event Linked (for successful reconciliation)
- No Match Found (for failed reconciliation)

Based on the type of data reconciled from the target system, reconciliation can be divided into the following types:

Lookup Data Reconciliation
User Reconciliation

Lookup Data Reconciliation

The following lookup fields are reconciled:

Lookup.SAP.R3.Roles
Lookup.SAP.R3.TimeZone
Lookup.SAP.R3.LangComm
Lookup.SAP.R3.UserTitle
Lookup.SAP.R3.DecimalNotation
Lookup.SAP.R3.DateFormat
Lookup.SAP.R3.UserGroups
Lookup.SAP.R3.CommType
Lookup.SAP.R3.Profiles

The following lookup fields are not reconciled:

Lookup.SAP.R3.UserType
Lookup.SAP.R3.LockUser
Lookup.SAP.R3.FieldNames
Lookup.SAP.R3.FieldNamesX
Lookup.SAP.R3.BAPIKeys
Lookup.SAP.R3.BAPIXKeys

User Reconciliation

User reconciliation can be divided into the following:

Reconciled SAP User Management Resource Object Fields
Reconciled Xellerate User Fields

Reconciled SAP User Management Resource Object Fields

The following fields are reconciled:

Extension
Telephone
Time Zone
Lang Logon
User Group
Department
Lang Comm
Last Name
First Name
User Title
User ID
Start Menu
Xellerate Type
Alias
Lock User
Comm Type
Code
Building
Floor
Room No
Function
Decimal Notation
Date Format
Email
Fax
User Profile
User Role

Reconciled Xellerate User Fields

If trusted source reconciliation is implemented, then the following fields are reconciled:

User ID
FirstName
LastName
Organization
Email
Employee Type
User Type

Provisioning Module

Provisioning involves creating or modifying a user's account information on the target system through Oracle Identity Manager. You use the Administrative and User Console to perform provisioning operations.

See Also:

The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Framework Guide for conceptual information about provisioning

For this target system, the following fields are provisioned:

User ID
Password
First Name
Last Name

Supported Functionality

The following table lists the functions that are available with this connector.

Function	Type	Description
Create User	Provisioning	Creates a user in SAP User Management
Update User	Provisioning	Updates a user in SAP User Management
Delete User	Provisioning	Deletes a user from SAP User Management
Lock User	Provisioning	Locks a user in SAP User Management
UnLock User	Provisioning	Unlocks a user in SAP User Management
Add User Role	Provisioning	Adds a role to a user in SAP User Management
Add User Profile	Provisioning	Adds a profile to a user in SAP User Management
Remove User Role	Provisioning	Removes the role of a user in SAP User Management
Remove User Profile	Provisioning	Removes the profile of a user in SAP User Management
List Roles of User	Provisioning	Lists the roles of a user in SAP User Management
List Profiles of User	Provisioning	Lists the profiles of a user in SAP User Management
List All Roles	Provisioning	Lists all the roles present in SAP User Management
List All Profiles	Provisioning	Lists all the profiles present in SAP User Management
Reconciliation Insert Received	Reconciliation	Creates a user in Oracle Identity Manager if a user is created in SAP User Management
Reconciliation Update Received	Reconciliation	Updates a user in Oracle Identity Manager if a user is updated in SAP User Management
Reconciliation Delete Received	Reconciliation	Deletes a user from Oracle Identity Manager if a user is deleted from SAP User Management

See Also:

Appendix A for information about attribute mappings between Oracle Identity Manager and SAP User Management.

Multilanguage Support

This release of the connector supports the following languages:

Chinese Simplified
Chinese Traditional
English
French
German
Italian
Japanese
Korean
Portuguese (Brazilian)
Spanish

See Also:

Oracle Identity Manager Globalization Guide for information about supported special characters

Files and Directories That Comprise the Connector

The files and directories that comprise this connector are in the following directory on the installation media:

Enterprise Applications/SAP Enterprise Applications/SAP User Management

These files and directories are listed in the following table.

File in the Installation Media Directory	Description
BAPI/xlsapcar.sar	This file contains information for configuring the SAP system so that the connector is able to access the APIs on the target system.
lib/SAPAdapter.jar	This file contains all the classes and definitions required for provisioning, reconciliation, and troubleshooting.
Files in the `resources` directory	Each of these resource bundle files contains language-specific information that is used by the connector. Note: A resource bundle is a file containing localized versions of the text strings that are displayed on the user interface of Oracle Identity Manager. These text strings include GUI element labels and messages displayed on the Administrative and User Console.
test/troubleshoot/troubleShootingUtility.class	This utility is used to test connector functionality.
test/troubleshoot/global.properties	This file is used to specify the parameters and settings required to connect to the target system by using the testing utility.
test/troubleshoot/log.properties	This file is used to specify the log level and the directory in which the log file is to be created when you run the testing utility.
xml/SAPBIWResourceObject.xml	This file contains definitions for the following components of the SAP BIW connector: IT resource definition SAP User form Lookup definitions Connectors Resource object Reconciliation scheduled tasks
xml/SAPBIWXLResourceObject.xml	This XML file contains the configuration for the Xellerate User. You must import this file only if you plan to use the connector in trusted source reconciliation mode.
xml/SAPCRMResourceObject.xml	This file contains definitions for the following components of the SAP CRM connector: IT resource definition SAP User form Lookup definitions Connectors Resource object Process definition Reconciliation scheduled tasks
xml/SAPCRMXLResourceObject.xml	This file is used only if the connector is configured as a trusted source. The `SAPCRMXLResourceObject.xml` file contains only the Oracle Identity Manager resource objects and dependent values.
xml/SAPR3ResourceObject.xml	This XML file contains definitions for the following components of the connector: IT resource definition SAP User form Lookup definitions Adapters Resource object Process definition Reconciliation scheduled tasks
xml/SAPR3XLResourceObject.xml	This XML file contains the configuration for the Xellerate User. You must import this file only if you plan to use the connector in trusted source reconciliation mode.

Note:

The files in the troubleshoot directory are used only to run tests on the connector.

The "Step 2: Copying the Connector Files and External Code Files" section provides instructions to copy these files into the required directories.

Determining the Release Number of the Connector

You can use any one of the following methods to determine the release number of the connector.

Before Deployment

To determine the release number of a connector:

Extract the contents of the SAPAdapter.jar file. This file is in the following directory on the installation media:
```
Enterprise Applications/SAP Enterprise Applications/SAP User Management/lib
```
Open the manifest.mf file in a text editor. The manifest.mf file is one of the files bundled inside the SAPAdapter.jar file.

In the manifest.mf file, the release number of the connector is displayed as the value of the Version property.

Note:

If you maintain a copy of the SAPAdapter.jar file after deployment, you can use this method to determine the release number of the connector at any stage. After you deploy the connector, it is recommended that you use the "After Deployment" method, which is described in the following section.

After Deployment

To determine the release number of a connector that has already been deployed:

See Also:

Oracle Identity Manager Design Console Guide

Open the Oracle Identity Manager Design Console.
In the Form Designer, open the process form. The release number of the connector is the value of the Version field.