1 About the Connector

Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with external, identity-aware applications. This guide discusses the connector that enables you to use SAP Enterprise Portal either as a managed (target) resource or as an authoritative (trusted) source of identity data for Oracle Identity Manager.

In the account management (target resource) mode of the connector, information about users created or modified directly on the target system can be reconciled into Oracle Identity Manager. In addition, you can use Oracle Identity Manager to perform provisioning operations on the target system.

In the identity reconciliation (trusted source) configuration of the connector, users are created or modified only on the target system and information about these users is reconciled into Oracle Identity Manager.

Note:

It is recommended that you do not configure the target system as both an authoritative (trusted) source and a managed (target) resource.

This chapter contains the following sections:

Reconciliation Module
Provisioning Module
Supported Functionality
Multilanguage Support
Files and Directories That Comprise the Connector
Determining the Release Number of the Connector

Note:

In this guide, the term Oracle Identity Manager server refers to the computer on which Oracle Identity Manager is installed.

At some places in this guide, SAP Enterprise Portal has been referred to as the target system.

1.1 Reconciliation Module

Reconciliation involves duplicating in Oracle Identity Manager the creation of and modifications to user accounts on the target system. It is an automated process initiated by a scheduled task that you configure.

1.1.1 Lookup Fields Reconciliation

For user reconciliation to work, the following lookup definitions must be available and the lookup values must be reconciled:

Lookup.SAP.EP.Country
Lookup.SAP.EP.Groups
Lookup.SAP.EP.Language
Lookup.SAP.EP.Roles
Lookup.SAP.EP.TimeZone

1.1.2 User Reconciliation

User reconciliation can be divided into the following:

Reconciled SAP Enterprise Portal Resource Object Fields
Reconciled Xellerate User Fields

1.1.2.1 Reconciled SAP Enterprise Portal Resource Object Fields

The following fields are reconciled:

Street
City
State
Zip
Country
TimeZone
Department
ValidFrom
ValidTo
Locked
UserID
Password
FirstName
LastName
EmailID
Language
Telephone
Fax
Mobile
Group
Role

1.1.2.2 Reconciled Xellerate User Fields

If trusted source reconciliation is implemented, then the following additional fields are reconciled:

UserID
FirstName
LastName
EmailID
Organization

1.2 Provisioning Module

Provisioning involves creating or modifying a user's account on the target system through Oracle Identity Manager. You use the Oracle Identity Manager Administrative and User Console to perform provisioning operations.

1.3 Supported Functionality

The following table lists the functions that are available with this connector.

Function	Type	Description
Create User	Provisioning	Creates a user in the SAP Enterprise Portal system
Update User	Provisioning	Updates a user in the SAP Enterprise Portal system
Delete User	Provisioning	Deletes a user from the SAP Enterprise Portal system
Reset Password	Provisioning	Updates the user password in the SAP Enterprise Portal system
Lock User	Provisioning	Locks a user in the SAP Enterprise Portal system
UnLock User	Provisioning	Unlocks a locked user in the SAP Enterprise Portal system
Add Role	Provisioning	Adds a role to a user in the SAP Enterprise Portal system
Add Group	Provisioning	Adds a group to a user in the SAP Enterprise Portal system
Remove Role	Provisioning	Removes the role of a user in the SAP Enterprise Portal system
Remove Group	Provisioning	Removes a group from a user in the SAP Enterprise Portal system
List Roles of User	Provisioning	Lists the roles of a user in the SAP Enterprise Portal system
List Groups of User	Provisioning	Lists the groups of a user in the SAP Enterprise Portal system
List All Roles	Provisioning	Lists all the roles defined in the SAP Enterprise Portal system
List All Groups	Provisioning	Lists all the groups defined in the SAP Enterprise Portal system
Reconciliation Insert Received	Reconciliation	Inserts into Oracle Identity Manager the user that is created in the SAP Enterprise Portal system
Reconciliation Update Received	Reconciliation	Updates in Oracle Identity Manager the user that is updated in the SAP Enterprise Portal system
Reconciliation Delete Received	Reconciliation	Deletes from Oracle Identity Manager the user that is deleted from the SAP Enterprise Portal system

1.4 Multilanguage Support

This release of the connector supports the following languages:

Arabic
Chinese Simplified
Chinese Traditional
Danish
English
French
German
Italian
Japanese
Korean
Portuguese (Brazilian)
Spanish

1.5 Files and Directories That Comprise the Connector

The files and directories that comprise this connector are in the following directory on the installation media:

Enterprise Applications/SAP Enterprise Portal

These files and directories are listed in the following table.

File in the Installation Media Directory	Description
lib/SAPEPConnector.jar	This JAR file contains the class files that are required for provisioning.
lib/SAPEPRecon.jar	This JAR file contains the class files that are required for reconciliation.
par/ConnectorService.par	This file is used for calling Web Services on the SAP Enterprise Portal system.
Files in the `resources` directory	Each of these resource bundles contains language-specific information that is used by the connector. Note: A resource bundle is a file containing localized versions of the text strings that are displayed on the user interface of Oracle Identity Manager. These text strings include GUI element labels and messages displayed on the Administrative and User Console.
test/Troubleshoot/TroubleShootUtility.class	This utility is used to test connector functionality.
test/Troubleshoot/global.properties	This file is used to specify the parameters and settings required to connect to the target system by using the testing utility.
test/Troubleshoot/log.properties	This file is used to specify the log level and the directory in which the log file is to be created when you run the testing utility.
xml/SAPEPResourceObject.xml	This XML file contains definitions for the following components of the connector: IT resource definition SAP User form Lookup definitions Adapters Resource object Process definition Reconciliation scheduled tasks
xml/SAPEPXLResourceObject.xml	This XML file contains the configuration for the Xellerate User. You must import this file only if you plan to use the connector in trusted source reconciliation mode.

Note:

The files in the test directory are used only to run tests on the connector.

The "Copying the Connector Files and External Code Files" section provides instructions to copy these files into the required directories.

1.6 Determining the Release Number of the Connector

You can use the following method to determine the release number of the connector:

Extract the contents of the SAPEPConnector.jar or SAPEPRecon.jar file. This file is in the following directory on the installation media:
```
Enterprise Applications/PeopleSoft Enterprise Applications/PeopleSoft User Management/lib/ScheduleTask
```
Open the manifest.mf file in a text editor. The manifest.mf file is one of the files bundled inside the SAPEPConnector.jar or SAPEPRecon.jar file.

In the manifest.mf file, the release number of the connector is displayed as the value of the Version property.