The SAP Enterprise Portal adapter does not require any additional installation procedures.
The idmservice.par portal archive file must be deployed onto the SAP Enterprise Portal. The idmservice.par file can be found in the root folder of the install image.
The portal archive defines the com.sap.portal.prt.soap.IDMService portal service, which is required by the SAP Enterprise Portal adapter. The adapter communicates with the portal service through SOAP calls to manage the objects on the Portal.
A Portal administrator must install the idmservice.par. This is done through the administrative user interface for SAP Enterprise Portal by selecting the idmservice.par as the file to upload.
The SAP Enterprise Portal adapter accomplishes user provisioning by indirectly using the SAP User Management Engine (UME). The adapter communicates with the Identity Manager portal service. The portal service in turn makes direct UME calls.
To communicate with the Identity Manager service installed on the SAP Portal, the Identity Manager Portal Service Endpoint resource attribute must be configured.
An example endpoint is:
https://myhost:50000/irj/servlet/prt/soap/com.sap.portal. prt.soap.IDMService
The SAP Portal Administrator and SAP Portal Administrator Password resource attributes define the username and password of an administrator of the SAP Portal.
The Test Configuration button verifies that the endpoint, username, and password are valid by performing a status call on the Identity Manager portal service.
To enhance security, configure the following:
The com.sap.portal.prt.soap.IDMService portal service should only be accessible through an SSL-encrypted port exposed by the Portal.
The com.sap.portal.prt.soap.IDMService/high_safety Security Zone should be modified to include only the SAP super_admin role.
The following table summarizes the provisioning capabilities of this adapter.
| Feature | Supported? | 
|---|---|
| Enable/disable account | Yes | 
| Rename account | No | 
| Pass-through authentication | Yes | 
| Before/after actions | No | 
| Data loading methods | 
 | 
The following table lists the SAP Enterprise Portal user account attributes. Unless otherwise noted, the data type for all account attributes is String.
| Identity Manager User Attribute | Resource User Attribute | Description | 
|---|---|---|
| sap_groups | groups | SAP groups in which the user is a direct member | 
| sap_roles | roles | SAP roles in which the user is a directory member | 
| title | title | The user’s academic title or title of nobility | 
| firstname | firstName | The user’s first name | 
| lastname | lastName | The user’s last name | 
| fullname | displayName | The user’s display name | 
|  |  | The user’s default email address | 
| telephone | telephone | The user’s default telephone number | 
| fax | fax | The user’s default fax number | 
| cellPhone | cellPhone | The user’s default cell phone number | 
| street | street | The street of the user’s home address | 
| city | city | The city of the user’s home address | 
| state | state | The state or province of the user’s home address | 
| zipcode | zip | The postal code of the user’s home address | 
| country | country | The ISO-3166 two-letter uppercase code of the country where the user lives. This value does not necessarily match the country specified in the locale. | 
| timeZone | timeZone | The user’s time zone. | 
| locale | locale | The user’s locale, such as en_US or fr_CA. | 
| currency | currency | The three letter uppercase code of the user’s currency, such as USD, EUR, or YEN | 
| screenReader | screenReader | Boolean. Enables or disables the user’s screen reading capability. | 
| department | department | The user’s department | 
| jobTitle | jobTitle | The user’s job title | 
| salutation | salutation | The user’s form of address, such as Mr., Mrs., or Dr. | 
SAP Groups and Roles are supported.
$accountId$
A sample form is available at sample/forms/SAPPortalUserForm.xml is available. When this sample form is used, you must also import sample/rules/SAPPortalUserFormRules.xml.
Use the Identity Manager debug pages to set trace options on the following class:
com.waveset.adapter.SAPPortalResourceAdapter
Additionally, you can set the following Identity Manager logging parameters for the resource instance:
Log File Path
Maximum Log File Size
Log Level
To view the log for the portal service on the SAP Enterprise Portal server, see the WEB-INF/portal/logs/idm.log file on the SAP server installation file
The portal service uses the logger idm_logger, which is defined in the PAR in the PORTAL-INF/logger/logger.xml file. By default, the idm_logger is set to log ALL messages