This chapter provides an overview of the updates made to the software and documentation for release 11.1.1.7.0 of the SAP User Management connector.
The updates discussed in this chapter are divided into the following categories:
This section describes updates made to the connector software. This section also points out the sections of this guide that have been changed in response to each software update.
Documentation-Specific Updates
This section describes major changes made to this guide. For example, the relocation of a section from the second chapter to the third chapter is a documentation-specific update. These changes are not related to software updates.
The following section discusses software updates:
There are no software updates in this release of the connector.
The following are issues resolved in release 11.1.1.6.0:
Bug Number | Issue | Resolution |
---|---|---|
17388531 |
Account and role provisioning works fine without configuring the connector server.However, provisioning a role fails when the connector server is configured. |
This issue has been resolved. |
17575026 |
Failure of child data reconciliation during a reconciliation operation. |
This issue has been resolved. |
17581363 |
Failure in updation of the SAP User Management Unique ID in the process form. |
This issue has been resolved. |
17642440 |
Missing few Users created during different times of the same day during reconciliation operation. |
This issue has been resolved. |
17911657 |
In non CUA mode, SAP role reconciliation is omitting composite roles. |
This issue has been resolved. |
17288932 |
SSL support for SAP GRC 5.3 |
This issue has been resolved. |
18461406 |
When the CUA mode is enabled and a role lookup reconciliation is performed, roles are reconciled with English labels instead of French labels. |
This issue has been resolved. |
19078269 |
Unable to connect to SAP in load balance scenario. However, connection to concrete SAP is successful. |
This issue has been resolved. |
16506322 |
The task responses are displayed only in English even when the connector is configured for any other native language. |
This issue has been resolved. |
18815353 |
"Display" and "Help" label descriptions are not displayed appropriately. |
This issue has been resolved. |
17748964 |
AC: SAP User Management unique Id does not get updated in the process form. |
This issue has been resolved. |
17668632 |
Failure in updation of SoDCheckResult due to an issue with field label mapping. |
This issue has been resolved. |
17401315 |
During user reconciliation in SAP User Management, two resource objects are created for the same account in Oracle Identity Manager. |
This issue has been resolved. |
19620263 |
Performing a Remove Role operation on Oracle Identity Manager does not remove simple roles associated to composite roles. |
This issue has been resolved. |
18342752 |
When a User from CUA is disabled and re-enabled in Oracle Identity Manager, the User is still displayed as disabled in SAP. |
This issue has been resolved. |
19551686 |
SAP User Management reconciliation finds modified Users only once in every three reconciliation operations. |
This issue has been resolved. |
This is the first release of the Oracle Identity Manager Connector for SAP User Management based on Identity Connector Framework (ICF). The following are the software updates in release 11.1.1.5.0:
From this release onward, the connector supports the following new components:
Risk Analysis and Remediation, also known as Analyze and Manage Access Risk (AMAR)
Compliant User Provisioning, also known as Provision and Manage Users (PMU)
Throughout this guide, SAP BusinessObjects AC Access Risk Analysis refers to Risk Analysis and Remediation and SAP BusinessObjects AC Access Request Management refers to Compliant User Provisioning.
The Identity Connector Framework (ICF) is a component that provides basic provisioning, reconciliation, and other functions that all Oracle Identity Manager and Oracle Waveset connectors require.
The Oracle Identity Manager Connector for SAP User Management is an ICF-based connector. The ICF uses classpath isolation, which allows the SAP User Management connector to co-exist with legacy versions of the connector.
For more information about the ICF, see Understanding the Identity Connector Framework in Oracle Fusion Middleware Developing and Customizing Applications for Oracle Identity Manager.
Connector Server is a component provided by ICF. By using one or more connector servers, the connector architecture permits your application to communicate with externally-deployed bundles. In other words, a connector server enables remote execution of an Oracle Identity Manager connector.
See the following sections for more information:
A connection pool is a cache of objects that represent physical connections to the target. Oracle Identity Manager connectors can use these connections to communicate with target systems. At run time, the application requests a connection from the pool. If a connection is available, then the connector uses it and then returns it to the pool. A connection returned to the pool can again be requested for and used by the connector for another operation. By enabling the reuse of connections, the connection pool helps reduce connection creation overheads like network latency, memory allocation, and authentication.
One connection pool is created for each IT resource. For example, if you have three IT resources for three installations of the target system, then three connection pools will be created, one for each target system installation.
See Setting up the Lookup Definition for Connection Pooling for more information.
You can configure transformation of data, such as process form field data or any other object, that is brought into Oracle Identity Manager during reconciliation. In addition, you can configure validation of data that is brought into or sent from Oracle Identity Manager during reconciliation and provisioning.
See the following sections for more information:
From this release onward, you can specify a list of accounts that must be excluded from reconciliation and provisioning operations. Accounts whose user IDs you specify in the exclusion list are not affected by reconciliation and provisioning operations.
See Validation Groovy Script for Resource Exclusion in Oracle Fusion Middleware Performing Self Service Tasks for Oracle Identity Manager for more information.
The following section discusses documentation-specific updates:
The following documentation-specific updates have been made in revision "20" of the guide:
The "Target systems" and "SAP Governance, Risk and Compliance Access Control (GRC AC)" rows of Table 1-1 have been updated.
The following documentation-specific updates have been made in revision "19" of the guide:
Information about Oracle Identity Governance cluster has been added to Table 1-2, Table 1-6, and Enabling Logging.
Configuring SNC to Secure Communication Between Oracle Identity Manager and the Target System has been updated.
Postcloning Steps has been added.
The following documentation-specific update has been made in revision "18" of the guide:
The "Target systems" and "SAP Governance, Risk and Compliance Access Control (GRC AC)" rows of Table 1-1 have been updated.
The following documentation-specific updates have been made in revision "17" of the guide:
The following documentation-specific updates have been made in revision "16" of the guide:
The following documentation-specific updates have been made in revision "15" of the guide:
The following documentation-specific update has been made in revision "14" of the guide:
The following documentation-specific updates have been made in revision "13" of the guide:
OIM interface names have been corrected throughout the guide.
Information pertaining to procedures performed on the target system has been replaced with a high-level summary in the following sections:
The following documentation-specific update has been made in revision "12" of the guide:
The "Oracle Identity Manager" row of Table 1-1 has been updated.
The following documentation-specific updates have been made in revision "10" of the guide:
The "JDK" and "SAP Governance, Risk and Compliance Access Control (GRC AC)" rows of Table 1-1 have been updated.
Information pertaining to SAP BusinessObjects Access Control 5.3 has been removed throughout the guide.
Information pertaining to SAP BusinessObjects Access Control 10 artifacts has been added throughout the guide.
Known Issues and FAQs has been modified to remove all bugs that are no longer issues.
Standard BAPIs Used During Connector Operations has been added.
The following documentation-specific updates have been made in revision "8" of release 11.1.1.6.0:
The "Oracle Identity Manager" row of Table 1-1 has been updated.
Information specific to Oracle Identity Manager 11g Release 2 PS3 (11.1.2.3.0) has been added to Usage Recommendation.
The following documentation-specific updates have been made in revision "7" of release 11.1.1.6.0:
The "Target systems" row of Table 1-1 has been updated.
A "Note" has been added at the beginning of Extending the Functionality of the Connector.
A "Note" regarding field length has been added to Postinstallation.
Step 5 of Performing the Postupgrade Steps has been removed.
An issue regarding connector upgrade has been added to Known Issues.
The following documentation-specific updates have been made in revision "6" of release 11.1.1.6.0:
A "Note" on SAP NetWeaver 7.31 certified connector version has been modified in Table 1-1.
The "Connector Server" row has been added to Table 1-1.
In Table 1-2, the following rows have been added:
singleRoles
compositeRoles
disableLockStatus
roles
In Table 1-8, the following rows have been modified:
AC Request
Unique ID
In Table 1-10, the "Unique ID" row has been added.
The connector version has been modified from "11.1.1.5.0" to "11.1.1.6.0" in the following Sections:
Steps 3 and 4 of Downloading and Installing the SAP JCo
Steps 2 and 3 of Installing the Connector in Oracle Identity Manager
Synchronizing the SAPUM Process Form Field Length Needs with the Target Field Length has been added.
Step 3 has been added to Installing the Connector in the Connector Server.
Steps 1 and 2 have been added to Performing the Postupgrade Steps.
The following documentation-specific update has been made in the revision "5" of release 11.1.1.5.0:
Configuring Password Changes for Newly Created Accounts has been modified.
The following documentation-specific update has been made in the revision "4" of release 11.1.1.5.0:
has been modified.
The following documentation-specific update has been made in the revision "3" of release 11.1.1.5.0:
The "Target System" and "GRC AC" rows of Table 1-1 have been updated.
The following documentation-specific updates have been made in the revision "2" of release 11.1.1.5.0:
The "destination" and "masterSystem" rows of Table 2-5 have been updated.
The "Oracle Identity Manager" row of Table 1-1 has been modified to include Oracle Identity Manager 11g Release 2 PS2 (11.1.2.2.0).
Information specific to Oracle Identity Manager 11g Release 2 PS2 (11.1.2.2.0) has been added to Step 5 of Localizing Field Labels in UI Forms.