This chapter provides an overview of the updates made to the software and documentation for the SAP User Management Engine connector in release 11.1.1.9.0.
The updates discussed in this chapter are divided into the following categories:
These include updates made to the connector software.
Documentation-Specific Updates
These include major changes made to the connector documentation. These changes are not related to software updates.
The following sections discuss software updates:
The following are issues resolved in release 11.1.1.8.0:
Bug Number | Issue Description | Resolution |
---|---|---|
16506263 |
The task responses are displayed only in English even when the connector is configured for any other native language. |
This issue has been resolved. |
13090423 |
If a User has two roles in the target system and you perform a reconciliation operation, both the roles reflect on Oracle Identity Manager. If you unassign the two roles from the User in the target system and perform a reconciliation operation, then both the roles are not removed from the child form. |
This issue has been resolved. |
12951484 |
If you try to stop a scheduled job when it is running in the Administrative and User Console, then the status of the scheduled job is displayed as INTERRUPT instead of STOPPED. |
This issue has been resolved. |
17748918 |
The default value of UD_SAPUME_IS_LOCK has been changed to NO instead of BLANK. |
This issue has been resolved. |
17401453 |
During User Reconciliation in SAP User Management Engine, two resource objects are created for a particular account in Oracle Identity Manager if the account id is in lowercase. |
This issue has been resolved. |
17288932 |
The "Error in processing WSDL document" issue occurs as there are no logs available within the SAP web dispatcher for the OIM "Create User" task. |
This issue has been resolved. In this release, the connector supports new connector configuration entries in the Lookup.SAPUME.AC53.Configuration lookup definition, which can also be used to configure SSL (Secure Socket Layer) for SAP GRC 5.3. |
The following is the software update in release 11.1.1.7.0:
From this release onward, the connector supports the following new components:
Risk Analysis and Remediation, also known as Analyze and Manage Access Risk (AMAR)
Compliant User Provisioning, also known as Provision and Manage Users (PMU)
Throughout this guide, SAP BusinessObjects AC Access Risk Analysis refers to Risk Analysis and Remediation and SAP BusinessObjects AC Access Request Management refers to Compliant User Provisioning.
This is the first release of the Oracle Identity Manager Connector for SAP User Management Engine based on Identity Connector Framework (ICF). The following are the software updates in release 11.1.1.5.0:
The Oracle Identity Manager Connector for SAP User Management Engine is an ICF-based connector.
The Identity Connector Framework (ICF) is a component that provides basic provisioning, reconciliation, and other functions that all Oracle Identity Manager and Oracle Waveset connectors require. The ICF also uses classpath isolation, which allows the SAP User Management Engine connector to co-exist with legacy versions of the connector.
See Connector Architecture and Supported Deployment Configurations for more information.
In the earlier releases, the Enterprise Portal connector could be deployed in the machine on which Oracle Identity Manager was running. This release onward, you can deploy the SAP User Management Engine connector either locally in Oracle Identity Manager or remotely in the Connector Server.
See Deploying the Connector Bundle in a Connector Server for more information.
The SAP User Management Engine connector can be configured and used for provisioning and reconciling user-related data to and from multiple data sources such as Lightweight Directory Access Protocol (LDAP) directories, system database of the SAP NetWeaver Application Server Java, and user management of an Application Server ABAP. In other words, this connector can be configured for performing user management operations from user management engines irrespective of the data source configuration.
Federated Portal Network (FPN) allows organizations with multiple portals, SAP and non-SAP, to share content between independent portals. In FPN, the producers hold and run the applications. The consumer manages the redirect to producer portals. In FPN configuration, the content can be shared throughout the network using Remote Role Assignment content usage mode. It enables the consumer to assign roles offered by a producer. Connector can be configured to support Remote Role Assignment in FPN configuration.
In earlier releases, if you had multiple installations of the target system, then entries in a lookup definition were not linked with the target system installation from which the entries were copied. During a provisioning operation, you could not select lookup field values that were specific to the target system installation on which the provisioning operation was to be performed.
From this release onward, entries in lookup definitions are linked to the target system installation from which they are copied.
See Lookup Definitions Synchronized with the Target System for more information.
You can configure transformation of account data that is brought into Oracle Identity Manager during reconciliation. In addition, you can configure validation of account data that is brought into or sent from Oracle Identity Manager during reconciliation and provisioning. See the following sections for more information:
You can configure the connector for reconciliation of deleted user records. If a record is deleted on the target system, then the corresponding SAP UME resource is revoked from the OIM User.
See Reconciliation Scheduled Jobs for more information about the scheduled job used for reconciling deleted user records.
The following sections discuss the documentation-specific updates:
The following is a documentation-specific update in revision "12" of this guide:
The "Oracle Identity Governance or Oracle Identity Manager" row of Table 1-1 has been updated.
The following are documentation-specific updates in revision "11" of this guide:
The following are documentation-specific updates in revision "10" of this guide:
The following documentation-specific update has been made in revision "9" of this guide:
The "Oracle Identity Manager" row of Table 1-1 has been renamed as "Oracle Identity Governance or Oracle Identity Manager" and also updated for Oracle Identity Governance 12c (12.2.1.3.0) certification.
The following are documentation-specific updates in revision "8" of this guide:
OIM interface names have been corrected throughout the guide.
Preinstallation has been restructured.
Information pertaining to procedures performed on the target system has been replaced with a high-level summary in the following sections:
The following are documentation-specific updates in revision "7" of the guide:
The "Target systems", "JDK", and "SAP Governance, Risk and Compliance Access Control (GRC AC)" rows of Table 1-1 have been updated.
Information pertaining to SAP BusinessObjects Access Control 5.3 has been removed throughout the guide.
Information pertaining to SAP BusinessObjects Access Control 10 artifacts has been added throughout the guide.
Known Issues has been modified to remove all bugs that are no longer issues.
The following are documentation-specific updates in revision "6" of release 11.1.1.8.0:
The "Oracle Identity Manager" row of Table 1-1 has been updated.
Information specific to Oracle Identity Manager 11g Release 2 PS3 (11.1.2.3.0) has been added to Usage Recommendation.
The following is a documentation-specific update in revision "5" of release 11.1.1.8.0:
A "Note" has been added at the beginning of Extending the Functionality of the Connector.
The following are documentation-specific updates in revision "4" of release 11.1.1.8.0:
The "Connector Server" row has been added to Table 1-1.
In Table 1-6, the following rows have been modified:
AC Request Id[WRITEBACK]
UniqueID
Synchronizing the SAPUME Process Form and SAP AC UME Process Form with Target System Field Lengths has been added.
Performing the Postupgrade Steps has been added.
The connector version has been modified from "11.1.1.7.0" to "11.1.1.8.0" in Step 5.a of Upgrading the Connector.
A note has been added to Step 3.d of Section 2.1.2.1, "Creating a Target System User Account for Connector Operations."
The following is a documentation-specific update in revision "3" of release 11.1.1.7.0:
Step 3 of Section 2.1.2.1, "Creating a Target System User Account for Connector Operations" has been modified.
The following are documentation-specific updates in revision "2" of release 11.1.1.7.0:
There are no documentation-specific updates in this release.