Table 39: Configuration parameters for notifications about actions in the target system
|
TargetSystem | SAPR3 | Accounts |
InitialRandomPassword | SendTo |
This configuration parameter specifies to which employee the email with the random generated password should be sent (manager cost center/department/location/business role, employee’s manager or XUserInserted). If no recipient can be found, the password is sent to the address stored in the “TargetSystem | SAPR3 | DefaultAddress” configuration parameter. |
|
TargetSystem | SAPR3 | Accounts |
InitialRandomPassword | SendTo |
MailTemplateAccountName |
This configuration parameter contains the name of the mail template sent to provide users with the login data for their user accounts. The Employee - new user account created mail template is used. |
|
TargetSystem | SAPR3 | Accounts |
InitialRandomPassword | SendTo |
MailTemplatePassword |
This configuration parameter contains the name of the mail template sent to provide users with information about their initial password. The Employee - initial password for new user account mail template is used. |
| TargetSystem | SAPR3 | DefaultAddress |
The configuration parameter contains the recipient's default email address for sending notifications about actions in the target system. |
You can configure the login information for new user accounts to be sent by email to a specified person. In this case, two messages are sent with the user name and the initial password. Mail templates are used to generate the messages. The mail text in a mail template is defined in several languages. This means the recipient’s language can be taken into account when the email is generated. Mail templates are supplied in the default installation with which you can configure the notification procedure.
To use email notifications about login data
- Ensure that the email notification system is configured in One Identity Manager. For more detailed information, see the One Identity Manager Installation Guide.
- In the Designer, set the Common | MailNotification | DefaultSender configuration parameter and enter the sender address for sending the email notifications.
- Ensure that all employees have a default email address. Notifications are sent to this address. For more detailed information, see the One Identity Manager Identity Management Base Module Administration Guide.
- Ensure that a language can be determined for all employees. Only then can they receive email notifications in their own language. For more detailed information, see the One Identity Manager Identity Management Base Module Administration Guide.
When a randomly generated password is issued for the new user account, the initial login data for a user account is sent by email to a previously specified person.
To send initial login data by email
- In the Designer, set the "TargetSystem | SAPR3 | Accounts | InitialRandomPassword" configuration parameter.
- In the Designer, set the "TargetSystem | SAPR3 | Accounts | InitialRandomPassword | SendTo" configuration parameter and enter the message recipient as value.
- In the Designer, set the "TargetSystem | SAPR3 | Accounts | InitialRandomPassword | SendTo | MailTemplateAccountName" configuration parameter.
By default, the message sent uses the mail template "Employee - new account created". The message contains the name of the user account.
- In the Designer, set the "TargetSystem | SAPR3 | Accounts | InitialRandomPassword | SendTo | MailTemplatePassword” configuration parameter.
By default, the message sent uses the mail template "Employee - initial password for new user account". The message contains the initial password for the user account.
TIP: To use custom mail templates for emails of this type, change the value of the configuration parameter.
NOTE: The Synchronization Editor sets up the SAP systems in the One Identity Manager database.
To edit an SAP system's master data
- Select the SAP R/3 | Systems category.
- Select an SAP system in the result list and run the Change master data task.
- Edit the system's master data.
- Save the changes.
Table 40: Master data for an SAP system
| Display name |
The SAP system's display name. |
| System number |
The SAP system number. |
| System measurement enabled |
Specifies whether system measurement for this system is carried out. One Identity Manager provides the measurement data but the actual system measurement takes place in the SAP R/3 environment. |
Related topics
NOTE: The Synchronization Editor sets up the clients in the One Identity Manager database.
To edit client master data
- Select the SAP R/3 | Clients category.
- Select the client in the result list. Select the Change master data task.
- Edit the client's master data.
- Save the changes.
Enter the following general master data on the General tab.
Table 41: General master data for a client
|
Client no. |
Number of the client. |
|
Name |
Client's name. |
|
System |
System to which the client belongs. |
|
Canonical name |
Client's canonical name. |
|
Company |
Company for which the client is set up. The company given here is used when a new user account is set up. |
|
City |
City where company resides. |
|
Has user administration |
Specifies whether the client is used for user administration.
If this option is set, the most significant license of the user account is used for system measurement. |
|
Account definition (initial) |
Initial account definition for creating user accounts. This account definition is used if automatic assignment of employees to user accounts is used for this client and if user accounts are to be created that are already managed (Linked configured). The account definition's default manage level is applied.
User accounts are only linked to the employee (Linked state) if no account definition is given. This is the case on initial synchronization, for example.
NOTE: If the status Child is assigned, no account definition should be assigned. |
|
Target system managers |
Application role, in which target system managers are specified for the client. Target system managers only edit the objects from clients to which they are assigned. A different target system manager can be assigned to each client.
Select the One Identity Manager application role whose members are responsible for administration of this client. Use the  button to add a new application role. |
|
Synchronized by |
NOTE: You can only specify the synchronization type when adding a new client. No changes can be made after saving.
If you create a client with the Synchronization Editor, One Identity Manager is used.
Type of synchronization through which data is synchronized between the client and One Identity Manager. Once objects are available for this client in One Identity Manager, the type of synchronization can no longer be changed.
If you create a client with the Synchronization Editor, One Identity Manager is used.
Table 42: Permitted values
| One Identity Manager |
SAP R/3 connector |
SAP R/3 connector |
| No synchronization |
none |
none |
NOTE: If you select No synchronization, you can define custom processes to exchange data between One Identity Manager and the target system. |
|
ALE name |
Name used to map the client as logical system in the SAP distribution model. |
|
ALE model name |
Name of the SAP distribution model that maps the relation between the logical systems of the central user administration. SAP roles and profiles of all child systems with the same ALE model name as the central system, are synchronized when the central system is synchronized. |
|
CUA status |
Client usage when the central user administration is in use. Possible values are Central and Child.
The value None indicates that the client is not being used in a central user administration. |
|
CUA central system |
Central system to which the client belongs. Assign the relevant system for clients with the CUA status Child. |
|
Description |
Text field for additional explanation. |
Related topics
