지금 지원 담당자와 채팅
지원 담당자와 채팅

Identity Manager 9.2.1 - Administration Guide for Connecting to SAP R/3

Managing SAP R/3 environments Setting up SAP R/3 synchronization Basic data for managing an SAP R/3 environment Basic data for user account administration SAP systems SAP clients SAP user accounts SAP groups, SAP roles, and SAP profiles SAP products Providing system measurement data Reports about SAP objects Removing a Central User Administration Troubleshooting an SAP R/3 connection Configuration parameters for managing an SAP R/3 environment Default project templates for synchronizing an SAP R/3 environment Referenced SAP R/3 table and BAPI calls Example of a schema extension file

Project template for the CUA central system

Use the SAP R/3 synchronization (base administration) project template to synchronize a central user administration central system. The project template uses mappings for the following schema types.

Table 76: Mapping SAP R/3 schema types to tables in the One Identity Manager schema.
Schema type in the target system Table in the One Identity Manager Schema
ALE SAPMandant
CLIENT SAPMandant
Company SAPCompany
GROUP SAPGrp
LICENSETYPE SAPLicence
LicenceExtension SAPLicenceExtension
LoginLanguage SAPLoginLanguages
Parameters SAPParameter
Printer SAPPrinter
CUAProfile SAPProfile
ProfileInProfile SAPProfileInSAPProfile
ProfileInRole SAPProfileInSAPRole
PROFITCENTER SAPProfitCenter
CUARole SAPRole
RoleInRole SAPRoleInSAPRole
STARTMENUE SAPStartMenu
SAPTSAD3T SAPTitle
USER SAPUser
UserComFax SAPComFax
UserComPhone SAPComPhone
UserComSMTP SAPComSMTP
UserExtId SAPUserExtId
UserHasLicense SAPUserHasLicence
UserHasParameter SAPUserHasParameter
UserInGroup SAPUserInSAPGrp
UserInMandant SAPUserInSAPMandant
UserInCUAProfile SAPUserInSAPProfile
UserInCUARole SAPUserInSAPRole

Project template for CUA subsystems

Use the SAP R/3 (CUAClosed subsystem) project template to synchronize central user administration child systems that are not in the same SAP system. The project template uses mappings for the following schema types.

Table 77: Mapping SAP R/3 schema types to tables in the One Identity Manager schema.
Schema type in the target system Table in the One Identity Manager Schema
LICENSETYPE SAPLicence
LicenceExtension SAPLicenceExtension
LoginLanguage SAPLoginLanguages
CLIENT SAPMandant

Referenced SAP R/3 table and BAPI calls

The following overview provides information about all the tables in an SAP R/3 system referenced during synchronization and the BAPI calls have been carried out, apart from the BAPI calls from /VIAENET/.

Table 78: Referenced tables and BAPIs
Tables BAPI Calls
  • ADR2

  • ADR3

  • ADR6

  • ADRP

  • AGR_1016

  • AGR_AGRS

  • AGR_DEFINE

  • AGR_USERS

  • ANLA

  • ANLZ

  • AUTHX

  • CSKS

  • CSKT

  • DD02L

  • DD03L

  • DD03M

  • DD04L

  • DD04T

  • DD07L

  • HRP1000

  • HRP1001

  • PA0000

  • PA0001

  • PA0002

  • PA0007

  • PA0016

  • PA0034

  • PA0041

  • PA0105

  • PA0709

  • RSECUSERAUTH

  • RSECTXT

  • SEC_POLICY_CUST

  • SEC_POLICY_RT

  • T000

  • T001

  • T001P

  • T002

  • T591S

  • T500P

  • T548T

  • T77PR

  • T77UA

  • TACT

  • TACTT

  • TACTZ

  • TMENU01

  • TMENU01T

  • TMENU01R

  • TOBJ

  • TOBJT

  • TOBCT

  • TPARA

  • TSAD3

  • TSAD3T

  • TSAC

  • TSACT

  • TSP03

  • TSTC

  • TSTCT

  • TTREE

  • TTREET

  • TUPLT

  • TUTYP

  • TUTYPA

  • TUTYPPL

  • TUZUS

  • USGRP_USER

  • USGRPT

  • USL04

  • USLA04

  • USOBHASH

  • USOBT_C

  • USOBX_C

  • USR01

  • USR02

  • USR05

  • USR06

  • USR06SYS

  • USR10

  • USR11

  • USR12

  • USR21

  • USREFUS

  • USREXTID

  • USRSTAMP

  • USRSYSACTT

  • USRSYSPRF

  • USRSYSPRFT

  • UST04

  • UST10C

  • UST10S

  • UST12

  • USVART

  • USZBVLNDSC

  • USZBVLNDRC

  • USZBVSYS

  • V_USCOMPA

  • BAPI_USER_CREATE1

  • BAPI_USER_GET_DETAIL

  • BAPI_USER_CHANGE

  • BAPI_USER_DELETE

  • BAPI_USER_LOCK

  • BAPI_USER_UNLOCK

  • BAPI_USER_ACTGROUPS_ASSIGN

  • BAPI_USER_ACTGROUPS_DELETE

  • BAPI_USER_PROFILES_ASSIGN

  • BAPI_USER_PROFILES_DELETE

  • BAPI_USER_LOCACTGROUPS_READ

  • BAPI_USER_LOCACTGROUPS_DELETE

  • BAPI_USER_LOCPROFILES_READ

  • BAPI_USER_LOCPROFILES_DELETE

  • BAPI_USER_SYSTEM_ASSIGN

  • SUSR_USER_CHANGE_PASSWORD_RFC

  • BAPI_USER_LOCPROFILES_ASSIGN

  • BAPI_USER_LOCACTGROUPS_ASSIGN

  • RFC_READ_TABLE or /VIAENET/READTABLE

Example of a schema extension file

<?xml version="1.0" encoding="utf-8" ?>
<SAP>
    <Functions>
        <Function Definition = "USER GET" FunctionName="BAPI_USER_GET_DETAIL" OutStructure = "" Key ="USERNAME" X500 ="CN">
            <Mapping>
                <Data ParameterName = "USERNAME" PropertyName = "BNAME" />
            </Mapping>
        </Function>
        <Function Definition = "USER SET" FunctionName="BAPI_USER_CHANGE" OutStructure ="" Key ="USERNAME" X500 ="CN">
            <Mapping>
                <Data ParameterName = "USERNAME" PropertyName = "BNAME" />
            </Mapping>
        </Function>
        <Function Definition = "USER DEL" FunctionName="BAPI_USER_DELETE" OutStructure ="" Key ="USERNAME" X500 ="CN">
            <Mapping>
                <Data ParameterName = "USERNAME" PropertyName = "BNAME" />
            </Mapping>
        </Function>
        <Function Definition = "USER PROFILE SET" FunctionName="BAPI_USER_PROFILES_ASSIGN" OutStructure ="" Key ="USERNAME" X500 ="CN">
            <Mapping>
                <Data ParameterName = "USERNAME" PropertyName = "BNAME" />
                <Data ParameterName = "BAPIPROF~BAPIPROF" PropertyName = "$Value$" />
            </Mapping>
        </Function>
        <Function Definition = "BWProfileAdd" FunctionName="/VIAENET/SAPHR_RSECUSERAUT_ADD" OutStructure ="" Key ="ZUSRNAME,ZHIER" X500 ="CN,OU">
            <Mapping>
                <Data ParameterName = "ZUSRNAME" PropertyName = "UNAME" />
                <Data ParameterName = "ZHIER" PropertyName = "AUTH" />
            </Mapping>
        </Function>
        <Function Definition = "BWProfileDel" FunctionName="/VIAENET/SAPHR_RSECUSERAUT_DEL" OutStructure ="" Key ="ZUSRNAME,ZHIER" X500 ="CN,OU">
            <Mapping>
                <Data ParameterName = "ZUSRNAME" PropertyName = "UNAME" />
                <Data ParameterName = "ZHIER" PropertyName = "AUTH" />
            </Mapping>
        </Function>
        <Function Definition = "BWProfileDelFkt" FunctionName="/VIAENET/SAPHR_RSECUSERAUT_DEL" OutStructure ="" Key ="ZUSRNAME,ZHIER" X500 ="CN,OU">
            <Mapping>
                <Data ParameterName = "ZUSRNAME" PropertyName = "BNAME" />
                <Data ParameterName = "ZHIER" PropertyName = "$VALUE$" />
            </Mapping>
        </Function>
        <Function Definition = "BWProfileAddFkt" FunctionName="/VIAENET/SAPHR_RSECUSERAUT_ADD" OutStructure ="" Key ="ZUSRNAME,ZHIER" X500 ="CN,OU">
            <Mapping>
                <Data ParameterName = "ZUSRNAME" PropertyName = "BNAME" />
                <Data ParameterName = "ZHIER" PropertyName = "$VALUE$" />
            </Mapping>
        </Function>
    </Functions>
    <Tables>
        <TABLE Definition = "TUZUS-Table" TableName="TUZUS" Key="SONDERVERS" X500="CN" SQL="LANGU = sy-langu" Load="SONDERVERS,TEXTSVERS" />
        <TABLE Definition = "USR05-Table" TableName="USR05" Key="BNAME,PARID" X500="CN,OU" SQL="MANDT = '$MANDT$'" Load="BNAME,PARID,PARVA">
            <Mapping>
                <Data ParameterName = "$BNAME$" PropertyName = "BNAME" />
                <Data ParameterName = "$PARID$" PropertyName = "PARID" />
            </Mapping>
        </TABLE>
        <TABLE Definition = "USR04-Table" TableName="USR04" Key="BNAME,MANDT" X500="CN,OU" SQL="MANDT = sy-mandt" Load="" />
        <TABLE Definition = "RSECUSERAUTH-Table" TableName="RSECUSERAUTH" Key="UNAME,AUTH" X500="CN,OU" SQL="" Load="" />
        <TABLE Definition = "RSECUSERAUTH-SingleUser" TableName="RSECUSERAUTH" Key="AUTH" X500="CN" SQL="UNAME = '$BNAME$'" Load="">
            <Mapping>
                <Data ParameterName = "$BNAME$" PropertyName = "BNAME" />
            </Mapping>
        </TABLE>
    </Tables>
    <SAPExtendedSchematypes>
        <SAPExtendedSchematype Bem = "M:N, add/del - function" Name = "BWUserInBWP" DisplayPattern="%UNAME% - %AUTH%" ListObjectsDefinition = "RSECUSERAUTH-Table" ReadObjectDefinition = "RSECUSERAUTH-Table" InsertObjectDefinition = "BWProfileAdd" DeleteObjectDefinition = "BWProfileDel" />
        <SAPExtendedSchematype Bem = "simple read only table" Name = "LicenceExtension" DisplayPattern="%SONDERVERS%" ListObjectsDefinition = "TUZUS-Table" ReadObjectDefinition ="TUZUS-Table" InsertObjectDefinition = "" WriteObjectDefinition = "" DeleteObjectDefinition = "" ParentType = "SAPSYSTEM" />
        <SAPExtendedSchematype Bem = "Test" Name = "USERFunctionTable" DisplayPattern="%BNAME% (%MANDT%)" ListObjectsDefinition = "USR05-Table" ReadObjectDefinition ="USER GET" WriteObjectDefinition = "USER SET" DeleteObjectDefinition = "USER DEL" >
            <Properties>
                <Property Name = "SAPBWP" Description="all BW profiles of the user" ListFunction="RSECUSERAUTH-SingleUser" AddFunction="BWProfileAddFkt" DelFunction="BWProfileDelFkt" ReplaceFunction="" IsMultivalued = "true" />
                <Property Name = "USERPROFILE" Description="all profiles of the user" ListFunction="USR04-Table" AddFunction="" DelFunction="" ReplaceFunction="USER PROFILE SET" IsMultivalued = "true" />
            </Properties>
        </SAPExtendedSchematype>
    </SAPExtendedSchematypes>
</SAP>
Detailed information about this topic
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택