Chat now with support
Chat with Support

Identity Manager 8.1.5 - Administration Guide for Connecting to SAP R/3

Managing SAP R/3 environments Setting up SAP R/3 synchronization Basic data for managing an SAP R/3 environment Basic data for user account administration SAP systems SAP clients SAP user accounts SAP groups, SAP roles, and SAP profiles SAP products Providing system measurement data Reports about SAP systems Configuration parameters for managing an SAP R/3 environment Default project templates for synchronizing an SAP R/3 environment Referenced SAP R/3 table and BAPI calls Example of a schema extension file

Project template for the CUA central system

Use "SAP® R/3® synchronization (base administration)" to synchronize a central user administration central system. The template uses mappings for the following schema types.

Table 81: Mapping SAP R/3 schema types to tables in the One Identity Manager schema.
Schema type in the target system Table in the One Identity Manager Schema
ALE SAPMandant
CLIENT SAPMandant
Company SAPCompany
GROUP SAPGrp
LICENSETYPE SAPLicence
LicenceExtension SAPLicenceExtension
LoginLanguage SAPLoginLanguages
Parameters SAPParameter
Printer SAPPrinter
CUAProfile SAPProfile
ProfileInProfile SAPProfileInSAPProfile
ProfileInRole SAPProfileInSAPRole
PROFITCENTER SAPProfitCenter
CUARole SAPRole
RoleInRole SAPRoleInSAPRole
STARTMENUE SAPStartMenu
SAPTSAD3T SAPTitle
USER SAPUser
UserComFax SAPComFax
UserComPhone SAPComPhone
UserComSMTP SAPComSMTP
UserExtId SAPUserExtId
UserHasLicense SAPUserHasLicence
UserHasParameter SAPUserHasParameter
UserInGroup SAPUserInSAPGrp
UserInMandant SAPUserInSAPMandant
UserInCUAProfile SAPUserInSAPProfile
UserInCUARole SAPUserInSAPRole

Project template for CUA subsystems

Use the "SAP® R/3® (CUAClosed subsystem)" project template to synchronize central user administration child systems that are not in the same SAP system. The template uses mappings for the following schema types.

Table 82: Mapping SAP R/3 schema types to tables in the One Identity Manager schema.
Schema type in the target system Table in the One Identity Manager Schema
LICENSETYPE SAPLicence
LicenceExtension SAPLicenceExtension
LoginLanguage SAPLoginLanguages
CLIENT SAPMandant

Referenced SAP R/3 table and BAPI calls

The following overview provides information about all the tables in an SAP R/3 system referenced during synchronization and the BAPI calls that are executed.

Table 83: Referenced tables and BAPIs
Tables BAPI Calls

  • ADR2

  • ADR3

  • ADR6

  • ADRP

  • AGR_1016

  • AGR_AGRS

  • AGR_DEFINE

  • AGR_USERS

  • ANLA

  • ANLZ

  • AUTHX

  • CSKS

  • CSKT

  • DD02L

  • DD03L

  • DD03M

  • DD04L

  • DD04T

  • DD07L

  • HRP1000

  • HRP1001

  • PA0000

  • PA0001

  • PA0002

  • PA0007

  • PA0016

  • PA0034

  • PA0041

  • PA0105

  • PA0709

  • RSECUSERAUTH

  • RSECTXT

  • SEC_POLICY_CUST

  • SEC_POLICY_RT

  • T000

  • T001

  • T001P

  • T002

  • T591S

  • T500P

  • T548T

  • T77PR

  • T77UA

  • TACT

  • TACTT

  • TACTZ

  • TMENU01

  • TMENU01T

  • TMENU01R

  • TOBJ

  • TOBJT

  • TOBCT

  • TPARA

  • TSAD3

  • TSAD3T

  • TSAC

  • TSACT

  • TSP03

  • TSTC

  • TSTCT

  • TTREE

  • TTREET

  • TUPLT

  • TUTYP

  • TUTYPA

  • TUTYPPL

  • TUZUS

  • USGRP_USER

  • USGRPT

  • USL04

  • USLA04

  • USOBHASH

  • USOBT_C

  • USOBX_C

  • USR01

  • USR02

  • USR05

  • USR06

  • USR06SYS

  • USR10

  • USR11

  • USR12

  • USR21

  • USREFUS

  • USREXTID

  • USRSTAMP

  • USRSYSACTT

  • USRSYSPRF

  • USRSYSPRFT

  • UST04

  • UST10C

  • UST10S

  • UST12

  • USVART

  • USZBVLNDSC

  • USZBVLNDRC

  • USZBVSYS

  • V_USCOMPA

  • BAPI_USER_CREATE1

  • BAPI_USER_GET_DETAIL

  • BAPI_USER_CHANGE

  • BAPI_USER_DELETE

  • BAPI_USER_LOCK

  • BAPI_USER_UNLOCK

  • BAPI_USER_ACTGROUPS_ASSIGN

  • BAPI_USER_ACTGROUPS_DELETE

  • BAPI_USER_PROFILES_ASSIGN

  • BAPI_USER_PROFILES_DELETE

  • BAPI_USER_LOCACTGROUPS_READ

  • BAPI_USER_LOCACTGROUPS_DELETE

  • BAPI_USER_LOCPROFILES_READ

  • BAPI_USER_LOCPROFILES_DELETE

  • BAPI_USER_SYSTEM_ASSIGN

  • SUSR_USER_CHANGE_PASSWORD_RFC

  • BAPI_USER_LOCPROFILES_ASSIGN

  • BAPI_USER_LOCACTGROUPS_ASSIGN

  • RFC_READ_TABLE

Example of a schema extension file

<?xml version="1.0" encoding="utf-8" ?>

<SAP>

<Functions>

<Function Definition = "USER GET" FunctionName="BAPI_USER_GET_DETAIL" OutStructure = "" Key ="USERNAME" X500 ="CN">

<Mapping>

<Data ParameterName = "USERNAME" PropertyName = "BNAME" />

</Mapping>

</Function>

<Function Definition = "USER SET" FunctionName="BAPI_USER_CHANGE" OutStructure ="" Key ="USERNAME" X500 ="CN">

<Mapping>

<Data ParameterName = "USERNAME" PropertyName = "BNAME" />

</Mapping>

</Function>

<Function Definition = "USER DEL" FunctionName="BAPI_USER_DELETE" OutStructure ="" Key ="USERNAME" X500 ="CN" >

<Mapping>

<Data ParameterName = "USERNAME" PropertyName = "BNAME" />

</Mapping>

</Function>

<Function Definition = "USER PROFILE SET" FunctionName="BAPI_USER_PROFILES_ASSIGN" OutStructure ="" Key ="USERNAME" X500 ="CN">

<Mapping>

<Data ParameterName = "USERNAME" PropertyName = "BNAME" />

<Data ParameterName = "BAPIPROF~BAPIPROF" PropertyName = "$Value$" />

</Mapping>

</Function>

<Function Definition = "BWProfileAdd" FunctionName="/VIAENET/SAPHR_RSECUSERAUT_ADD" OutStructure ="" Key ="ZUSRNAME,ZHIER" X500 ="CN,OU">

<Mapping>

<Data ParameterName = "ZUSRNAME" PropertyName = "UNAME" />

<Data ParameterName = "ZHIER" PropertyName = "AUTH" />

</Mapping>

</Function>

<Function Definition = "BWProfileDel" FunctionName="/VIAENET/SAPHR_RSECUSERAUT_DEL" OutStructure ="" Key ="ZUSRNAME,ZHIER" X500 ="CN,OU">

<Mapping>

<Data ParameterName = "ZUSRNAME" PropertyName = "UNAME" />

<Data ParameterName = "ZHIER" PropertyName = "AUTH" />

</Mapping>

</Function>

<Function Definition = "BWProfileDelFkt" FunctionName="/VIAENET/SAPHR_RSECUSERAUT_DEL" OutStructure ="" Key ="ZUSRNAME,ZHIER" X500 ="CN,OU">

<Mapping>

<Data ParameterName = "ZUSRNAME" PropertyName = "BNAME" />

<Data ParameterName = "ZHIER" PropertyName = "$VALUE$" />

</Mapping>

</Function>

<Function Definition = "BWProfileAddFkt" FunctionName="/VIAENET/SAPHR_RSECUSERAUT_ADD" OutStructure ="" Key ="ZUSRNAME,ZHIER" X500 ="CN,OU">

<Mapping>

<Data ParameterName = "ZUSRNAME" PropertyName = "BNAME" />

<Data ParameterName = "ZHIER" PropertyName = "$VALUE$" />

</Mapping>

</Function>

</Functions>

<Tables>

<TABLE Definition = "TUZUS-Table" TableName="TUZUS" Key="SONDERVERS" X500="CN" SQL="LANGU = sy-langu" Load="SONDERVERS,TEXTSVERS" />

<TABLE Definition = "USR05-Table" TableName="USR05" Key="BNAME,PARID" X500="CN,OU" SQL="MANDT = '$MANDT$'" Load="BNAME,PARID,PARVA">

<Mapping>

<Data ParameterName = "$BNAME$" PropertyName = "BNAME" />

<Data ParameterName = "$PARID$" PropertyName = "PARID" />

</Mapping>

</TABLE>

<TABLE Definition = "USR04-Table" TableName="USR04" Key="BNAME,MANDT" X500="CN,OU" SQL="MANDT = sy-mandt" Load="" />

<TABLE Definition = "RSECUSERAUTH-Table" TableName="RSECUSERAUTH" Key="UNAME,AUTH" X500="CN,OU" SQL="" Load="" />

<TABLE Definition = "RSECUSERAUTH-SingleUser" TableName="RSECUSERAUTH" Key="AUTH" X500="CN" SQL="UNAME = '$BNAME$'" Load="" >

<Mapping>

<Data ParameterName = "$BNAME$" PropertyName = "BNAME" />

</Mapping>

</TABLE>

</Tables>

<SAPExtendedSchematypes>

<SAPExtendedSchematype Bem = "M:N, add/del - function" Name = "BWUserInBWP" DisplayPattern="%UNAME% - %AUTH%" ListObjectsDefinition = "RSECUSERAUTH-Table" ReadObjectDefinition = "RSECUSERAUTH-Table" InsertObjectDefinition = "BWProfileAdd" DeleteObjectDefinition = "BWProfileDel" />

<SAPExtendedSchematype Bem = "simple read-only table" Name = "LicenceExtension" DisplayPattern="%SONDERVERS%" ListObjectsDefinition = "TUZUS Table" ReadObjectDefinition ="TUZUS Table" InsertObjectDefinition = "" WriteObjectDefinition = "" DeleteObjectDefinition = "" ParentType = "SAPSYSTEM" />

<SAPExtendedSchematype Bem = "Test" Name = "USERFunctionTable" DisplayPattern="%BNAME% (%MANDT%)" ListObjectsDefinition = "USR05-Table" ReadObjectDefinition ="USER GET" WriteObjectDefinition = "USER SET" DeleteObjectDefinition = "USER DEL" >

<Properties>

<Property Name = "SAPBWP" Description="all the user's BW profiles" ListFunction="RSECUSERAUTH-SingleUser" AddFunction="BWProfileAddFkt" DelFunction="BWProfileDelFkt" ReplaceFunction="" IsMultivalued = "true" />

<Property Name = "USERPROFILE" Description="all the user's profiles" ListFunction="USR04-Table" AddFunction="" DelFunction="" ReplaceFunction="USER PROFILE SET" IsMultivalued = "true" />

</Properties>

</SAPExtendedSchematype>

</SAPExtendedSchematypes>

</SAP>

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating