Configuring additional datetime offset in connectors
Configuring additional datetime offset in connectors
-
Customer can configure additional datetime offset values for the connectors in order to help in synchronizing the objects in the Identity Manager where the objects found missing due to time zone differences between the target and the Identity Manager.
-
If the target returned data has offset included with datetime values and if a customer configures any valid offset value in the connector, then the target returned offset value will be replaced with the configured offset value.
-
The connector returns the datetimes in UTC format (yyyy-MM-ddTHH:mm:ssZ).
-
The datetime offset takes the format +/- HH:mm and the range offset values are -14:00 to +14:00, both inclusive.
-
The default value for the offset is 'Z' which is the UTC offset of 00:00.
How to Create custom attribute for Users in SuccessFactors portal
How to Create custom attribute for Users in SuccessFactors portal
To create a custom attribute (Users)
-
Under Admin center, go to Manage Business Configuration | Employee Profile | User Info | Create New.
-
Create new attributes and click on Save.
-
Under Employee Profile | View Template | sysUserDirectorySetting, click Details.
-
Find Userinfo Element, and add the new field.
Add the attributes you created.
-
Go to Configure People Profile under Admin Center and add the new field in Personal Information block of Talent Profile.
-
Add the newly created attribute in Add field and click Save.
-
In the Manage Permission Roles under Admin center, select the permission role System Admin | permission...| Employee Data | grant edit permission to newly created attribute under User Information and save.
The newly created attribute is visible in the response.
To add value to the custom attributes
-
Under Admin center, search for employee and select any employee whom you want to add the values for custom attributes.
-
Click on Talent Profile.
-
Go to Talent Profile | Personal information | click Show More and then click Edit.
-
Provide the value to the custom attribute field you created and click Save.
The newly created value for the attribute is visible in the response.
SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes
SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes
Steps to add custom fields at One Identity Manager for TimeZone attribute for Users
Synchronization of TimeZone attribute of User object at SAP Cloud for Customer Connector requires additional configuration at One Identity Manager. This will not be included in the default mapped attributes at One Identity Manager as part of the synchronization project creation. In order to attain this requires a custom mapping with a custom string field. TimeZone attribute often holds longer values than the default custom fields which are 64 char in length. Also these are readOnly fields and can not be modified. Hence the option to overcome this situation is creating a custom string field with 256 char in length.
Steps to create a custom field with 256 char length using Schema Extension
-
Open Schema Extension tool.
-
Login using database credentials.
-
In the Select Method select the option Extend Table.
-
In the Extend table window, select CSMUser table and click Next.
-
In the Configure columns window, click Create New column (+).
-
In the Create new column window, enter a name for the column.
-
In the Configure columns window, select the data type as string from the Data type list, 256 as length and click Next.
-
In the Access permissions window, add appropriate permissions and click Next.
-
Click Finish after the compilation is done.
-
Repeat the steps from 4 to 9 for UCIUser table.
Steps to configure the mapping in Synchronization Editor
-
Open the Synchronization Editor tool.
-
Open the specific synchronization project.
-
Navigate to Configuration | One Identity Manager Connection |Update Schema.
-
Go to Mapping.
-
Select Users mapping.
-
Map the attribute with the newly created custom field.
-
Commit the database.
-
Activate the project.
-
Run full synchronization.
-
Open Manager tool and verify the values appeared in newly added custom field.
Steps to add custom fields at One Identity Manager for Role attribute for Users
Synchronization of Roles attribute of User object at SAP Cloud for Customer Connector requires additional configuration at One Identity Manager. This will not be included in the default mapped attributes at One Identity Manager as part of the synchronization project creation. In order to attain this requires a custom mapping with a custom multi value field. Roles attribute often holds multi values . Hence the option to overcome this situation is creating a custom field for multi value attribute.
Steps to create a custom field using Schema Extension
-
Open Schema Extension tool.
-
Login using database credentials.
-
In the Select Method select the option Extend Table.
-
In the Extend table window, select CSMUser table and click Next.
-
In the Configure columns window, click Create New column (+).
-
In the Create new column window, enter a name for the column.
-
In the Configure columns window, select the data type as string from the Data type list, and click Next.
-
In the Access permissions window, add appropriate permissions and click Next.
-
Click Finish after the compilation is done.
-
Repeat the steps from 4 to 9 for UCIUser table.
Steps to making changes in Designer Tool for newly created custom field
-
Open Designer tool.
-
Login using database credentials.
-
Go to One Identity Manger Schema.
-
Select CSMUser from Table.
-
In the Task pane select Show Table Definition under Schema Editor.
-
In the List select newly created field.
-
Go to More tab under Column Properties.
-
Select Multi-value column checkbox.
-
Commit the database.
-
Repeat the steps from 3 to 9 for UCIUser table.
-
Go to Database menu and select Compile Database.
-
Go to Process Orchestration present in left bottom pane.
-
Select UCI_UCIUser_Update from Processes Table.
-
In the Task pane select Edit Process 'UCI_UCIUser_Update' under Process Editor.
-
Select 'PUT/PATCH' user' and navigate to bottom section 'Parameters'.
-
Double click on ForceSyncOf to edit Parameter.
-
Provide value template as Value = "Custom Field" (Example: Value = "CCC_Roles").
-
Commit the database.
-
Go to Database Menu and select Compile Database.
Steps to configuring the mapping in Synchronization Editor
-
Open the Synchronization Editor tool.
-
Open the specific synchronization project.
-
Navigate to Configuration | One Identity Manager Connection |Update Schema.
-
Go to Mapping.
-
Select Users mapping.
-
Map the attribute with the newly created custom field.
-
Commit the database.
-
Activate the project.
-
Run full synchronization.
-
Open Manager tool and verify the values appeared in newly added custom field.
Creating a Service Principal for the Azure Infrastructure Connector
Creating a Service Principal for the Azure Infrastructure Connector
Use Azure CLI by accessing https://shell.azure.com , select "Bash" console.
Use the command
az ad sp create-for-rbac -n "{sp_name}" --role Reader --scopes /
to create a Service Principal with reader role for Root Scope.
Collect the values for "appId", "password" and "tenant" from the Azure CLI command response for "Client Id", "Client Secret" and "Tenant Id" respectively.
NOTE: To support Write operations, the service principal needs to have 'owner' role.