Skip to main content

SAP Server

Bravura Security Fabric can perform operations as well as manage group membership for SAP systems using the agtsapnw (64bit) or agtsap (32bit) SAP connector.

Table 1. agtsapnw (64bit)

Connector name

agtsapnw

Connector type

Executable

Type (UI field value)

SAP Server (Netweaver 7.5+)

Target system versions supported / tested

Application users on SAP systems such as SAP S/4 HANA, ECC, or for R/3.

Supports the NetWeaver 7.5+ SDK that is currently supported by SAP.

To manage SAP HANA database users, use agthana instead; see SAP HANA Database .

Connector status / support

Bravura Security-Verified

This connector has been tested and is fully supported by Bravura Security.

Upgrade notes

The agtsapnw (64bit) connector should be used instead of the older agtsap (32bit) connector.

The agtsap connector is using a version of the API that SAP has deprecated and may no longer work with future updates from SAP. It is unknown how much longer SAP will have compatibility with the legacy API.

The original SAP RFC SDK (librfc32) that the agtsap connector uses has been deprecated and has been out of support since March 31st, 2016. The new agtsapnw connector transitions to the new SAP RFC NETWEAVER SDK (librfcnw).



Table 2. agtsap (32bit)

Connector name

agtsap

Connector type

Executable

Type (UI field value)

SAP Server

Target system versions supported / tested

Application users on SAP systems such as SAP S/4 HANA, ECC, or for R/3.

Does not support the NetWeaver 7.5+ SDK.

To manage SAP HANA database users, use agthana instead; see SAP HANA Database .

Connector status / support

Customer-Verified

Clients may contact Bravura Security support for assistance with this connector. Troubleshooting and testing must be completed in the client's test environment as Bravura Security does not maintain internal test environments for the associated target system.

Deprecation status

The agtsap connector is deprecated starting with Connector Pack 4.7.0 and will be removed for Connector Pack 4.9.0.

The agtsapnw (64bit) connector should be used instead of the older (32bit) connector.

Upgrade notes

The agtsap connector is using a version of the API that SAP has deprecated and may no longer work with future updates from SAP. It is unknown how much longer SAP will have compatibility with the legacy API.

The original SAP RFC SDK (librfc32) that the agtsap connector uses has been deprecated and has been out of support since March 31st, 2016. The new agtsapnw connector transitions to the new SAP RFC NETWEAVER SDK (librfcnw).



The following Bravura Security Fabric operations are supported by agtsapnw and agtsap:

  • get server information

  • administrator verify password

  • user change password

  • expire password

  • check password expiry

  • administrator reset password

  • administrator reset+expire password

  • unexpire password

  • create account

  • delete account

  • disable account

  • enable account

  • check account enabled

  • add user to group

  • delete user from group

  • update attributes

  • list account attributes

  • accounts

  • attributes

  • List:

    • accounts

    • attributes

    • groups

    • members

    Note

    The OSS Note 750_390 patch is applied for most SAP servers. If this patch has been applied on the SAP server, see Configuring the SAP server after applying OSS Note 750_390 regarding this patch and for additional configuration.

The following sections show you how to:

  • Prepare for SAP integration

  • Target the SAP server

  • Configure the SAP server after applying OSS Note 750_390

  • Take advantage of SAP load balancing

  • Create template accounts for SAP target systems

This chapter also describes how Bravura Identity handles special attributes, which are used when creating or modifying accounts on an SAP target.

In this section: