Skip to main content

SAP Portal Server

Connector name

agtsapume

Connector type

Executable

Type (UI field value)

SAP Portal Server (User Management Engine)

Target system versions supported / tested

The agtsapume connector is known to work with version 7.5 SPS 12 of SAP NetWeaver; other versions may work.

Connector status / support

Customer-Verified

Clients may contact Bravura Security support for assistance with this connector. Troubleshooting and testing must be completed in the client's test environment as Bravura Security does not maintain internal test environments for the associated target system.

The following Bravura Security Fabric operations are supported by this connector:

  • get server information

  • administrator reset password

  • enable account

  • disable account

  • check account enabled

  • create account

  • delete account

  • update attributes

  • list account attributes

  • add user to group

  • delete user from group

  • create group

  • delete group

  • List:

    • accounts

    • attributes

    • groups

    • members

For a full list and explanation of each connector operation, see Connector operations.

Configuring a target system administrator

Bravura Security Fabric uses a designated administrator account on the SAP Portal Server to perform operations. Create an account with appropriate permissions if one does not already exist.

Ensure that the following actions are assigned to the administrator account:

  • UME.Spml_Read_Action

  • UME.Spml_Write_Action

The Read action allows the administrator account to be able to conduct searches and read the schema of the Portal and the Write action provides full access to the SPML interface.

See the following SAP KBA for more details: https://me.sap.com/notes/1647157

Targeting SAP Portal Server

For each SAP Portal Server system, add a target system in Bravura Security Fabric (Manage the system > Resources > Target systems):

  • Type is SAP Portal Server (User Management Engine).

  • Address uses options described in the table below.

The full list of target parameters is explained in Target System Options .

The address has following syntax:

{server=<hostname>;[port=<port>;][ssl=<true|false>;][checkCert=<true|false>;]
  [proxy=<proxy>;][datasource=<datasource>;][enableOnUnlock=<true|false>;]
  [enableOnReset=<true|false>]}

Option

Description

Options marked with a redstar.png are required.

Server redstar.png

The IP address/domain name of the SAP Portal Server.

(key: server)

Port

The port number.

(key: port)

Connection over SSL

Select to enforce SSL connections. Default is "true".

(key: ssl)

Validate the server’s certificate when connecting

Determines whether to validate the server’s security certificate for SSL connections. Default is "true".

(key: checkCert)

HTTP Network Proxy

Proxy URL to use for connecting.

(key: proxy)

Data source

The data source of the SAP Portal database.

(key: datasource)

Enable on unlock

Enables support for the unlock operation, which the connector simulates by enabling the account.

(key: enableOnUnlock)

Enable on reset

Enables support for password reset which also enables the account.

(key: enableOnReset)

In this section: