Skip to main content

Preparation

Before Bravura Security Fabric can manage database-level accounts or passwords in a SAP ASE database, you must:

  1. Install the client software

  2. Configure a target administrator

  3. Create at least one template account

    Note

    The following instructions are for ASE version 12.5.1. Details may vary depending on your version of the software.

Installing client software

Bravura Security Fabric communicates with the SAP ASE server via the TDS protocol. Before you can target SAP ASE, you must install the ASE PC Client software (typical install) on the Bravura Security Fabric server.

SAP ASE 15 or later supports the DB-lib and requires libsybdb.dll to be in the system path. SAP ASE 12.5 or earlier supports the CT-lib and requires libsybcs.dll to be in the system path.

Using the Dsedit utility on the Bravura Security Fabric server, add a connection for each SAP ASE server you want to manage. To do this:

  1. Open the Dsedit utility. This program configures your client to connect to SAP ASE instances.

    Another window, titled Select Directory Service, may appear depending on your client.

  2. Select InterfacesDriver, then click OK.

  3. Select Server Object > Add from the toolbar.

  4. Enter a name for the SAP ASE server and then click OK. Remember this server name, as it will be used later by Bravura Security Fabric to target the server.

  5. Double-click the Server Address for the server you just added. In the Network Address Attribute window, click Add.

  6. Select TCP and then type the address to the server in the format:

    <host name>,<portnumber>

    For example, type sybasesrv,5000 .

    Note

    It is recommended that the Bravura Security Fabric server be rebooted after the installation of the SAP (Sybase) client software. This is to ensure that the new SAP (Sybase) environment variables are properly recognized by IIS.

    Defining a connection isn’t required if the SAP (Sybase) server will be targeted using server name and port number. It’s only required when targeting using server name only.

Configuring a target system administrator

Bravura Security Fabric uses a designated account (for example, psadmin) on the SAP ASE target system to manage accounts.

The target system administrator must have the site security officer (sso_role) and system administrator (sa_role) roles. Ensure that you set and note the account’s password. You will be required to enter the login ID and password when you add the SAP ASE target system to Bravura Security Fabric .

Creating a template account

Bravura Security Fabric uses template accounts as models or "blueprints" for creating new SAP ASE accounts. The following example illustrates how you can create a template account on your SAP ASE server:

  1. Open SAP (Sybase) Central Java Edition.

  2. Connect to SAP ASE using your target system administrator account.

  3. Under the specified server, select the Logins folder.

  4. On the right side panel, double-click on Add login.

  5. Enter the name, password, and confirm password for the new login.

  6. Select Next and then enter the account’s default database, language, and full name if required.

  7. Select the database(s) accounts created from this template that the user will have access to. Click Next , then Finish.

See your systems administrator or SAP ASE documentation for more information if required.

In this section: