Targeting SAP Server
Target options vary depending on Connector Pack version.
Option | Added in Connector Pack |
|---|---|
Enable listing of group membership as attributes | 4.3.0 |
Trace Logging | 4.6.1 |
Engage RFC trace logging | 4.5.2, 4.7.0 |
For each SAP system, add a target (Manage the system > Resources > Target systems):
Type:
SAP Server (Netweaver 7.5+)
or
SAP Server
The target system address uses options described in the table below.
The syntax for the target address is:
{server=<hostname>; system=<systemNo>; client=<clientNo>; resetmethod=<option>; [usecuagroups=<true|false>;][nocache=<true|false>;][gettableswork=<true|false>;] [unlocktype=<option>;][listnestedagr=<true|false>;][listmemberattr=<true|false>;] [systemname=<name>;][cuaaddress=<address>;][cuasystem=<number>;] [cuaclient=<number>;][sncpartnername=<name>;][snclib=<library>;] [listuserselectionrange=<range>;][rfctrace=0|1][trace=low|medium|high;]}
The Administrator ID and Password are the login ID and password for the target system administrator you configured earlier.
For SAP versions older than SAP 7, the Program to set the case of new IDs is set to upper.pss.
The full list of target parameters is explained in Target System Options .
SAP Server address configuration
Option | Description |
|---|---|
Options marked with a | |
Server | The server name or IP address or the SAP server. If Bravura Security Fabric is using SAP’s load balancing capabilities, replace <hostname> with the necessary load balancing capabilities . (key: server) |
System number | The two-digit R/3 System ID (TCP/IP service). If Bravura Security Fabric is using SAP’s load balancing capabilities , this must be set to -1. (key: system) |
Client number | The client number used to logon to the SAP system. (key: client) |
SAP Basis version number | The SAP BASIS release number. This is separate from the SAP application and module versions.
(key: version) |
Method to make a password productive after a reset | Sets the method used to make a password productive after reset: Log the user in Set to this value when the OSS Note 750_390 patch has been applied on the SAP server. This is to log the user in via RFC to make the password productive. (value: loginreset) Set the LTIME field Set to this value if you are using a BASIS version before 7 and the OSS Note 750_390 is not applied on the SAP server. (value: ltime) Use the SUSR_USER_CHANGE_PASSWORD_RFC procedure Set to this value when this procedure is configured on the SAP server to reset a password. (value: susrchangepassword) Set PRODUCTIVE_PWD flag in BAPI_USER_CHANGE Sets the PRODUCTIVE_PWD flag for a password that is productive, to be used only when SNC (secure network communication) has been configured in SAP. (value: productivepwd) Do not make the password productive Set to this value to not make the password productive. (value: notproductive) (key: resetmethod) |
Use CUA groups | Enable when using central system groups when listing attributes. (key: usecuagroups) |
Disable SAP caching on BAPI calls to improve list performance | Enable to list users without cache. (key: nocache) |
Use gettableswork | Enable for Unicode systems. (key: gettableswork) |
Method used to determine lock type | Sets the behavior for unlocking an account: islocked Used for reset and create operations on an auto-locked account for a successful unlock. However, if the account is locked by an administrator it cannot be unlocked with this option. always Unlocks the account even if it is locked by an administrator. This is the default behavior. (key: unlocktype) |
Enable listing of nested roles, profiles, and t-codes as groups | This option is disabled by default. (key: listnestedagr) |
Enable listing of group membership as attributes | Implemented in Connector Pack 4.3. Disable to exclude listing group memberships.
(key: listmemberattr) |
Name of local client system | Only required if using the CUA central system to manage user roles during password changes. (key: systemname) |
Address of CUA central system | Only required if using the CUA central system to manage user roles during password changes. (key: cuaaddress) |
System number of the CUA central system | Only required if using the CUA central system to manage user roles during password changes. (key: cuasystem) |
Client number of the CUA central system | Only required if using the CUA central system to manage user roles during password changes. (key: cuaclient) |
SNC Partner name | The application server’s SNC name. (key: sncpartnername) |
SNC Library | The full path of the SNC library. (key: snclib) |
List user filtered with selection range | Filter users based on a selection range. (key: listuserselectionrange) |
Engage RFC trace logging | This option is to enable RFC trace diagnostics and logging. Default is 0 which means that logging is turned off. See the RFC Trace File for more information. (key: rfctrace) |
Trace Logging | Provides detailed multiline logging for connectors. Default is None. Other options include Low, Medium, and High. (key: trace) |
