Versions Compared

Old Version 1

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Navigate to Account Stores:

    • Go to Admin > Applications and Directories > Account Stores and Systems.

  2. Create Account Store:

    • Click on the Actions tab and select Create Account Store.

    • Search for Netweaver under System Types and select SAP NetWeaver.

  3. Enter Connection Details:

    • Fill in the following fields in the form:

      • Account Store Name: Provide a name for the account store.

      • Base URL: Enter the URL of the SAP NetWeaver system, including the port (e.g., https://YourSERVER).

      • Username: Enter the username with read and write access.

      • Password: Enter the password associated with the username.

  4. Submit: Click Submit to create the account store.

...

Step 4: SQL Configuration Scripts

Run the CreateSecurityBoundaryAttribute SQL script scripts in the below dropdown to create necessary attributes and configurations in the database.

Expand
titleView Script
Code Block
languagesql
--**************************** Create SecurityBoundaryAttribute ************************************

IF NOT EXISTS( SELECT * FROM [SecurityBoundaryAttribute] WHERE ObjectAttributeID = (SELECT TOP 1 [ObjectAttributeID] FROM [ObjectAttribute] WHERE Name = N'CustomAttribute26')  AND SecurityBoundaryTypeID = (SELECT TOP 1 [SecurityBoundaryTypeID] FROM [SecurityBoundaryType] WHERE Name = N'SAPNetWeaver') )  
INSERT INTO [SecurityBoundaryAttribute](
  [ObjectAttributeID],
  [SecurityBoundaryTypeID],
  [FriendlyName],
  [Name],
  [AttributeType],
  [BackLinkAttribute],
  [DirectoryDataType],
  [MaxLength],
  [MultipleValue],
  [AttributeFlowType],
  [AttributeFlowAssembly],
  [IsSearchable],
  [ConfigurationXml],
  [ModifiedDate],
  [CreatedDate],
  [DoNotAllowDelete],
  [ExtensionAttribute1],
  [ExtensionAttribute2],
  [ExtensionAttribute3],
  [ExtensionAttribute4],
  [ExtensionAttribute5],
  [ExtensionAttribute6],
  [ExtensionAttribute7],
  [ExtensionAttribute8],
  [ExtensionAttribute9],
  [ExtensionAttribute10],
  [ExtensionAttribute11],
  [ExtensionAttribute12],
  [ExtensionAttribute13],
  [ExtensionAttribute14],
  [ExtensionAttribute15],
  [SearchTerms])
VALUES(
  (SELECT TOP 1 [ObjectAttributeID] FROM [ObjectAttribute] WHERE Name = N'CustomAttribute26'),
  (SELECT TOP 1 [SecurityBoundaryTypeID] FROM [SecurityBoundaryType] WHERE Name = N'SAPNetWeaver'),
  N'salutation',
  N'salutation',
  N'string',
  NULL,
  N'DirectoryString',
  NULL,
  0,
  N'TheDotNetFactory.Framework.ClassLibrary.SalutationHandler',
  N'SNCNameAttributeHandler Version=4.0.180.1 Culture=neutral PublicKeyToken=2d2253f74d4496ef',
  0,
  NULL,
  CONVERT(DATETIME, '2022-03-29 14:14:43.407', 121),
  CONVERT(DATETIME, '2022-03-17 14:35:21.790', 121),
  0,
  NULL,
  NULL,
  NULL,
  NULL,
  NULL,
  NULL,
  NULL,
  NULL,
  NULL,
  NULL,
  NULL,
  NULL,
  NULL,
  NULL,
  NULL,
  N'salutation salutation Name_salutation salutation salutation FriendlyName_salutation')

-- Repeat for other attributes

--**************************** Insert ResourceSystemResourceType ************************************

INSERT INTO ResourceSystemResourceType(
  ResourceSystemID,
  ResourceTypeID,
  ResourceEntitlementProviderType,
  ResourceEntitlementProviderAssembly) 
VALUES
(ResourceSystemID, 2, 'TheDotNetFactory.Framework.ClassLibrary.SAPNetWeaverRetProvider', 'SAPPORetProvider Version=4.0.180.1 Culture=neutral PublicKeyToken=2d2253f74d4496ef' )

--**************************** Create Attribute Flow ************************************

EXEC Custom_AccountStoreObjectAttributeSync_VerifyByAccountStoreID {AccountStoreID}

--**************************** Update Attribute Flow to Outbound ************************************

UPDATE SecurityBoundaryType SET DefaultAccountClass = 'user', DefaultGroupClass = 'group' WHERE SecurityBoundaryTypeID = 64
UPDATE a SET a.AttributeSyncTypeID = 2  
FROM AccountStoreObjectAttributeSync a 
INNER JOIN AccountStore acc ON a.AccountStoreID = acc.AccountStoreID 
INNER JOIN SecurityBoundary sb ON acc.SecurityBoundaryID = sb.SecurityBoundaryID 
WHERE sb.SecurityBoundaryTypeID = 64

--**************************** Configure Set Group and Set ************************************

IF NOT EXISTS(SELECT * FROM [Resource] WHERE ResourceGUID = N'F064ED47-F7D2-42B0-B6B4-5BDAB5930873') 
INSERT INTO [Resource](
  [ResourceGUID],
  [ResourceSystemID],
  [ResourceTypeID],
  [FriendlyName],
  [Name],
  [Description],
  [BlockInheritance],
  [RiskFactor],
  [RelativePath],
  [AbsolutePath],
  [AbsolutePathHash],
  [ParentOU],
  [ParentOUHash],
  [ParentID],
  [InheritsPermissions],
  [SystemName],
  [SystemUniqueID],
  [ResourceClass],
  [ResourceGroupID],
  [SessionDirtyDate],
  [Icon],
  [SmallIcon],
  [ResourceEnforcementTypeID],
  [LastEnforceAttempt],
  [LastEnforceSuccess],
  [LastProjectAttempt],
  [LastProjectSuccess],
  [LastRightsInventoryAttempt],
  [LastRightsInventorySuccess],
  [DefaultUserCreationPath],
  [DefaultGroupCreationPath],
  [ResourceEntitlementPersonID],
  [ResourceEntitlementID],
  [ResourceEntitlementManual],
  [AssetCatalogItemID],
  [AssetTypeID],
  [AssetPersonID],
  [Deleted],
  [DeletedDate],
  [ExtensionAttribute1],
  [ExtensionAttribute2],
  [ExtensionAttribute3],
  [ExtensionAttribute4],
  [ExtensionAttribute5],
  [ExtensionAttribute6],
  [ExtensionAttribute7],
  [ExtensionAttribute8],
  [ExtensionAttribute9],
  [ExtensionAttribute10],
  [ExtensionAttribute11],
  [ExtensionAttribute12],
  [ExtensionAttribute13],
  [ExtensionAttribute14],
  [ExtensionAttribute15],
  [LicenseMode],
  [ConfigurationXml],
  [ModifiedDate],
  [CreatedDate],
  [OrganizationID],
  [IsTemplate],
  [TransitiveResourceGUID],
  [SearchTerms],
  [CreatedByPersonID],
  [RbacProcessed],
  [TagList],
  [TagListChanged],
  [TagListCompiled],
  [SearchTermsCompiled],
  [AccessRequestPolicyID],
  [KeyEntryName],
  [KeyEntryDescriptionName],
  [OwnerAssigneeID],
  [ValidityLastAttestationDate],
  [ValidityLastResourceAttestationSnapshotID])
VALUES(
  N'F064ED47-F7D2-42B0-B6B4-5BDAB5930873', 
  (SELECT TOP 1 [ResourceSystemID] FROM [ResourceSystem] WHERE Name = N'EmpowerID' AND CreatedDate = CONVERT(DATETIME, N'1980-01-01 00:00:00.000', 121)), 
  (SELECT TOP 1 [ResourceTypeID] FROM [ResourceType] WHERE Name = N'SetGroup'), 
  N'SAPPOProvisioningPolicySet', 
  N'SAPPOProvisioningPolicySet', 
  NULL, 0, NULL, 
  N'1_42_SAPPOProvisioningPolicySet', NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 1, NULL, CONVERT(DATETIME, '2022-03-04 16:29:19.083', 121), CONVERT(DATETIME, '2022-03-04 16:29:19.083', 121), N'5EB659C4-EF64-448A-8D32-8A45A70F184F', 0, NULL, NULL, N'9BAD13D4-577D-4BC3-B6B6-BD2B74A86714', 0, NULL, 0, 1, 0, N'2156D697-42C4-45D2-9F5C-98E51DE927D1', NULL, NULL, NULL, NULL, NULL)

IF NOT EXISTS(SELECT * FROM [SetGroup] WHERE SetGroupGUID = N'F064ED47-F7D2-42B0-B6B4-5BDAB5930873') 
INSERT INTO [SetGroup](
  [FriendlyName],
  [Name],
  [Description],
  [SetGroupGUID],
  [ResourceID],
  [CanBeAssigneeInRBAC],
  [ExtensionAttribute1],
  [ExtensionAttribute2],
  [ExtensionAttribute3],
  [ExtensionAttribute4],
  [ExtensionAttribute5],
  [ExtensionAttribute6],
  [ExtensionAttribute7],
  [ExtensionAttribute8],
  [ExtensionAttribute9],
  [ExtensionAttribute10],
  [ExtensionAttribute11],
  [ExtensionAttribute12],
  [ExtensionAttribute13],
  [ExtensionAttribute14],
  [ExtensionAttribute15],
  [RiskFactorTotal],
  [RiskFactorLastCalculated],
  [ConfigurationXml],
  [ModifiedDate],
  [CreatedDate],
  [Email],
  [OrganizationID],
  [FileFullExportPath],
  [FileDifferentialExportPath],
  [SearchTerms],
  [KeyEntryName],
  [KeyEntryDescriptionName])
VALUES(
  N'SAPPO Provisioning Policy Set', 
  N'SAPPOProvisioningPolicySet', 
  N'Created as a matching SetGroup for the SAPPOProvisioningPolicySet', 
  N'F064ED47-F7D2-42B0-B6B4-5BDAB5930873', 
  (SELECT TOP 1 [ResourceID] FROM [Resource] WHERE ResourceGUID = N'F064ED47-F7D2-42B0-B6B4-5BDAB5930873'), 
  0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, CONVERT(DATETIME, '2022-03-04 16:29:19.320', 121), CONVERT(DATETIME, '2022-03-04 16:29:18.763', 121), NULL, N'5EB659C4-EF64-448A-8D32-8A45A70F184F', NULL, NULL, N'SAPPOProvisioningPolicySet SAPPOProvisioningPolicySet Name_SAPPOProvisioningPolicySet SAPPO Provisioning Policy Set SAPPO Provisioning Policy Set SAPPO_spchar_Provisioning_spchar_Policy_spchar_Set FriendlyName_SAPPO Provisioning Policy Set SAPPO_spchar_Provisioning_spchar_Policy_spchar_Set Created as a matching SetGroup for the SAPPOProvisioningPolicySet Created as a matching SetGroup for the SAPPOProvisioningPolicySet Created_spchar_as_spchar_a_spchar_matching_spchar_SetGroup_spchar_for_spchar_the_spchar_SAPPOProvisioningPolicySet Description_Created as a matching SetGroup for the SAPPOProvisioningPolicySet Created_spchar_as_spchar_a_spchar_matching_spchar_SetGroup_spchar_for_spchar_the_spchar_SAPPOProvisioningPolicySet', NULL, NULL)

INSERT INTO [Set](
  [SetTypeID],
  [FriendlyName],
  [Name],
  [Description],
  [Filter],
  [Path],
  [ObjectTypeID],
  [AccountStoreID],
  [ConfigurationXml],
  [InProgress],
  [LockedByServer],
  [NextCompilationTime],
  [ScheduleInterval],
  [IsEnabled],
  [SessionDirtyDate],
  [ModifiedDate],
  [CreatedDate],
  [DoNotAllowDelete],
  [SearchTerms])
VALUES(
  (SELECT TOP 1 [SetTypeID] FROM [SetType] WHERE Name = N'SQL Query'), 
  N'SAPPO Provisioning Policy Set', 
  N'SAPPOProvisioningPolicySet', 
  N'SAPPO Provisioning Policy Set', 
  N'DECLARE @ResourceRoles tResourceRoleIDResourceID insert into @ResourceRoles (ResourceRoleID ResourceID) select D.ResourceRoleIDG.ResourceID from dbo.[Group] G (NOLOCK) inner join resourcerole D ON G.ResourceID = D.ResourceID WHERE G.Deleted =0 AND D.ResourceTypeRoleID IN(8102866) AND G.AccountStoreID = {AccountStoreID} SELECT PersonGUID Friendlyname FROM dbo.Person(NOLOCK) P inner join [func_PersonIDResourceRoleIDResourceID_GetByResourceRoleTable](@ResourceRoles) RR ON P.PersonID = RR.PersonID WHERE P.Deleted = 0 group by PersonGUID Friendlyname', 
  NULL, 
  (SELECT TOP 1 [ObjectTypeID] FROM [ObjectType] WHERE Name = N'EmpowerID Person'), 
  (SELECT TOP 1 [AccountStoreID] FROM [AccountStore] WHERE FQN = N'EmpowerID' OR NetBiosName = N'EmpowerID'), 
  NULL, 0, NULL, CONVERT(DATETIME '2022-03-10 21:43:18.223', 121), N'<Schedule StartDate="2022-03-04T00:00:00Z" PredefinedDate="2032-03-04T23:32:04.6141713+01:00" ExpirationDate="2119-08-23T00:00:00Z" IntervalMode="Hourly" Interval="24" IsPerpetual="true" ExecutionCount="6" ExecuteUntilCount="0"><TimesOfDay/><DaysOfWeek/><MonthsOfYear/><DaysOfMonth/></Schedule>' 1 NULL CONVERT(DATETIME '2022-03-09 21:53:12.250' 121) CONVERT(DATETIME '2022-03-04 16:23:17.187' 121) 0 N'SAPPOProvisioningPolicySet SAPPOProvisioningPolicySet Name_SAPPOProvisioningPolicySet SAPPO Provisioning Policy Set SAPPO Provisioning Policy Set SAPPO_spchar_Provisioning_spchar_Policy_spchar_Set FriendlyName_SAPPO Provisioning Policy Set SAPPO_spchar_Provisioning_spchar_Policy_spchar_Set ')

Inventory Configuration

After configuring the account store and resource system parameters, enable the inventory to start synchronizing data between SAP NetWeaver and EmpowerID.

...