SAP NetWeaver Identity Management Identity Services Configuration Guide

Similar documents
BIT460. SAP Process Integration Message Mapping COURSE OUTLINE. Course Version: 15 Course Duration: 3 Day(s)

SAP NetWeaver Identity Management Virtual Directory Server. Tutorial. Version 7.2 Rev 1. - Accessing databases

SAP NetWeaver Identity Management Identity Center Minimum System Requirements

EWM125. Labor Management in SAP EWM COURSE OUTLINE. Course Version: 16 Course Duration: 4 Hours

BC100. Introduction to Programming with ABAP COURSE OUTLINE. Course Version: 15 Course Duration: 2 Day(s)

Manual Activities of SAP Note Globalization Services, 2012/06/05

SAP BusinessObjects Predictive Analysis 1.0 Supported Platforms

PLM210. Master Data Configuration in SAP Project System COURSE OUTLINE. Course Version: 15 Course Duration: 2 Day(s)

Single Sign-on For SAP NetWeaver Mobile PDA Client

ADM950. Secure SAP System Management COURSE OUTLINE. Course Version: 10 Course Duration: 2 Day(s)

AC507. Additional Functions of Product Cost Planning COURSE OUTLINE. Course Version: 15 Course Duration: 2 Day(s)

Configuring relay server in Sybase Control Center

ADM900 SAP System Security Fundamentals

BC430 ABAP Dictionary

DEV523 Customizing and Extending PowerDesigner

BOC320. SAP Crystal Reports - Business Reporting and Report Processing Strategies COURSE OUTLINE. Course Version: 15 Course Duration: 3 Day(s)

BOCE20. SAP Crystal Reports for Enterprise: Advanced Report Design COURSE OUTLINE. Course Version: 15 Course Duration: 3 Day(s)

MDG100 Master Data Governance

BC410. Programming User Dialogs with Classical Screens (Dynpros) COURSE OUTLINE. Course Version: 10 Course Duration: 3 Day(s)

ADM920 SAP Identity Management

Duet Enterprise: Tracing Reports in SAP, SCL, and SharePoint

DS50. Managing Data Quality with SAP Information Steward COURSE OUTLINE. Course Version: 10 Course Duration: 2 Day(s)

ADM950. Secure SAP System Management COURSE OUTLINE. Course Version: 15 Course Duration: 2 Day(s)

NET311. Advanced Web Dynpro for ABAP COURSE OUTLINE. Course Version: 10 Course Duration: 4 Day(s)

SAP AddOn Quantity Distribution. by Oliver Köhler, SAP Germany

Visual Composer for SAP NetWeaver Composition Environment - Connectors

EP350. Innovated Content Management and Collaboration COURSE OUTLINE. Course Version: 10 Course Duration: 5 Day(s)

GRC100. GRC Principles and Harmonization COURSE OUTLINE. Course Version: 10 Course Duration: 2 Day(s)

ADM960. SAP NetWeaver Application Server Security COURSE OUTLINE. Course Version: 10 Course Duration: 5 Day(s)

BC404. ABAP Programming in Eclipse COURSE OUTLINE. Course Version: 15 Course Duration: 3 Day(s)

HA150 SQL Basics for SAP HANA

Visual Composer Modeling: Data Validation in the UI

How to Enable Single Sign-On for Mobile Devices?

ADM960. SAP NetWeaver Application Server Security COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day

ADM100 AS ABAP - Administration

BC480 PDF-Based Print Forms

AFA461 SAP Afaria 7.0 System Administration (SP03)

BOC310. SAP Crystal Reports: Fundamentals of Report Design COURSE OUTLINE. Course Version: 15 Course Duration: 2 Day(s)

Duplicate Check and Fuzzy Search for Accounts and Contacts. Configuration with SAP NetWeaver Search and Classification (TREX) in SAP CRM WebClient UI

BC405 Programming ABAP Reports

EDB785 SAP IQ Administration

EDB367. Powering Up with SAP Adaptative Server Enterprise 15.7 COURSE OUTLINE. Course Version: 10 Course Duration: 2 Day(s)

BC400 Introduction to the ABAP Workbench

How to Set Up Data Sources for Crystal Reports Layouts in SAP Business One, Version for SAP HANA

TBIT44 PI Mapping and ccbpm

BC400. ABAP Workbench Foundations COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day(s)

How to Download Software and Address Directories in SAP Service Marketplace

Crystal Reports 2008 FixPack 2.4 Known Issues and Limitations

EDB358. System and Database Administration: Adaptive Server Enterprise COURSE OUTLINE. Course Version: 10 Course Duration: 5 Day(s)

BC490 ABAP Performance Tuning

Testing Your New Generated SAP NetWeaver Gateway Service

How to Find Suitable Enhancements in SAP Standard Applications

SAP Afaria Post- Installation Part 1

Enterprise Search Extension for SAP Master Data Governance

TBW30 SAP BW Modeling & Implementation

SMP521. SAP Mobile Platform - Native and Hybrid Application Development COURSE OUTLINE. Course Version: 10 Course Duration: 5 Day(s)

How to Handle the System Message in SAP NetWeaver Mobile 7.1

Installing SAP NetWeaver Mobile Client (eswt) on a Storage Card

Upgrade MS SQL 2005 to MS SQL 2008 (R2) for Non-High-Availability NW Mobile ABAP System

EP200. SAP NetWeaver Portal: System Administration COURSE OUTLINE. Course Version: 10 Course Duration: 5 Day(s)

Quick View Insider: Understanding Quick View Configuration

EDB116. Fast Track to SAP Adaptive Server Enterprise COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day(s)

How to Work with Analytical Portal

BW310. BW - Enterprise Data Warehousing COURSE OUTLINE. Course Version: 10 Course Duration: 5 Day(s)

SAP NetWeaver Identity Management Identity Center. Implementation Guide. Version 7.1 Rev 2. - Self-service password reset

Visual Composer s Control Types

Visual Composer Modeling: Migrating Models from 7.1.X to 7.2.0

Quick View Insider Microblog: Why Is There No Inbox?

SMP541. SAP Mobile Platform 3.0 Native and Hybrid Application Development COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day(s)

HA200 SAP HANA Installation & Operations SPS10

TBIT40 SAP NetWeaver Process Integration

How to Package and Deploy SAP Business One Extensions for Lightweight Deployment

How to Guide to create Sample Application in IOS using SUP ODP 2.2

How to reuse BRFplus Functions Similar to R/3 Function Modules using BRF+ Expression Type Function Call

EDB377. Fast Track to SAP Replication Server Administration COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day(s)

BC401. ABAP Objects COURSE OUTLINE. Course Version: 15 Course Duration: 5 Day(s)

Building a Real-time Dashboard using Xcelsius and Data Integrator

Using JournalEntries and JournalVouchers Objects in SAP Business One 6.5

Message Alerting for SAP NetWeaver PI Advanced Adapter Engine Extended

How to Check or Derive an Attribute Value in MDG using BRFPlus

How to Access Images of SAP Netweaver Demo Model JAVA

How to Integrate Google Maps into a Web Dynpro ABAP Application Using the Page Builder

Obtain Configuration Parameters for LPD_CUST Provide the base path of your BSP application (1/2)

Quick View Insider: How Can I Change the Colors? (SNC 7.0)

Architecture of the SAP NetWeaver Application Server

SAP NetWeaver Identity Management Virtual Directory Server. Tutorial. Version 7.0 Rev 4. - Accessing LDAP servers

TBW60. BW: Operations and Performance COURSE OUTLINE. Course Version: 10 Course Duration: 5 Day(s)

Building Blocks of the SAP Fiori Launchpad. An introduction to all the components that comprise the Fiori Launchpad

NET312. UI Development with Web Dynpro for ABAP COURSE OUTLINE. Course Version: 10 Course Duration: 4 Day(s)

SAP NetWeaver Identity Management Virtual Directory Server. Tutorial. Version 7.0 Rev 4. - Joining data sources

Business Objects Integration Scenario 2

SAP BusinessObjects Dashboards 4.0 SAP Crystal Dashboard Design 2011 SAP Crystal Presentation Design 2011

OData Service in the SAP Backend System for CRUDQ Operations in Purchase Order Scenario

Certificate SAP INTEGRATION CERTIFICATION

The Dbmlsync API. A whitepaper from Sybase ianywhere Author: Joshua Savill, Product Manager Date: October 30 th, 2008

SAP ME Build Tool 6.1

SAP Plant Connectivity 2.2

SAP NetWeaver Identity Management Virtual Directory Server. Tutorial. Version 7.0 Rev 3. - Accessing databases

Web Dynpro: Column Coloring in ALV

BW Text Variables of Type Replacement Path

Transcription:

SAP NetWeaver Identity Management Identity Services Configuration Guide Version 7.2 Rev 3

2011 SAP AG. All rights reserved. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. Microsoft, Windows, Excel, Outlook, and PowerPoint are registered trademarks of Microsoft Corporation. IBM, DB2, DB2 Universal Database, System i, System i5, System p, System p5, System x, System z, System z10, System z9, z10, z9, iseries, pseries, xseries, zseries, eserver, z/vm, z/os, i5/os, S/390, OS/390, OS/400, AS/400, S/390 Parallel Enterprise Server, PowerVM, Power Architecture, POWER6+, POWER6, POWER5+, POWER5, POWER, OpenPower, PowerPC, BatchPipes, BladeCenter, System Storage, GPFS, HACMP, RETAIN, DB2 Connect, RACF, Redbooks, OS/2, Parallel Sysplex, MVS/ESA, AIX, Intelligent Miner, WebSphere, Netfinity, Tivoli and Informix are trademarks or registered trademarks of IBM Corporation. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. Adobe, the Adobe logo, Acrobat, PostScript, and Reader are either trademarks or registered trademarks of Adobe Systems Incorporated in the United States and/or other countries. Oracle and Java are registered trademarks of Oracle. UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group. Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered trademarks of Citrix Systems, Inc. HTML, XML, XHTML and W3C are trademarks or registered trademarks of W3C, World Wide Web Consortium, Massachusetts Institute of Technology. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer, StreamWork, SAP HANA, and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries. Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, Crystal Decisions, Web Intelligence, Xcelsius, and other Business Objects products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Business Objects Software Ltd. Business Objects is an SAP company. Sybase and Adaptive Server, ianywhere, Sybase 365, SQL Anywhere, and other Sybase products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Sybase, Inc. Sybase is an SAP company. All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary. These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.

i Preface The product The SAP NetWeaver Identity Management Identity Services provides web services access to identity information stored in an identity store in the Identity Center or some other application that can be accessed from the Virtual Directory Server. The Identity Services accepts SPML (Service Provisioning Markup Language) requests. It acts as an abstraction layer between identity services clients and the identity information. This reduces the complexity of access as much of the connection details (location, protocols, repository types and so on) are hidden from the clients. The reader This manual is intended for people who are to implement an Identity Services solution. Prerequisites To get the most benefit from this manual, you should have the following knowledge: Knowledge of the Identity Center. Knowledge of the Virtual Directory Server. Knowledge of deploying web services on SAP NetWeaver. The following software is required: SAP NetWeaver Identity Management Virtual Directory Server 7.2 SP3 or newer, correctly installed and licensed. SAP NetWeaver Identity Management Identity Center 7.2 SP3 or newer, correctly installed and licensed. One of the following SAP NetWeaver versions: SAP NetWeaver AS Java as of Release 7.0. Enhancement package 1 for SAP NetWeaver Composition Environment 7.1. SAP NetWeaver Composition Environment 7.2. SAP NetWeaver 7.3. The manual This document describes how you create and configure an Identity Services solution.

ii Related documents You can find useful information in the following documents: The tutorials for the Identity Center The tutorials for the Virtual Directory Server For documentation about the Software Deployment Manager (SDM), see http://help.sap.com/saphelp_nw70/helpdata/en/22/a7663bb3808c1fe10000000a114084/fra meset.htm. For information about Java Support Package Manager (JSPM) see EHP 1 for SAP NetWeaver CE 7.1: http://help.sap.com/saphelp_nwce711/helpdata/en/1f/c45b4211aac353e10000000a1550b 0/content.htm. SAP NetWeaver CE 7.2: http://help.sap.com/saphelp_nwce72/helpdata/en/4a/6885cf4ca75263e10000000a421937 /frameset.htm. SAP NetWeaver 7.3: http://help.sap.com/saphelp_nw73/helpdata/en/4a/6885cf4ca75263e10000000a421937/fr ameset.htm. Information about SPML, http://www.oasis-open.org/specs/index.php#spmlv1.0. For more documentation for SAP NetWeaver, see Help Portal (http://help.sap.com).

iii Table of contents Introduction... 1 Adding the configuration in the Virtual Directory Server... 2 Testing the configuration with LDAP clients... 6 Starting the server... 6 Configuring the internal LDAP browser and testing the configuration... 7 Performing the searches... 8 Testing the configuration with LDP... 11 Deploying the configuration on SAP NetWeaver... 14 Including the JDBC drivers... 14 Configuring the deployment... 16 Deploying the configuration... 17 Updating the deployed configuration... 20 Post-deployment... 21 Define Keys.ini file for application... 21 Testing the configuration using SPML... 22

iv

Introduction 1 Introduction This document describes the necessary steps needed to add the Identity Services configuration to the Virtual Directory, adapt this configuration and add a framework in the Identity Center that can be used to enable a provisioning solution implemented in the Identity Center for Identity Services. For overview information and available operations, see the document SAP NetWeaver Identity Management Identity Services: Architectural overview. Both the configuration in the Virtual Directory Server and the framework in the Identity Center are based on templates. When implementing a solution, it may be necessary to extend/modify the configuration created based on the template. In order to successfully implement an Identity Services solution, two components of the Identity Management are involved: Virtual Directory Server Accepts the identity service client's requests. Pre-process them before handing them over to configured back-ends. Accepts and post-process results before returning them to the client. Identity Center Performs the provisioning operations from the client's requests in the applications connected to the provisioning solution. The configuration process described in this document consists of: Adding the configuration in the Virtual Directory Server. Testing the configuration using LDAP clients. Deploying the configuration on SAP NetWeaver. Performing the post-deployment operations. Testing the configuration using SPML. Adding the provisioning framework to the Identity Center.

2 Adding the configuration in the Virtual Directory Server Adding the configuration in the Virtual Directory Server The first step is to add the configuration to the Virtual Directory Server. Here you specify how you connect to the Identity Center database you will use for the provisioning system. There are two possibilities: You can connect the Virtual Directory Server configuration to an Identity Center database with an existing provisioning system that you want to enable for Identity Services. You must add the Identity Services provisioning framework to be able to access the provisioning system via Identity Services. You can connect to an empty Identity Center database where you will later install the Identity Services provisioning framework and build a provisioning solution that you connect to the Identity Services provisioning framework. Do the following: 1. In the Virtual Directory Server console, choose File/New. Select "SAP NetWeaver 7.2" in the "Group" list and "Identity Service 72.xml" in the "Template" list. 2. Choose "OK".

Adding the configuration in the Virtual Directory Server 3 The template dialog box is displayed: Fill in the fields with the following information: Port Enter the port number that will be used when deploying the configuration as an LDAP server. Make sure that this port is not in use by another application on your system. It is recommended to test and verify the configuration (especially if additional tailoring of the template is done) using an LDAP client, before deploying configuration on NetWeaver. Identity Center URL Start the JDBC URL wizard by choosing " " to the right of the field. Enter the connection parameters to the Identity Center database you want to connect to. Use the <prefix>_rt user to access the database. Identity Store ID Enter the ID of the identity store that will be exposed through Identity Services. The template supports only one identity store, but this can be extended in the configuration. Path to Keys.ini Enter the path to the Keys.ini file, located in <Identity Center install directory>\key by default. GRC Repository Enter the correct ID of the GRC repository definition. Observe the ID in the "General" tab of the repository definition's details pane in the Identity Center Management Console (field "ID/Name"). Role Assignment Enter the correct task ID of the role assignment task (AC Callback Service). Observe the ID in the "Options" tab of the task's details pane in the Identity Center Management Console (field "Task ID/Name").

4 Adding the configuration in the Virtual Directory Server Role Definition The parameter holds the task ID of the role definition task. For future use, i.e. leave the default value (no need to change). Authenticated user (Login/Password) The template is designed so that users with anonymous login have access to all search functionality of the configuration, while only a single authenticated user is able to execute update operations. Enter a user name and password for the user that should be allowed full access (superuser/superuser by default). See the help file for the Virtual Directory Server for more information about user groups and users and how you can extend the template and to change the access privileges. 3. Choose "OK". The "Save" dialog box is displayed: Enter the name of the new configuration (for instance, IdServ72.xml). 4. Choose "Save".

Adding the configuration in the Virtual Directory Server 5 The resulting configuration is displayed in the Virtual Directory Server:

6 Testing the configuration with LDAP clients Testing the configuration with LDAP clients Before you proceed with deploying the configuration on SAP NetWeaver, it is recommended to test its basic operations and connectivity using an LDAP client. For that purpose you can use any LDAP client (for instance LDP, Softera, JExplore). Starting the server Start the server as an LDAP deployment in the following way: 1. Choose the "Operation" button to display the operation log. 2. Choose the "Start" button to start the server. Note: Depending on your settings, you may have to compile the extension class "attrclass" explicitly before starting the server, e.g. choose Server/Compile and start from the main menu. If the run-time environment is correct, the server will start listening on configured port. Verify that the log shows no error messages. If the log contains error messages, some typical error messages may be: The JDBC driver for the Identity Center database system (Microsoft SQL Server or Oracle) is not in the classpath for the Virtual Directory Server. If necessary, see the help file for details about how you add a JDBC driver to classpath. The selected port number is occupied. The port number can be changed by viewing the properties of the "main_listener" LDAP deployment. The extension class (attrclass) is not compiled.

Testing the configuration with LDAP clients 7 Configuring the internal LDAP browser and testing the configuration First, we use the built-in LDAP client to test the configuration. 1. Choose Tools/Browse LDAP to open built-in LDAP browser. 2. To test the configuration (and to perform a basic search operation), choose the "Wizard " button to open the "LDAP URL" dialog box: Enter the host name and port number you specified for the server. Enter operation=info as starting point. Leave the "Return attributes" field empty (meaning you will request all attributes). Search type: Not applicable Filter: Not applicable 3. Choose "OK".

8 Testing the configuration with LDAP clients 4. Choose "Search". If the configuration is correct, the following search result is displayed in the LDAP browser: Performing the searches You can now perform a set of search operations toward this server. There are several operations you can perform by entering different URLs. For all operations you can leave "Return attributes" field empty (meaning you will request all attributes). Performing a basic operation Specify the following URL: Starting point: operation=info Search type: Not applicable Filter: Not applicable

Testing the configuration with LDAP clients 9 The result should be as follows: Listing available systems Specify the following URL: Starting point: operation=listsystems Search type: Not applicable Filter: (objectclass=*)

10 Testing the configuration with LDAP clients The result should be as follows:

Testing the configuration with LDAP clients 11 Testing the configuration with LDP The Microsoft LDAP utility (LDP) is quite simple and easy to use. You can use it both for browsing as well as updating of the entries in the LDAP server. 1. Start LDP. 2. Choose Connection/Connect. Enter host name and port number you specified for the server. 3. Choose "OK". The following is displayed: 4. Choose Connection/Bind. Enter the user name and password for the user you specified when you created the configuration (superuser/superuser by default). Although we could have connected anonymously, we now use the credentials of the user with full access rights. 5. Choose "OK".

12 Testing the configuration with LDAP clients Note: Because of a known issue with LDP, this command may fail. If so, just repeat the procedure. Performing a basic operation To perform a basic operation from LDP: 1. Choose Browse/Search. Enter operation=info as "Base Dn". 2. Choose "Options". Remove any value in the "Attributes" field. Empty value here means that LDP always requests all attributes in all subsequent searches. 3. Choose "OK" to return to the "Search" dialog box. 4. Choose "Run". The result of this operation is exactly the same as the result obtained after successful connection.

Testing the configuration with LDAP clients 13 Listing available systems To list available systems: 1. Choose Browse/Search. Fill in operation=listsystems in the "Base Dn" field. 2. Choose "Run". The expected result is shown below:

14 Deploying the configuration on SAP NetWeaver Deploying the configuration on SAP NetWeaver This section describes how you deploy the configuration on the following SAP NetWeaver versions: SAP NetWeaver AS Java as of Release 7.0. EHP 1 for SAP NetWeaver CE 7.1. SAP NetWeaver CE 7.2. SAP NetWeaver 7.3. Note: Make sure that all extension classes are compiled before deploying. The following steps are necessary to deploy a configuration: Include the necessary JDBC drivers (in the Virtual Directory Server) Configure the deployment (in the Virtual Directory Server) Deploy the configuration Including the JDBC drivers When the Virtual Directory Server configuration is deployed on an SAP NetWeaver application server, we have to ensure that the classpath of the deployed configuration contains all necessary JDBC drivers (and any additional JAR files). It is not sufficient that the local configuration has a proper classpath. The necessary JDBC drivers must be added to the EAR file that is created by the Virtual Directory Server. This ensures that the JDBC drivers will be a part of its classpath when the configuration is deployed (even remotely).

Deploying the configuration on SAP NetWeaver 15 To ensure that necessary drivers are included in the created EAR file, do the following: 1. Choose Tools/Options and select the "Classpath" tab to view the JAR files defined for your configuration (here only the JAR file ojdbc14.jar): 2. Create a folder "lib" in the configuration's workspace (here C:\usr\sap\IdM\Virtual Directory Server\configurations\IdServ72). 3. Copy the defined JAR file(s) from the specified directory (-ies) to the created lib folder in the configuration's workspace.

16 Deploying the configuration on SAP NetWeaver Configuring the deployment To configure the deployment: 1. View the properties of the "Identity Service" web service deployment (select Deployments\Web service deployments\identity Service in the console tree and choose "Properties " from the context menu). Server Make sure that "NetWeaver" is selected. 2. Choose "Deploy". If you already specified a file name for the EAR file, this file name will be used. If not, you are prompted to specify this file name. The EAR file is created and is ready to be deployed using standard SAP deployment tools. An information dialog box appears: Choose "OK" to close the dialog box.

Deploying the configuration on SAP NetWeaver 17 Deploying the configuration If the Virtual Directory Server is not installed on the same server as your SAP NetWeaver, copy the EAR file so it is accessible from the SAP NetWeaver server. The deployment process is different, depending on the version of your SAP NetWeaver. SAP NetWeaver AS Java as of Release 7.0 To deploy the configuration (the EAR file) on SAP NetWeaver AS Java as of Release 7.0, use the Software Deployment Manager (SDM): 1. Start the Software Deployment Manager (SDM). 2. Connect to the SDM server choose or SDM Gui/Login to open a connection dialog box and enter the SDM server password, hostname and port before choosing "Login". Note: The following convention applies for the port: 5<J2EEinstance_number>18. For example, if your J2EE instance number is 15, the port is 51518. The SDM Server accepts only one user at a time. If somebody has already connected to it, you will receive an error message. 3. Choose "Login".

18 Deploying the configuration on SAP NetWeaver 4. Select the "Deployment" tab and choose "Add" button ( ). Browse to locate the EAR file you want to deploy. 5. Choose "Next" twice.

Deploying the configuration on SAP NetWeaver 19 6. Choose "Start Deployment". 7. When installed, choose "Confirm" and close the SDM application (choose to exit). The configuration is now deployed on your SAP NetWeaver. Proceed to performing the postdeployment operations described in section Post-deployment on page 20. EHP 1 for SAP NetWeaver CE 7.1/SAP NetWeaver CE 7.2/SAP NetWeaver 7.3 To deploy the configuration (the EAR file) on versions EHP 1 for SAP NetWeaver CE 7.1, SAP NetWeaver CE 7.2 and SAP NetWeaver 7.3, do the following: Convert the EAR file to SDA/SCA file. See SAP Note 1223957 for conversion description and access to the nwpacktool.zip attachment file (NetWeaver Packaging Tool) which can be used to create an SCA file from an EAR file. Use the Java Support Package Manager (JSPM) to deploy the generated SCA file on the SAP NetWeaver. Follow the listed deployment process relevant for your SAP NetWeaver version: Deploying on EHP 1 for SAP NetWeaver CE 7.1: http://help.sap.com/saphelp_nwce711/helpdata/en/45/23c35290e11ba3e10000000a1553 69/frameset.htm. Deploying on SAP NetWeaver CE 7.2: http://help.sap.com/saphelp_nwce72/helpdata/en/45/23c35290e11ba3e10000000a15536 9/content.htm. Deploying on SAP NetWeaver 7.3: http://help.sap.com/saphelp_nw73/helpdata/en/45/23c35290e11ba3e10000000a155369/ content.htm.

20 Deploying the configuration on SAP NetWeaver Note: If running your SAP NetWeaver AS Java on a UNIX/Linux machine, the Java Support Package Manager (JSPM) may not work properly (i.e. an unresponsive JSPM GUI). If you are experiencing this issue, see SAP Note 1013976 for more information and solution. When the configuration is deployed on your SAP NetWeaver, proceed to performing the postdeployment operations described in section Post-deployment on page 20. Updating the deployed configuration If the Virtual Directory Server is not installed on the same server as your SAP NetWeaver, copy the EAR file so it is accessible from the SAP NetWeaver server. The process of updating a deployed configuration is different, depending on the version of your SAP NetWeaver. SAP NetWeaver AS Java as of Release 7.0 Deploy the configuration as described for this SAP NetWeaver version in section Deploying the configuration on page 17. EHP 1 for SAP NetWeaver CE 7.1/ SAP NetWeaver CE 7.2/ SAP NetWeaver 7.3 To update the configuration on versions EHP 1 for SAP NetWeaver CE 7.1, SAP NetWeaver CE 7.2 and SAP NetWeaver 7.3, do the following: Convert the new EAR file to SDA/SCA file. See SAP Note 1223957 for conversion description and access to the nwpacktool.zip attachment file (NetWeaver Packaging Tool) which can be used to create an SCA file from an EAR file. Use the Java Support Package Manager (JSPM) to update with the new configuration (the generated SCA file) on the SAP NetWeaver: For EHP 1 for SAP NetWeaver CE 7.1: http://help.sap.com/saphelp_nwce711/helpdata/en/2e/03784278b66255e10000000a1551 06/content.htm. For SAP NetWeaver CE 7.2: http://help.sap.com/saphelp_nwce72/helpdata/en/4a/6daecb75884ca6e10000000a42189 b/content.htm. For SAP NetWeaver 7.3: http://help.sap.com/saphelp_nw73/helpdata/en/4a/6daecb75884ca6e10000000a42189b/ content.htm. Note: If running your SAP NetWeaver AS Java on a UNIX/Linux machine, the Java Support Package Manager (JSPM) may not work properly (i.e. an unresponsive JSPM GUI). If you are experiencing this issue, see SAP Note 1013976 for more information and solution.

Post-deployment 21 Post-deployment After the configuration is deployed on your AS Java, the following post-deployment operations should be performed: Define the correct path to Keys.ini file for your deployed application. Define Keys.ini file for application If handling encrypted data, as it usually is the case, it is important to define the correct Keys.ini file for your deployed application on the AS Java. Make sure that the correct and full path to the Keys.ini file is defined in the Propertysheet application.global.properties of application vds- <application_name> (here vds-ids72). Restart your application to apply the changes.

22 Testing the configuration using SPML Testing the configuration using SPML The Virtual Directory Server installation includes a simple SPML client that can be used to perform this test, but any SPML client can be used. 1. Choose All Programs/SAP NetWeaver Identity Management/Virtual Directory Server/Test Web Services Client to start the web service client. Select the "Connection" tab: Enter the URL on the format http://<ip of the NetWeaver server>:<port>/<application name>/router For instance: http://10.55.160.92:53000/ids72/router The server name and port number depends on the configuration of the SAP NetWeaver server where you have deployed the configuration. The application name used in the template for Identity Service was "ids72", but this can be configured to something else. This makes it possible to deploy multiple Identity Services, each with its own configuration and different application name. Add the application name defined when configuring the deployment (see page 16). Select "Basic" authentication with the correct credentials (superuser/superuser by default) for full access rights. Or select "Anonymous" authentication for read-only access rights.

Testing the configuration using SPML 23 2. Select the "SPML Request" tab: Enter the "Request ID" (optional). Enter operation=info as "Starting point". Select "No filter".

24 Testing the configuration using SPML 3. Choose "Send SPML request". The expected result is shown below (select the "Result" tab if necessary):

Testing the configuration using SPML 25 4. Select the "SPML Request" tab: Enter operation=listsystems as "Starting point". 5. Choose "Send SPML request".

26 Testing the configuration using SPML The expected result is shown below: Note: The parentheses are not part of the values.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback