Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Highlighted
nicolasosorio Regular Contributor.
Regular Contributor.
691 views

SAP Portal User Creation

Sap Portal version 4.0.2
No Remote Loader

Does anyone knows if it's possible to add the security policy attribute to the user creation request?

We have been looking for the way to add the attribute but we couldn't find anything in the driver's documentation.

These are the attributes we can see inside the user creation request

<spml:attributes>
<spml:attr name="objectclass">
<dsml:value xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">sapuser</dsml:value>
</spml:attr>
<spml:attr name="displayname">
<dsml:value xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">"surname" "givenName"</dsml:value>
</spml:attr>
<spml:attr name="firstname">
<dsml:value xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">givenName</dsml:value>
</spml:attr>
<spml:attr name="email">
<dsml:value xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">CN@mail.com</dsml:value>
</spml:attr><spml:attr name="lastname">
<dsml:value xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">Surname</dsml:value>
</spml:attr>
<spml:attr name="logonname">
<dsml:value xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">CN</dsml:value>
</spml:attr>
<spml:attr name="password">
<dsml:value xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">password</dsml:value>
</spml:attr>
<spml:attr name="islocked">
<dsml:value xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">FALSE</dsml:value>
</spml:attr>
</spml:attributes>
Labels (1)
0 Likes
5 Replies
Knowledge Partner
Knowledge Partner

Re: SAP Portal User Creation

On 3/12/2018 10:36 AM, nicolasosorio wrote:
>
> Sap Portal version 4.0.2
> No Remote Loader
>
> Does anyone knows if it's possible to add the security policy attribute
> to the user creation request?
>
> We have been looking for the way to add the attribute but we couldn't
> find anything in the driver's documentation.
>
> These are the attributes we can see inside the user creation request
>
> <spml:attributes>
> <spml:attr name="objectclass">
> <dsml:value
> xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">sapuser</dsml:value>
> </spml:attr>
> <spml:attr name="displayname">
> <dsml:value xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">"surname"
> "givenName"</dsml:value>
> </spml:attr>
> <spml:attr name="firstname">
> <dsml:value
> xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">givenName</dsml:value>
> </spml:attr>
> <spml:attr name="email">
> <dsml:value
> xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">CN@mail.com</dsml:value>
> </spml:attr><spml:attr name="lastname">
> <dsml:value
> xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">Surname</dsml:value>
> </spml:attr>
> <spml:attr name="logonname">
> <dsml:value
> xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">CN</dsml:value>
> </spml:attr>
> <spml:attr name="password">
> <dsml:value
> xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">password</dsml:value>
> </spml:attr>
> <spml:attr name="islocked">
> <dsml:value
> xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core">FALSE</dsml:value>
> </spml:attr>
> </spml:attributes>


The SAP driver is basically a shim that embeds some XSLT to convert XDS
to DSML for consumption by the SOAP listener on the Portal side.

I had an issue with password/oldpassword on password change. Knowing
this info helped.

You can try appending the XSLT directly into the document, or else do
the DSML conversion yourself, send it into the shim, the XSLT embedded
probably won't select it and I think will let it pass through, soo you
could do it all yourself in Policy/XSLT and sned it through. I think
they have the basic copy everything else in the XSLT. So you should be
good.

Or else, if you know the name of teh attribute, just try sending it
through, I think the shim will just copy every modify-attr into a DSML
node.


PS: What is the security attribute you are talking about?



0 Likes
nicolasosorio Regular Contributor.
Regular Contributor.

Re: SAP Portal User Creation

Thanks for the reply.

The security policy attribute I have mentioned refers to the different user types of SAP Portal.

Those are:

Default
Technical User
Internal Service User
0 Likes
Knowledge Partner
Knowledge Partner

Re: SAP Portal User Creation

On 3/12/2018 11:46 AM, nicolasosorio wrote:
>
> Thanks for the reply.
>
> The security policy attribute I have mentioned refers to the different
> user types of SAP Portal.
>
> Those are:
>
> Default
> Technical User
> Internal Service User


Do you know what its name might be, when referenced via DSML?

I do not recall if Refresh Application Schema works on this driver or
not, I am thinking NOT.

Hmm, how would you discover the name? I woudl ask the SAP critters what
they call it on their end, see if they can show you as granular as they
can, and try variants of that name?


0 Likes
nicolasosorio Regular Contributor.
Regular Contributor.

Re: SAP Portal User Creation

I am not pretty sure, but we have found something like this:

<spml:attr name="securitypolicy">
<dsml:value>technical</dsml:value>



Attribute ---------- Used by sapuser ------------- Comment

securityPolicy -------------- Yes -------------------- Specifies the type of the enabled security policies of the user (default, technical, unkown)
0 Likes
Knowledge Partner
Knowledge Partner

Re: SAP Portal User Creation

On 3/12/2018 3:24 PM, nicolasosorio wrote:
>
> I am not pretty sure, but we have found something like this:
>
> <spml:attr name="securitypolicy">
> <dsml:value>technical</dsml:value>
>
>
>
> Attribute ---------- Used by sapuser ------------- Comment
>
> securityPolicy -------------- Yes -------------------- Specifies the
> type of the enabled security policies of the user (default, technical,
> unkown)
>


So I think, simply do add dest attr securitypolicy with a value,
somewhere in the Sub Command Transform and let it flow.

If so, just send it away and it should work. Add it to the Filter if it
is syncing from IDV. Else inject it in a policy as appropriate.



0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.