5.1 Creating a Connector in the SAP GRC Access Control System

You must create a connector in the SAP GRC Access Control Compliant User Provisioning system to communicate with the Identity Vault:

  1. Log in to the SAP GRC Access Control system as an administrative user.

  2. Click the Configuration tab, then click Connectors > Create Connectors.

  3. Select IDM as the connector type.

  4. Use the following information to create the connector:

    Short Description: Specify a short description for the connector.

    Web Service URI: Specify a URI in the form http://host.port where the host and port values match the values in the Listening IP address and port driver parameter for the Publisher channel.

    User ID: Specify the value for the Authentication ID driver parameter for the Publisher channel. This value does not need to correspond with a real identity in either the Identity Vault or the GRC Access Control system.

    Password: Specify the value for the Authentication Password driver parameter for the Publisher channel.

  5. Use the following name-value pairs to populate the Parameter Names and Parameter Values section:

    Parameter Name

    Parameter Value

    ASSIGN_ROLES:OC

    SubmitRequest

    AUDIT_SEARCH_ATTRIBUTE

    requestid

    AUDIT_SEARCH_OPERATION

    operation=auditlog

    AUDIT_TYPE

    auditlogs

    CHANGE_USER:OC

    SubmitRequest

    CREATE_USER:OC

    SubmitRequest

    DATE

    time

    DELETE_USER:OC

    SubmitRequest

    LOCK_USER:Login Disabled

    true

    LOCK_USER:OC

    SubmitRequest

    OPERATION

    operation

    PROV_CALL

    Sync

    REQUEST_ID

    id

    REQUEST_STATUS

    result

    RESET_PASSWORD:OC

    SubmitRequest

    REST_PASSWORD:resetPassword

    true

    ROLE

    Group Membership

    SCHEMA_ID

    SubmitRequest

    SEARCH_CRITERIA

    searchBase

    UNLOCK_USER:Login Disabled

    false

    UNLOCK_USER:OC

    SubmitRequest

    USER_ID

    object-id

  6. Test the connection, the save the connector.