The virtual Directory Server is the LDAP interface between the SAP Identity Management and the SAP HCM in the standard scenario. In this blog I will shortly show how to integrate the SAP HCM to the SAP IdM and explain the three possibilities to do that.
Registering the RFC Server Module as an RFC Destination In the SAP application, go to transaction SM59. Expand the TCP/IP connections directory. Click the Registration Server Program radio button in the Activation Type pane. Set the Program ID in the Start on Application Server pane.
1. Scenario
With the access to HR master records, SAP IdM can automatically distribute these information to the target systems, e.g. when creating SAP users after an approval of the supervisor. In addition, users can automatically be linked to roles based on organizational structures. Triggers based on HR actions can be implemented, e.g. deactivating users on the leave-date.
This scenario is also described in the following guide (Appendix E):
In this chapter I want to highlight the most important steps:
First step is to configure the HCM export. To export data from SAP HCM it’s necessary to create a query (Transaction SQ01). You can use the query “LDAPEXTRACT46C“ as template. So you only have to customize the attribute mapping for your needs.
Next activity should be the creation of the RFC connection. Therefor use transaction “LDAP”. SAP recommended to start the connection name with “LDAP”.You also have to configure the “LDAP Connector” and the “LDAP Server”. The attribute mapping can be imported with the provided *.xml file in the “LDAP Server” configuration (HCM Ldap Mapping.xml).
On the other side we have to configure the staging area in the SAP Identity Management. Therfor import the provided staging area *.mmc file from “D:sapidmidentity centerTemplatesIdentity CenterSAP Provisioning framework”. This staging area is an own identity store where the users from HCM will be imported.
Finally the provided HCM configuration for the VDS should also be created and configured.
Now you can execute the HCM export and the user data will be written into the staging area over the virtual directory server as LDAP interface for the HCM.
2. Scenario
The other variant is to read data directly from the SAP tables.
The alternative to the shown „standard“HCM integration is to read the information from SAP tables with the standard IdM connector and write them directly into the identity store.
![Sap Rfc Connection Program Idm Sap Rfc Connection Program Idm](https://cdn.guru99.com/images/sap/2013/04/041213_0632_RFC2.png)
The advantages for this kind of HCM integration is that there will be less interfaces to configure and no VDS will be needed. Also the performance will be much better than in the standard scenario.
But most of the HR Departments are not amused of pulling data from SAP tables. They prefer to push the data via report.
3. Scenario
The third variant is with PI as interface between SAP IdM and HCM.
For detailed information about this scenario please read these blogs:
SAP BW Source Editor (Connection Manager Page); 4 minutes to read; Contributors. Enter the Program ID that is associated with the RFC destination.
Download 2014 Turbotax on this page. • In SAP, enter transaction code SM59. • Click the Create icon. • Name the RFC destination (use the driver’s logical system name, such as, DRVCLNT100.) • Select T as the connection type (for a TCP/IP connection.) • Add a description for the destination (such as JCo Server in IDM User Driver.) • Save your entry. • Select the option for Registration or Registered Server Program. Type the program ID to be used for the driver. In the driver packages, this value is set to IDMUser100.
• (Conditional) If the SAP server is configured to use a Unicode database, complete the following steps. • Select the physical directory. This is the directory where you want IDocs placed. You might need to create this directory. Type the directory where the outbound files are written, for example: sapdev nov sys global sapndsconnector. • Type the function module name. This names the IDoc file in a specific format.
Use the following format: EDI_PATH_CREATE_CLIENT_DOCNUM. • Save your changes. You do not need to configure the other three tabs for the port properties (outbound:trigger, inbound file, and status file).