SAP Protocol

Parameter

Description

Connection Timeout

Time-out in milliseconds after which the Probe stops trying to connect to the SAP console.

JCo version The version of the JCo connector. Default value : 2.x
User Name

The name of the user needed to log on to the SAP system. The user should have the following permissions:

Authorization Object: S_RFC

Authorization:  For the S_RFC object, obtain privileges: RFC1, SALX, SBDC, SDIF, SDIFRUNTIME, SDTX, SLST, SRFC, STUB, STUD, SUTL, SXMB, SXMI, SYST, SYSU, SEU_COMPONENT.

Authorization Object: S_XMI_PROD

Authorization: EXTCOMPANY=MERCURY; EXTPRODUCT=DARM;
INTERFACE=XAL

Authorization Object:S_TABU_DIS

Authorization: DICBERCLS=SS; DICBERCLS=SC

Password

The password of the user needed to log on to the SAP system.

SAP Client Number

It is recommended to use the default value (800).

SAP Instance Number

By default, set to 00.

SAP Router String

A route string describes the connection required between two hosts using one or more SAProuter programs. Each of these SAProuter programs checks its Route Permission Table (http://help.sap.com/saphelp_nw04/helpdata
/en/4f/992dfe446d11d189700000e8322d00/content.htm
) to see whether the connection between its predecessor and successor is allowed. If it is, SAProuter sets it up.

Note When the CyberArk integration is enabled, two radio buttons (Regular Credential and External Vault) are enabled. The existing Username and Password parameters are grouped under the Regular Credential radio button, and CyberArk integration specific parameters Type and Reference are enabled and grouped under the External Vault radio button, as described in the table below.

CyberArk-related Parameters

Parameter

Description

Regular Credential

Enabled when CyberArk integration is enabled. Select this radio button to use regular credential as before.

  • Username. See description above.
  • Password. See description above.

External Vault

Enabled when CyberArk integration is enabled. Select this radio button to use an external credential vault.

  • Type. The external vault type. Currently only CyberArk is supported.
  • Reference. Click to open the Configure dialog box.

    • Reference. Select this option to configure the Reference ID that will be used by UCMDB/UD to retrieve the passwords from the CyberArk Enterprise Password Vault when they are needed.

      Set the reference ID in the CyberArk Enterprise Password Vault in the following format: <Safe Name>\<Folder Path>\<Reference ID>.

      Where <Safe Name> is the Safe value in CyberArk, <Folder Path> is the folder where the Safe belongs to, and <Reference ID> is the name of the CyberArk account you specified or auto-generated in CyberArk.

      For example, NancySafe\Root\nancy-cyberark-testing-refid.

    • Parameter. Select this option to enable configuring a list of editable CyberArk properties as a query string for UCMDB/UD to retrieve passwords from the CyberArk Enterprise Password Vault.

      To configure a CyberArk property value, click in the Value column for the property, and specify the value in string.

      The CyberArk properties values must not contain any of the following characters: \/:*?"<>|'.;

      The out-of-the-box list of CyberArk properties displayed in the Configure dialog box is editable. You can set selected CyberArk properties as the default list using JMX method setGlobalSettingVaule. For instructions, see "How to Set a Default List of CyberArk Properties Using JMX" in the HPE Universal CMDB Data Flow Management Guide.

      • Regex. Enables configuring CyberArk properties values in regular expressions.

        For examples of how to use regular expression syntax, see "Regular Expression Examples" in the HPE Universal CMDB Modeling Guide.

        The CyberArk properties values in regular expression must not contain any of the following characters: : ;