# # Copyright (c) 2010-2016 Evolveum # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # sap.connector.display=SAP connector using Jco sap.config.loadBalancing=Load balancing sap.config.loadBalancing.help=If false (default), connect to application server gateway, else connect via message server sap.config.host=Host sap.config.host.help=SAP ABAP application server host or SAP ABAP message server host sap.config.port=Port sap.config.port.help=SAP ABAP application server port, default 3334 sap.config.user=User sap.config.user.help=Logon user sap.config.password=Password sap.config.password.help=Logon password sap.config.logonGroup=Logon group sap.config.logonGroup.help=SAP Logon group, default "SPACE" (applicable only if Load balancing is set to true) sap.config.systemId=r3Name sap.config.systemId.help=System ID of the SAP system (r3Name). sap.config.systemNumber=System number sap.config.systemNumber.help=System number of the SAP ABAP application server, default 00 sap.config.client=Client sap.config.client.help=SAP client sap.config.destinationName=Destination name sap.config.destinationName.help=Destination name, if empty, filled as systemId+systemNumber+client+user; sap.config.lang=Language sap.config.lang.help=SAP language, default "EN" sap.config.failWhenTruncating=Fail when truncating sap.config.failWhenTruncating.help=If true (default), throw exception when SAP truncate data, else only log as debug message sap.config.failWhenWarning=Fail when warning sap.config.failWhenWarning.help=If true (default), throw exception when SAP return warning, else only log as debug message sap.config.useTransaction=Use transaction sap.config.useTransaction.help=If true, use transaction when create/update users in SAP. Default is true. Use False only when you don't have apropirate permissions. sap.config.testBapiFunctionPermission=Test BAPI function permissions sap.config.testBapiFunctionPermission.help=If true, test BAPI function permissions what connector is use when you test connection. Default is true sap.config.tables=Table definitions sap.config.tables.help=Name and structure of SAP table to read, for example 'AGR_DEFINE as ACTIVITYGROUP=MANDT:3:IGNORE,AGR_NAME:30:KEY,PARENT_AGR:30' return first for columns from roles (activity groups), UID and Name contains MANDT:ARG_NAME as KEYs sap.config.tableParameterNames=Table parameter names sap.config.tableParameterNames.help=Parameter names of Type='Tables' what you need to parse and have it in account schema, defaults are: PROFILES, ACTIVITYGROUPS, GROUPS, see http://www.sapdatasheet.org/abap/func/BAPI_USER_GET_DETAIL.html sap.config.changePasswordAtNextLogon=Change password at next login sap.config.changePasswordAtNextLogon.help=If true, user after next SAP GUI logon must change his password (default is false) sap.config.alsoReadLoginInfo=Read login info sap.config.alsoReadLoginInfo.help=If true, for each account also run BAPI function SUSR_GET_ADMIN_USER_LOGIN_INFO to read LAST_LOGON_DATE, LOCK_STATUS, PASSWORD_STATUS (default is false) sap.config.useNativeNames=Use native names sap.config.useNativeNames.help=If true, instead of icfs:name and icfs:uid use native name, for example ri:USERNAME (default is false). If you change it, and you have existing user shadows, you must change it also. sap.config.poolCapacity=Max. connection pools sap.config.poolCapacity.help=Maximum number of idle connections. 0 = no connection pooling, default 1 sap.config.peakLimit=Peak limit sap.config.peakLimit.help=Maximum number of active connections, default 0 (unlimited) sap.config.sncLibrary=Path to SNC lib sap.config.sncLibrary.help=Path to library which provides SNC service sap.config.sncMode=SNC mode sap.config.sncMode.help=Secure network connection (SNC) mode, default 0 (off) or 1 (on) - create also .jcoDestination properties file sap.config.sncMyName=SNC name sap.config.sncMyName.help=Own SNC name sap.config.sncPartnerName=Partner name sap.config.sncPartnerName.help=SNC partner name sap.config.sncQoP=SNC QoP sap.config.sncQoP.help=SNC level of security, 1 to 9. sap.config.x509Cert=X509 certificate sap.config.x509Cert.help=X509 certificate for certificate based authentication sap.config.trace=JCo trace sap.config.trace.help=enable JCo trace, sample: 1 (default is null - disabled) sap.config.cpicTrace=CPIC trace sap.config.cpicTrace.help=enable CPIC trace, sample: 2 (default is null - disabled) sap.config.traceLevel=JCo trace level sap.config.traceLevel.help=values 0-10 (default 0) ( see https://wiki.scn.sap.com/wiki/display/ASJAVA/SAP+JCo+Introduction) sap.config.tracePath=JCo trace path sap.config.tracePath.help=location for trace files, sample: /tmp/saplogs sap.config.read.only.params=Rewrite-able Read Only Parameters sap.config.read.only.params.help=This rewrites Read Only Parameters which are used to restrict transfer of certain entities, sample values are : "ISLOCKED", "LASTMODIFIED", "SNC", "ADMINDATA", "IDENTITY" sap.config.hideIndirectActivitygroups=Hide indirect (ORG_FLAG not empty) ACTIVITYGROUPS sap.config.hideIndirectActivitygroups.help=This flag will hide indirect ACITIVITYGROUPS at accounts. The filtering will be done in the connector and not inside the SAP query. All ACITIVITYGROUPS where the "ORG_FLAG" field is not empty will not be shown in the shadow. sap.config.mergeAgrNameWithExistingAcitivitygroupsValue=Merge ACTIVITYGROUPS.AGR_NAME changes with ACTIVITYGROUPS data. sap.config.mergeAgrNameWithExistingAcitivitygroupsValue.help=Enable this configuration to merge changes to AGR_NAME with the actual values inside ACTIVITYGROUPS in the SAP. The current state of the user will be loaded from SAP and the existing data will be used if nothing has been provided by midpoint. To propagate actual changes in the ACTIVITYGROUPS from/to fields the change algorithm will check if the attributes from the midpoint are xml attributes. If yes it will simply use those values because they have the best accuracy. If not it will use the current data from the SAP for those values. sap.config.nonFatalErrorCodes=Non-fatal error codes sap.config.nonFatalErrorCodes.help=Specify which SAP error codes are considered as non-fatal in account update response. Such errors are marked as schema errors rather than generic errors and typically do not halt the processing of entire focus. Examples: 025, 410. sap.config.pwdChangeErrorIsFatal=Password change error fatal sap.config.pwdChangeErrorIsFatal.help=Specify how strictly should connector react to password change errors (e.g. user password is too short for SAP). Default is true - connector throws InvalidCredentialException errors that may be considered as fatal by IdM. When switched to false, password errors are returned as InvalidAttributeValueException that is more likely considered as non-blocking "soft" error. sap.config.baseAccountQuery=Base account list query sap.config.baseAccountQuery.help=Simple filter added to all account queries to limit the accounts read by BAPI_USER_GETLIST. Format is "option,parameter,value" (option means operator in sap language), commas are currently not escaped. "CP,USERNAME,PRE*" to limit all queries to all accounts with username prefix 'PRE'. sap.config.considerGlobalLock=Evaluate local AND global lock for account status sap.config.considerGlobalLock.help=Consider account GLOB_LOCK value as well as LOCAL_LOCK when evaluating whether account is enabled/disabled (default is false as not considering it may be a feature and not a bug)