Monday, 9 April 2018

Overview of SAP NetWeaver IdM

First, we’ll look at the background for integrating an IdM solution with an SAP NetWeaver portfolio, and learn about the history of user administration in SAP environments. Then we’ll discuss the system components within the SAP NetWeaver IdM architecture and consider the basic concepts of data modeling in connection with the standard data model. From there, you’ll learn about the availability and functioning of the adapters provided by the data synchronization and provisioning framework.

SAP IdM History

Since R/3 Release 4.5B or 4.6C, the Central User Administration (CUA) has been a tool for the central administration of user information and related authorization information in SAP ABAP landscapes. The CUA uses the Application Link Enabling (ALE) mechanisms that exist for data distribution using intermediate documents (IDocs). By means of ALE, you can transfer user data and their assigned authorization roles in defined message types to the connected CUA child systems and — depend on the Customizing settings — you can create a flow back to the locally maintained attributes from the child systems.

On May 14, 2007, Computerwoche, a German information technology (IT) magazine, wrote: “IdM systems in complex application environments are used to comprehensively handle user and access authorizations. On the one hand, this decreases the administration costs, and, on the other hand, increases the security. Because in service-oriented environments many different software components, enterprises (vendors, customers, and partners), as well as end users interact with one another, the demand for IdM increases.” SAP NetWeaver IdM has considered the role of the CUA with an improved functional scope through approval workflows, reporting functionality, the use of complex role models, and rule sets for automating authorization management, and adapters for connecting additional applications. The functions provided by SAP NetWeaver IdM can be summarized as follows:

    Process control
    Automated and rule-based provisioning
    Password management
    Reporting and audit

SAP IdM Architecture

SAP NetWeaver IdM consists of two initially independent components: Identity Center (IC) and the SAP Virtual Directory Server (VDS). IC and its data model, which you can enhance using the administration console, are based on a relational database and forms the core of the IdM system. It produces the basic functions. Compared to a pure directory service, the use of a relational database provides transactional security. In a directory service, you always store the current representation of an object in the form of a flat list of attributes, whereas a relational database also allows you to store historic values and connect additional data, for reporting purposes, for example.
The SAP Virtual Directory Server, still, provides functionality for central and virtualized real-time access to multiple data sources in the form of middleware with special transformation functions — such as the transformation of attribute values or improvement from other data sources at the time of query — and the support of specific protocols that are common in the IdM environment, such as LDAP and Service Provisioning Markup Language (SPML). This applies to access to external data sources (from the IC view) and access to identity data that is administrated in IC

Identity and Access Management Methodology

1.    Inventory

Gather information about users, access requirements, and applications & data

2.    Create

Future state roadmap, associating user groups with access controls and designing operational support and workflow processes.

3.    Deploy

Begin distributing access to systems and data utilizing new processes and workflows.

4.    Optimize

Deploy automated and selected processes only after the steady state has been achieved.

5.    Report

Advantage investment to satisfy reporting requirements for a constitution and internal controls.

SAP IDM Architecture


Vintage IT Solutions serves best SAP Online Training. We also provide SAP server access, SAP corporate training, and SAP offshore support. SAPVITS brings to you its knowledge and expertise of over 18+ years’ in SAP online training and SAP consultancy. We mainly concentrate on 

The SAP IDM Course is suitable for Freshers wanting to get highly paid jobs. SAP IDM Online Training is available in several approaches. Contact us for more details regarding SAP Online Training in USA.