Overview of SAP NetWeaver IdM
First,
we’ll look at the background for integrating an IdM solution with an SAP
NetWeaver portfolio, and learn about the history of user administration in SAP
environments. Then we’ll discuss the system components within the SAP NetWeaver
IdM architecture and consider the basic concepts of data modeling in connection
with the standard data model. From there, you’ll learn about the availability
and functioning of the adapters provided by the data synchronization and
provisioning framework.
SAP IdM History
Since
R/3 Release 4.5B or 4.6C, the Central User Administration (CUA) has been a tool
for the central administration of user information and related authorization
information in SAP ABAP landscapes. The CUA uses the Application Link Enabling
(ALE) mechanisms that exist for data distribution using intermediate documents
(IDocs). By means of ALE, you can transfer user data and their assigned
authorization roles in defined message types to the connected CUA child systems
and — depend on the Customizing settings — you can create a flow back to the
locally maintained attributes from the child systems.
On
May 14, 2007, Computerwoche, a German information technology (IT) magazine,
wrote: “IdM systems in complex application environments are used to
comprehensively handle user and access authorizations. On the one hand, this
decreases the administration costs, and, on the other hand, increases the
security. Because in service-oriented environments many different software
components, enterprises (vendors, customers, and partners), as well as end
users interact with one another, the demand for IdM increases.” SAP NetWeaver IdM has considered the role of the CUA with an improved functional scope
through approval workflows, reporting functionality, the use of complex role
models, and rule sets for automating authorization management, and adapters for
connecting additional applications. The functions provided by SAP NetWeaver IdM
can be summarized as follows:
• Metadirectory
• Process control
• Automated and rule-based provisioning
• Password management
• Reporting and audit
SAP IdM Architecture
SAP
NetWeaver IdM consists of two initially independent components: Identity Center
(IC) and the SAP Virtual Directory Server (VDS). IC and its data model, which
you can enhance using the administration console, are based on a relational
database and forms the core of the IdM system. It produces the basic functions.
Compared to a pure directory service, the use of a relational database provides
transactional security. In a directory service, you always store the current
representation of an object in the form of a flat list of attributes, whereas a
relational database also allows you to store historic values and connect
additional data, for reporting purposes, for example.
The
SAP Virtual Directory Server, still, provides functionality for central and
virtualized real-time access to multiple data sources in the form of middleware
with special transformation functions — such as the transformation of attribute
values or improvement from other data sources at the time of query — and the
support of specific protocols that are common in the IdM environment, such as
LDAP and Service Provisioning Markup Language (SPML). This applies to access to
external data sources (from the IC view) and access to identity data that is
administrated in IC
Identity and Access Management Methodology
1. Inventory
Gather
information about users, access requirements, and applications & data
2. Create
Future
state roadmap, associating user groups with access controls and designing
operational support and workflow processes.
3. Deploy
Begin
distributing access to systems and data utilizing new processes and workflows.
4. Optimize
Deploy
automated and selected processes only after the steady state has been achieved.
5. Report
Advantage
investment to satisfy reporting requirements for a constitution and internal
controls.
About SAPVITS
Vintage IT Solutions
serves best SAP Online
Training. We also provide SAP server access, SAP corporate
training, and SAP offshore support. SAPVITS brings to you its knowledge and expertise of
over 18+ years’ in SAP online training and SAP consultancy. We mainly
concentrate on
6. SAP Success Factors Online Training in Mumbai and
so on
The SAP IDM Course is suitable for
Freshers wanting to get highly paid jobs. SAP IDM Online Training is available in
several approaches. Contact us for more details regarding SAP Online Training in USA.
Whatever we gathered information from the blogs, we should implement that in practically then only we can understand that exact thing clearly, but it’s no need to do it, because you have explained the concepts very well. It was crystal clear, keep sharing..
ReplyDeletesap successfactors online training
Appreciate you sharing, great article.Much thanks again. Really Cool.
ReplyDeleteSAP Secrity training
SAP Secrity and sap grc online training