on 02-26-2009 5:16 PM
Hi Folks,
I am troubleshooting an exisitng GRC installation.
Is it typical to configure GRC and UME to different source clients? If done so, what does it mean? How does it affect the risk analysis and user provisioning?
For example, the UME on AS Java is configured to use, say, ERP(100) client as the ABAP user store. On the same AS Java system, GRC is configured with JCo destinations pointing to ERP(200).
In this case, the master data source (users, roles) for Compliance Calibrator is ERP(200) and the user data source for Access Enforcer is ERP(200).
But the initial authentication to AE and CC is based on UME which is pointing to ERP(100) for authentication.
Is this a best practice recommendation ? I do not understand its usage. Please let me know your thoughts.
Regards
Reddy P.
Hi
This is not normal practise but a complex scenario However , this would work as expected .
If you want to authenticate users from ERP100 system , you can as these users would be specific to GRC applications only and since you are using user base from ERP200 , then compliance wud be given only to the users in ERP200 .
This is correct , your master source is ERP200 . So no issues
Thanks
Jasmine
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.