on 12-17-2009 9:14 AM
Hi All,
I'm integrating IDM with SAP Systems. I've completed the Initial load(Roles and User-Role assignment) activity. Now IDM is in sync with the SAP System (in this case- BI). Do we have any process by which we can upload into IDM any new roles that are created in the SAP System directly.
Since I understand that the Initial Load should not be run more than once( Plz correct me if I'm wrong), how do I fetch the incremental changes from the SAP systems, into IDM?
I'm given to understand that there are no Event Agents available to perform this operation for SAP Systems(though we have event agents for flat files, database tables etc.)
It will be of great help if someone can provide a solution.
Regards,
Joel
Hi Joel
For AS ABAP-Systems you can use the Job-Templates "AS ABAP - Update" (New->Wizard->Jobs->SAP NetWeaver). In combination with a schedule-rule you can read the roles/profiles/changes from the AS, but of course not the user-assignments, because they should be done in IdM.
The Initial-Load-Jobs must not be used since you will not get any compliant Audit-Logs and have no workflow. Additionally it will trigger the MX_PERSON event task. On the other hand this means that nobody is allowed to use SU01 or UME for assignments anymore.
An event agent is not (yet?) available. There was a post here in SDN where a SAP-official wrote you have to implement this yourself with the Java framework. Maybe it will be available some day.
Hope I could help
BR
Michael
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
80 | |
24 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.