cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CUP: Provision to MS Active Directory without SAP NW IDM?

Former Member

on ‎06-14-2010 8:01 PM

0 Kudos

Hi All,

I'd like to provision MS Active Directory (AD) groups or domains to users directly from CUP. However, the customer does not appear to be using SAP NW IDM. I've read on some posts that this may still be possible through the connector, but I don't see how this can be done...

The customer is already using MS AD to authenticate GRC users and to pull in user info (first, last, manager, email, etc).

Any experience from your side?

The scenario is that the customer would like to provision LDAP admin groups on a temporary basis (similar to FF in SAP).

Best Regards, Dylan

Edited by: Dylan Hack on Jun 14, 2010 9:03 PM

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

koehntopp
Product and Topic Expert
Product and Topic Expert
‎06-15-2010 9:13 AM
0 Kudos

Hi Dylan,

this is definitely not possible.

What I have not tried yet: if AD is connected to a portal UME in read/write mode and you create a portal user using EPRTA, will that go through to AD?

Something to try...

Frank.

Show replies
Show replies
Former Member
‎06-15-2010 4:28 PM
0 Kudos

Hello Frank,

Thanks for the suggestion. We do have the UME connected to AD so we don't have to create UME users. I'll check into the EPRTA to see if it fits.

Best Regards, Dylan

koehntopp
Product and Topic Expert
Product and Topic Expert
‎06-16-2010 7:55 AM
0 Kudos

Creating UME users was just an additional topic to think of.

For AD groups, you might try linking AD groups to ume roles and see if it works the other way around.

Let us know how it goes.

Frank.

Ask a Question