cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP NW IDM - Query

Former Member

on ‎09-06-2010 5:53 AM

0 Kudos

Hello Experts,

For one of our projects we are planning to use SAP NW IDM for account provisioning for all SAP systems. It is also assumed that both SAP NWBC & SAP EP will offer single sign on for all SAP systems. Is this assumption correct, especially for SAP NWBC?

Currently we donu2019t have a central tool for user provisioning, but the desire (not officially approved yet) is to implement an Identity Management tool. SAP NW IDM is one candidate for this tool.

This tool should take data from one or two sources (new Payroll system) and automatically create accounts etc.

Some specific questions

Can SAP NW IDM synchronise between two Active Directory Domains on an on-going basis?

For example, keep contact objects (in one domain) synchronised to (user objects) in another domain.

Does it have similar functionality to Microsoftu2019s Forefront Identity Manager (FIM) u2013 previously ILM.

Can SAP NW IDM enable Single Sign On between Active Directory & SAP when the user has two different sets of credentials?

Can SAP NW IDM be used to synchronise u201Cglobally interesting datau201D between multiple systems.

For example, if a provisioning rule creates an e-mail address; can this be populated to multiple systems

Thanks for your inputs / comments.

Regards,

Shailesh

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎08-13-2012 9:46 PM
0 Kudos

Hi,

We are on SAP IDM 7.1 version and out AD is upgraded to Forefront Identity Manager (FIM) now and Can I know if there is option in SAP IDM to directly talk to application to provision users from IDM to FIM AD.

We want to do automated provision to FIM like how we do for SAP system.

Thanks,

Arun. A

Show replies
Show replies
former_member2987
Active Contributor
‎09-08-2010 3:41 PM
0 Kudos

Hi Shailesh,

Can SAP NW IDM synchronise between two Active Directory Domains on an on-going basis?
For example, keep contact objects (in one domain) synchronised to (user objects) in another domain.

Yes, you can create taks that work with separate AD domains. Best practice would be to create one repository for each./

Does it have similar functionality to Microsoftu2019s Forefront Identity Manager (FIM) u2013 previously ILM.

Some aspects are quite similar as they are both metadirectory based, however the front ends are different and NW IDM will work with Oracle and I don't think FIM does.

Can SAP NW IDM enable Single Sign On between Active Directory & SAP when the user has two different sets of credentials?

I believe this is coming in 7.2 or 7.3, you should probably check with a sales type person.

Can SAP NW IDM be used to synchronise u201Cglobally interesting datau201D between multiple systems.
For example, if a provisioning rule creates an e-mail address; can this be populated to multiple systems

Yes, can be done using workflow processes and is one of the main use cases for the product.

Show replies
Show replies
Former Member
‎09-23-2010 1:37 PM
0 Kudos

Hi Shailesh,

regarding your qestion "SAP IdM and SSO":

> 

Can SAP NW IDM enable Single Sign On between Active Directory & SAP when the user has two different sets of credentials?

>

> I believe this is coming in 7.2 or 7.3, you should probably check with a sales type person.

Since SAP NetWeaver Identity Management 7.1 SP05 IdM can act as central SAML2 Identity Provider, which enables you to use different user names for SSO.

Are you interested in SAPGUI SSO or Browser SSO? Did you think about Kerberos?

Regards,

Martin

Ask a Question