cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP IDM 7.2 and GRC 5.3 integration

Former Member

on ‎10-16-2013 11:37 AM

0 Kudos

Hi All,

We are integrating GRC 5.3 with IDM 7.2 for SAP system provisioning.

Plan -1 : Our plan is to run initial load from GRC to load roles.

Questions-1: Should we load roles and privileges both or only roles?

Plan -2 : Our plan is to assign roles to user based on HCM positions.

Questions -2: What should be the best approach to map roles with user based on HCM position?

Question -3: Should we provision user to SAP systems via GRC as part of Joiner workflow? Or we should provide self service for user to raise SAP system access request?

Thanks,

Dhiman Paul.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

Former Member
‎10-19-2013 3:39 PM
0 Kudos

Hi All,

Anyone has idea on VDS configuration for IDM - GRC integration? Please reply to my last question if you have any clue.

Regards,

Dhiman Paul.

Show replies
Show replies
former_member2987
Active Contributor
‎10-19-2013 9:25 PM
0 Kudos

You should probably open this as a separate question.

Personally, I don't know.

ChrisPS
Contributor
‎11-12-2013 8:08 PM
0 Kudos

Hello Dhiman,

                     yes probably better to open a new thread. I'll mark this one as assumed answered.

Regards

Chris

(IdM SCN Moderation team)

Former Member
‎10-17-2013 4:41 AM
0 Kudos

Hi,

I have two more questions related to GRC integration. In VDS configuration I can see tabs Add, Modify, Delete, Lock and Unlock (please refer my attachment). What exactly I should provide there? What are these Add...modify?

In GRC document, call back service setup has been mentioned.  I am unable to understand where to click and set the attribute. There are more than one operations under Datasource > Single. Where should I right click and select the property > Advanced parameter?

Regards,

Dhiman Paul.

Show replies
Show replies
normann
Advisor
Advisor
‎10-21-2013 9:13 PM
0 Kudos

Hello Dhiman,

you can just leave the Add, Modify, Delete.....settings as they are by default. That is nothing you need to configure. You use the Template for 5.3 integration and do as the 7.1 GRC integration guide says (as this template is still from 7.1) while you set up the IdM side as the 7.2 GRC integration guide says.

To set up the callback service is something you do according to the 7.2 GRC integration guide - and to be honest I do not expect it to work. As Matt said already, that scenario is not supported and the callback service did not work in the old integration (5.3 to 7.1)... You have to use the polling mechanism.

Regards

Norman

Former Member
‎10-17-2013 4:33 AM
0 Kudos

Thanks Matt. Let me design as per your suggestion.

Regards,

Dhiman Paul.

Show replies
Show replies
former_member2987
Active Contributor
‎10-16-2013 2:24 PM
0 Kudos

Dhiman,

This is a tough question.

The fact is that GRC only works with roles/privileges and has no concept of the IDM ROLE (SAP Composite) concept, So you'll probably almost have to load your SAP Roles as IDM Privileges.

Next, I think the best thing is to look at how the organization works. Are you using composites or just assigning roles?  This will tell you how you need to go.

Finally, I'd strongly suggest moving to GRC 10 / IDM 7.2 SP 8.  There's been a number of changes made to the framework bridging these two applications that you'll probably want to use.

Even if you are committed to 5.3, I'd make the upgrade a high priority for your project roadmap down the road.

Good luck!

Matt

Show replies
Show replies
Ask a Question