- SAP Community
- Products and Technology
- Additional Q&A
- SAP Enterprise portal & GRC integration for portal...
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
SAP Enterprise portal & GRC integration for portal role assignment
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 02-04-2014 2:28 PM
Hi All,
We have implemented GRC 10 AC & creating users in R/3 system through it.
I have a requirement -
When we create user in R/3 system with GRC, the same user should be created in SAP Portal 7.0 as well.
Also portal role assignment to the same user should be done through GRC only. Is it possible?
I have came to know about Access Request Management (ARM) capability of SAP Access Control 10.0 to provision users and assign roles to the
SAP NetWeaver Portal.
How to acheive above described requirement through ARM for portal 7.0 & 7.3?
Regards,
Joy
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Joyer
It is possible ,you need to deploy GRC Portal content on the Portal server and then follow installation guide to integrate GRC with EP by creating all the required connectors.
Once done you need to configure EP connector like any other connectors for all the actions like ECC.
Also you need to upload Portal Roles/Group definition in GRC system.So when you try to create request your Portal system should also come in the dropdown for provisioning action.
Other way which we did is by creating dummy business roles and map this business role with all technical roles from all the system in the landscape which user should have like 2 roles from ECC,1 Role from CRM and 2 Portal Roles/Groups from and once that business role is assigned to the user the whole package of technical roles will be added to the user provided Portal Connector is available for Provisioning.
Regards
Pradeep
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Answers (4)
Answers (4)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Joy,
If your ECC system isn't the User data source of your portal system, you can look at GRC Role Mapping feature.
Here you can map R/3 roles to corresponding Portal roles/groups which should be assigned to user. So whenever there is request for new R/3 users with specific roles, it would automatically contain Portal roles which should be assigned to the user.
Regards,
Amol
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Yes its possible,
we have dummy abap role and i have mapped it. it assigns roles and provision happens.
Regards,
Prasant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Colleen
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Joy
Have you considered making the Portal UME based on ECC? In doing this the ECC SAP Role becomes a portal group that you can then assign portal role to.
It means they user always receives their associated portal roles based on their ECC access. In addition, they user loses their Portal access when they lose their ECC. I find this helpful as Portal roles do not have expiration dates.
Alternatively, in GRC you could map related roles in the BRM definition so the user chooses their ECC and gets the mapped portal?
Regards
Colleen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Colleen
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Anil
If ECC is the Portal UME then you technically do not provision direct to Portal. You assign the roles to ECC and they automatically appear as assigned as a portal group. You then need to map your portal groups (ECC roles) to the portal roles
Every ECC user is a Portal User. However, their access to Portal depends on the ECC to Portal role mappings as part of portal role build.
Regards
Colleen
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Update of the SAP Activate Roadmap for SAP S/4HANA (on prem) upgrades with the Clean Core Strategy in Enterprise Resource Planning Blogs by SAP
- GRC Tuesdays: Takeaways from the 2024 Internal Controls, Compliance and Risk Management Conference in Financial Management Blogs by SAP
- IoT - Ultimate Data Cyber Security - with Enterprise Blockchain and SAP BTP 🚀 in Technology Blogs by Members
- SAP Signavio is the highest ranked Leader in the SPARK Matrix™ Digital Twin of an Organization (DTO) in Technology Blogs by SAP
- AI-powered supply chain solutions: Better decisions, better outcomes in Supply Chain Management Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.