cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authenticate Approvers using LDAP Credentials

Go to solution
Former Member

on ‎02-20-2014 11:11 PM

0 Kudos

Hi GRC Experts,

We are in process of implementing GRC AC 10 (GRCFND_A V1000 0013) and using LDAP as a authentication/user details source. Authentication is working fine when user tries to login to the end user login page. However after the request is submitted, when approver tries to approve the request it requests for approvers GRC system user ID and Password. At this stage we need the approver to get authenticated using LDAP user ID and password instead of GRC user ID and password.

Note: GRC user ID of approver is same as LDAP user ID.

Are we missing something or SAP GRC does not have provision to authenticate approver against LDAP crendentials.We have more than 30000 managers and it is not feasible to share the GRC password to all of them.

Is this an enhancement requirement for SAP?

Appreicate your early response as we are in critical phase of the project.

Let me know if there are any questions.

Thank you.

Anjan Pandey

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Colleen
Advisor
Advisor
‎02-21-2014 2:38 AM
0 Kudos

Hi Anjan

The approver is logging in with their GRC User Id (SU01). There is no GRC configuration as they are actually logging in to the system whilst the self-service users has a System user to do the authentication instead (credentials stored in SICF for the services).

Can you look at Single-Sign-On instead? This would not be difficult since your id match.

Regards

Colleen

Show replies
Show replies
Former Member
‎02-21-2014 3:01 AM
0 Kudos

Thanks a ton Colleen for your quick response. We are indeed implementing SSO for GRC via Portal, however our client is a GxP compliant customer and one of the requirements which we have is that approvers need to recertify (approval reaffirm) before request is approved. The pop up screen for recertification is expecting GRC user ID and password. Can we any how authenticate the approver via LDAP credentials instead at this stage.

Reiterating my point again, creating 30000+ managers and sharing the password is a difficult task and not a effective mechanism to operate if any big customer is planning to implement GRC.

Thank you.

Anjan Pandey

Colleen
Advisor
Advisor
‎02-21-2014 3:23 AM
0 Kudos

Hi Anjan

I don't think there is anything standard. You will have to look at modifying the code for the re-confirm. Possibly a user-exit instead

It won't help you now but there might be value in adding this suggestion to SAP ideas space to for manager authentication to be based on a data source instead of GRC SU01. I've seen this scenario come up a few times (and had same issue for authentication with my solution - I was lucky that I didn't have GxP compliance to factor in).

Regards

Colleen

Former Member
‎02-21-2014 4:07 AM
0 Kudos

Thanks Colleen for your prompt response. I hope some expert went through this requirement earlier and was able to sail through. I posted this idea on idea place https://ideas.sap.com/ct/ct_list.bix?c=4F27C74D-5330-4569-8199-D69072C0D4AE. Any consulant having similar requirement may want to submit their requirement in this post.

Thank you.

Anjan Pandey

Answers (0)

Ask a Question