03-26-2014 1:04 PM
Hi,
For one of our customer project, in ARM we have to enable password self-service (PSS) workflow which is in the scope. At the same project we also have single sign on (SSO) (SNC and SSL) in scope for all SAP system landscape.
I understand that I cannot directly connect AC with an LDAP. I would like to know the scenario where password self-service should be utilized, when we already have SSO in the scope. In other way, how PSS feature works when, we have one single passowrd concept will be applicable in whole SAP landscape. Fyi, SAP IDM is not in the scope.
Any suggestion input will be of great help.
Thank you,
Kailash
03-26-2014 1:58 PM
Hi,
I know one organisation who has established PSS to provide the password reset facility for all users across all their SAP systems (Dev, QAS, Production). They have utilised LDAP/AD as the main data source for verification, so all the end users simply log in with their AD password/ID (i.e. network credentials).
To make it work without any issues, they have ensured that their SAP ID's are the same as their network ID's.
If you already have SSO in scope, then in theory you won't need PSS, unless you are planning to have some third party users log in to SAP systems only etc (even then , third party users are usually provided network login credentials also). I would be surprised if SSO does not get implemented for the whole organisation's IT landscape.
I would say if SSO is being implemented very soon, PSS may not be required at all.
03-26-2014 1:58 PM
Hi,
I know one organisation who has established PSS to provide the password reset facility for all users across all their SAP systems (Dev, QAS, Production). They have utilised LDAP/AD as the main data source for verification, so all the end users simply log in with their AD password/ID (i.e. network credentials).
To make it work without any issues, they have ensured that their SAP ID's are the same as their network ID's.
If you already have SSO in scope, then in theory you won't need PSS, unless you are planning to have some third party users log in to SAP systems only etc (even then , third party users are usually provided network login credentials also). I would be surprised if SSO does not get implemented for the whole organisation's IT landscape.
I would say if SSO is being implemented very soon, PSS may not be required at all.
03-27-2014 6:34 AM
Thank you Harinam for your note . This really helps me to take the discussion forward with the customer.
Thanks,
Kailash