- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- GRC AC 10.0 PSS feature with SSO in scope
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
GRC AC 10.0 PSS feature with SSO in scope
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-26-2014 1:04 PM
Hi,
For one of our customer project, in ARM we have to enable password self-service (PSS) workflow which is in the scope. At the same project we also have single sign on (SSO) (SNC and SSL) in scope for all SAP system landscape.
I understand that I cannot directly connect AC with an LDAP. I would like to know the scenario where password self-service should be utilized, when we already have SSO in the scope. In other way, how PSS feature works when, we have one single passowrd concept will be applicable in whole SAP landscape. Fyi, SAP IDM is not in the scope.
Any suggestion input will be of great help.
Thank you,
Kailash
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-26-2014 1:58 PM
Hi,
I know one organisation who has established PSS to provide the password reset facility for all users across all their SAP systems (Dev, QAS, Production). They have utilised LDAP/AD as the main data source for verification, so all the end users simply log in with their AD password/ID (i.e. network credentials).
To make it work without any issues, they have ensured that their SAP ID's are the same as their network ID's.
If you already have SSO in scope, then in theory you won't need PSS, unless you are planning to have some third party users log in to SAP systems only etc (even then , third party users are usually provided network login credentials also). I would be surprised if SSO does not get implemented for the whole organisation's IT landscape.
I would say if SSO is being implemented very soon, PSS may not be required at all.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-26-2014 1:58 PM
Hi,
I know one organisation who has established PSS to provide the password reset facility for all users across all their SAP systems (Dev, QAS, Production). They have utilised LDAP/AD as the main data source for verification, so all the end users simply log in with their AD password/ID (i.e. network credentials).
To make it work without any issues, they have ensured that their SAP ID's are the same as their network ID's.
If you already have SSO in scope, then in theory you won't need PSS, unless you are planning to have some third party users log in to SAP systems only etc (even then , third party users are usually provided network login credentials also). I would be surprised if SSO does not get implemented for the whole organisation's IT landscape.
I would say if SSO is being implemented very soon, PSS may not be required at all.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-27-2014 6:34 AM
Thank you Harinam for your note . This really helps me to take the discussion forward with the customer.
Thanks,
Kailash
- SAP Managed Tags:
- Security
