cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP NW IDM Integration with Oracle Identity Manager

Former Member

on ‎11-14-2015 7:56 PM

0 Kudos

Hello SCN-IDM,

We are considering to replace CUA with NWIDM.

But company has oracle identity manager 11.1 for identity management. So I just want to integrate NWIDM with OIM. In this case I want to use OIM as the primary user data management system.

I checked the use cases and could not find suitable for our requirement.

Use Case 2 ( SAP Portal environment) may be possible.

Does IDM OIM connector exist ?

Thank You.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎11-17-2015 4:23 PM
0 Kudos


Thank you Matt Pollicove.

Will you please explain more on "creating a VDS layer over a feed from the HR system".

HR system is non-sap. We can assume OIM is the HR system.

Show replies
Show replies
former_member2987
Active Contributor
‎11-17-2015 4:27 PM
0 Kudos

If the data is held in a flat file or a database table, the VDS can be employed to virtualize that data so that it looks like an LDAP repository. I'd suggest downloading VDS and reviewing the bundled tutorials and looking at the tutorials on in the VDS section.

Regards,

Matt

Former Member
‎11-16-2015 5:33 PM
0 Kudos

Hi Rika,

What do you mean by integration NWIDM with OIM?

Which function you expect from IDM OIM connector?

What is your business scenario after you integrate OIM and NWIDM?

If the integration is just to use OIM as user data source for NWIDM, technically it is possible because OIM also use database tables for user data store.

So as NWIDM point of view, OIM is one of HR system and NWIDM can connect it by jdbc connection.

(USR table for user data and ACT table for organization data, etc )

But I can not find any benefits in this configuration. It is just use two IDM systems and NWIDM use OIM as HR system.

I would recommend you to use OIM or NWIDM for whole systems including SAP systems.

(Here you should consider that OIM 11.1 is quite old version which may be EndOfService already.

And 11.1 and current version(12.2.3) are quite different in architecture.)

good luck!

dongsu

Show replies
Show replies
Former Member
‎11-17-2015 4:21 PM
0 Kudos

Thank you Dongsu Park.

You are right. I just want to replace CUA with IDM.

And also use OIM as IDM user data store.

I am just sharing few requirements

1) Initial load (creation of users in IDM identity store) from OIM

2) New users creation on all SAP systems (140 systems with multiple clients)

3) Pushing the changes by OIM to IDM (event based triggers)

4) With multiple connectors to OIM will be a risk as it central system for 500+ applications.

5) I will look into JDBC connection option just for user data source. I feel we need more functionality.

Thanks and Regards.


former_member182832
Participant
‎08-04-2016 8:48 AM
0 Kudos

Hi Dongsu,

We have the same requirement: an existing OIM for SAP and NonSAP systems (with a lot of custom codes ...). We want to add SAP IdM to manage SAP systems and also extend the scope to new solutions (SAP Hana, Success factors). So in this case, we will keep OIM as the heart of the identity management and add IdM (as an identity source) to manage SAP systems.

OIM and IdM need to be synchronized while keeping OIM as the central point of the identity management.

To resume, we want just to delegate identity management of SAP systems to IdM.

If you have some recommendations for such architecture it will be very helpful.

Regards,

Mehdi.

former_member2987
Active Contributor
‎08-04-2016 1:40 PM
0 Kudos

Hi Mehdi,

Please take a look at my original response to Rika. This is not an unusual situation, it just requires some careful planning and architecture work.  Mostly in the realm of setting up an authoritative store that both systems update and consume.

Let SAP IDM take are of SAP systems (I'd also recommend AD or your Enterprise LDAP, but that's just my experience) and let OIM handle the rest of the enterprise.

The trick is also updating the common Identity Store that both systems would use as a provisioning source.  I'd probably align it closer with your HR system.

Regards,

Matt

former_member182832
Participant
‎08-04-2016 9:34 PM
0 Kudos

Hi Matt,

Thank you for these clarifications.

Regards,

Mehdi.

former_member2987
Active Contributor
‎11-15-2015 2:27 AM
0 Kudos

Rika,

There's no real integration between the two systems.

I'm not going to go into a whole why one is better than the other.  That's a pointless conversation and would really push the ROE on this system.  (I suspect we're pushing it already )

I will tell you that based on my consulting experience that it's not unheard of to use SAP IDM for the SAP Landscape and a 3rd party system for the rest of the Enterprise.  I'm never a fan, but I seldom get a vote.

If you need a resource that is accessible by both systems, I'd suggest either relying on the Enterprise LDAP directory or creating a VDS layer over a feed from the HR system.

Hope this helps.

Matt

Show replies
Show replies
Ask a Question