- SAP Community
- Products and Technology
- Additional Q&A
- SAP GRC (Access Enforcer) - Naming convention for ...
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
SAP GRC (Access Enforcer) - Naming convention for new 'User Id'
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 09-11-2007 2:04 PM
Hello all,
We're currently implementing SAP GRC Access Controls for the first time in Portugal and our client needs to enforce a naming convention on the new User Id to be created, whenever a new user request is registered with the Access Enforcer.
<u>Is there any way that we can define the user id without asking the user who cerates the request? Or even validate what the user's input is and check if it is in concordance with the stipulated naming convention?</u>
Thanks in advance,
Ruben
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
This is a risk and compliance system. For Integrity check on user-ids against naming conventions, you need to implement Identity management. I believe SAP now has a complete suite of Identity management products that work in complete sync with GRC and other SAp systems. Check with your SAP sales folks.
Hope this helps.
Snehal
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Answers (1)
Answers (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Ruben,
Whilst what Snehal is partially right i tend to have the same thoughts as yourself. Since AE has auto-provisioning i would have thought that you should be able to specify a user naming convention ofr the user ids specified as Requestors are able to type in whatever they please. Unfortuneatley AE does not offer this type of functionality.
what you can do - as i am considering for a client - is two things:
1. If your leveraging off LDAP then you can perhaps use the LDAP username as a mapping to AE username. You will run into problems if this username naming convention is different across your network and sap.
2. Build in a extra stage to all your workflows so that a security administrator can analyze all requests to ensure that they conform to the naming convention.
Hope this helps.
Cheers,
Cuneyt
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi
Has anyone adopted naming convention in AE to create user accounts in SAP ECC through auto-provisioning?
We have LDAP as the data source and trying to generate the SAP ID by incrementing a number. This number will be used to create user account in the ECC system.
Has anyone tried this option?
Thanks
Kee
- SAP Fiori for SAP S/4HANA - Composite Roles in launchpad content and layout tools in Enterprise Resource Planning Blogs by SAP
- How to download the object data from SAP SuccessFactors Territory and Quota via Express Data Loader in Human Capital Management Blogs by SAP
- Easy way to automate and configure the setup of a BTP account and Cloud Foundry using Terraform. in Technology Blogs by Members
- When to Use Multi-Off in 3SL in Technology Blogs by SAP
- Dynamic Derivations using BADI in SAP MDG in Technology Blogs by Members
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.