Active Directory, GRC, and Identity Management
A client I am working at would like to explore using Active Directory groups to assign SAP roles to users, both portal roles and ABAP roles. They are currently using Microsoft AD. However they have a requirement to use GRC Access Controls (v5.2) to assist with role maintenace and assignment for SOX compliance. I have been told that the Identity Management product can assist with integrating GRC and AD that will still allow for SOD checking/SOX compliance while role assignments can take place in AD.
Does anybody have experience with using Identity Management either with or without GRC? Does in work with Microsoft AD or is it is own AD product? What was your experience with it?
Are there any other products that can be recommended that will allow for integration between GRC Access Controls and Microsoft AD?