Understanding SAP NetWeaver Identity Management
SAP Press (Verlag)
978-1-59229-338-4 (ISBN)
- Titel ist leider vergriffen;
keine Neuauflage - Artikel merken
Project Procedures and Case Studies Find expert advice and two extensive real-life case studies that illustrate real-world challenges, best practices, and success strategies.
Loren Heilig is the founder of IBSolution GmbH and has been its managing director since 2003. IBSolution GmbH is an innovative SAP NetWeaver service provider that has made a name for itself as a specialist in complex SAP NetWeaver projects. With predefined packages, IBSolution also proves that SAP projects don't always have to be expensive. Before founding IBSolution GmbH, Loren was a project lead at SAP Systems Integration AG and SAP AG. There he was responsible for setting up a BW consultancy team that focused on HR, and he coordinated the BW/HR projects at Saudi Aramco (in Saudi Arabia). In addition to more than twelve years of experience with the BW system (he implemented his first BW project with BW 1.2a), he has also conducted BW system training at SAP Germany and Switzerland for many years. Before beginning his professional career, Loren Heilig received a degree in industrial engineering from Karlsruhe University of Applied Sciences, Germany. At IBSolution, he is responsible for the Sales and Marketing area. He also compiles the overall strategy of IBSolution and develops new business fields, such as master data processes and SAP NetWeaver Identity Management. Dr. Peter Gergen has been a presales specialist for SAP NetWeaver IdM at SAP since 2008. SAP had just expanded the IdM field by acquiring MaxWare six months prior. As a senior consultant and project lead for LDAP technologies at Netscape, Peter managed customer projects, including the implementation of a directory that was the largest in the world at that time. As a project manager at Sun Microsystems, he worked in IdM for the first time, before joining SAP six years later. In 1996, Peter Gergen completed his doctorate in experimental solid-state physics, and he also published a book in 2002.
1 ... Introduction ... 13 1.1 ... Overview and Classification ... 14 1.2 ... Project Procedure Methods and Case Scenarios ... 16 2 ... IdM in Enterprises ... 19 2.1 ... Reasons for Implementing IdM ... 21 2.1.1 ... Compliance with the Law and External Audits ... 21 2.1.2 ... Reducing Security Risks ... 22 2.1.3 ... Reducing Costs through Automation and Process Optimization ... 25 2.2 ... Lifecycle of an Identity in the Enterprise ... 27 2.3 ... Collective Accounts and Prioritized Accounts ... 31 2.4 ... Assigning System Authorizations ... 32 2.5 ... IdM Solutions ... 37 2.5.1 ... IdM Requirements ... 38 2.5.2 ... Services of an IdM Solution ... 39 2.5.3 ... Distinguishing IdM from System Administration ... 50 2.5.4 ... Organizational Integration of IdM ... 51 2.6 ... Aspects of Project Planning ... 52 2.6.1 ... Approach Models ... 53 2.6.2 ... Target Architecture Aspects ... 55 2.6.3 ... Operating Concept ... 56 2.7 ... Summary ... 59 3 ... SAP NetWeaver IdM in the Context of SAP NetWeaver ... 61 3.1 ... From SAP Basis to SAP NetWeaver ... 62 3.2 ... Managing Identities in SAP NetWeaver ... 65 3.3 ... SAP NetWeaver AS Java ... 65 3.4 ... UME ... 66 3.5 ... SAP NetWeaver Administrator ... 67 3.6 ... SAP NetWeaver Portal ... 69 3.7 ... CUA ... 70 3.8 ... SAP NetWeaver PI ... 71 3.8.1 ... SLD ... 72 3.8.2 ... Enterprise Services Repository ... 72 3.8.3 ... Enterprise Services Directory ... 72 3.9 ... SAP ERP HCM ... 73 3.9.1 ... Personnel Management ... 73 3.9.2 ... Organizational Management ... 74 3.10 ... Summary ... 74 4 ... Overview of SAP NetWeaver IdM ... 75 4.1 ... History ... 75 4.2 ... Architecture ... 78 4.2.1 ... IC ... 78 4.2.2 ... SAP VDS ... 85 4.2.3 ... Overall Architecture IC and SAP VDS ... 86 4.3 ... Data and Role Model ... 87 4.3.1 ... Data and Role Model in the Identity Store ... 89 4.3.2 ... Data Modeling and Workflows ... 93 4.3.3 ... Data Modeling and Reporting ... 93 4.4 ... Data Synchronization and Provisioning ... 94 4.4.1 ... Principles of Data Synchronization ... 94 4.4.2 ... Source and Target Systems ... 96 4.4.3 ... Technical Adapters ... 97 4.4.4 ... Provisioning Logic and Workflows ... 99 4.4.5 ... Provisioning Content ... 101 4.4.6 ... Password Management ... 101 4.5 ... Additional Integration Topics ... 103 4.5.1 ... Business Suite Integration ... 103 4.5.2 ... Integration with SAP BusinessObjects Access Control ... 105 4.5.3 ... Middleware for Exchanging Data ... 107 4.5.4 ... UI Integration ... 108 4.6 ... Monitoring ... 109 4.7 ... Reporting ... 111 5 ... Tips and Tricks in IdM Projects ... 113 5.1 ... Organizational Pitfalls ... 115 5.1.1 ... Multitude of Participants and People Concerned ... 115 5.1.2 ... Goal Conflicts ... 120 5.1.3 ... Personal Resistances ... 122 5.1.4 ... Organizationally Justified Resistances ... 125 5.1.5 ... Lacking Organizational Maturity ... 128 5.2 ... Complexity Risks ... 129 5.2.1 ... Poor Definition of Concepts ... 129 5.2.2 ... Dynamic Environment ... 130 5.2.3 ... Unclear Definition of the Project Scope ... 133 5.2.4 ... Many Interfaces ... 134 5.2.5 ... Complex Processes ... 136 5.3 ... Summary ... 138 6 ... IdM at Industry Inc ... 139 6.1 ... Initial Situation ... 140 6.2 ... System Landscape ... 144 6.2.1 ... SAP Environment ... 145 6.2.2 ... Windows Environment ... 147 6.3 ... Requirements ... 148 6.3.1 ... Master Data ... 149 6.3.2 ... Processes and Request Management ... 149 6.3.3 ... Management of Authorizations ... 150 6.3.4 ... Reporting ... 151 6.3.5 ... Provisioning ... 151 6.3.6 ... Authentication/SSO ... 151 6.4 ... Challenges ... 152 6.5 ... Integrated Project Approach ... 154 6.5.1 ... Roadmap and Phase Approach ... 154 6.5.2 ... Kick-Off Workshop ... 158 6.5.3 ... Installation of a Two-Level System Landscape ... 159 6.5.4 ... Detailing the Technical Concept ... 160 6.5.5 ... Preliminary Consideration of the Target Process for the Creation of New Identities ... 160 6.5.6 ... Preparations for Data Consolidation ... 162 6.5.7 ... Planned Use of OM in SAP ERP HCM ... 164 6.5.8 ... Creating the Detailed Design ... 165 6.6 ... Implementing the IdM Solution ... 165 6.6.1 ... Phase 1: Creating a Consistent Data Basis ... 166 6.6.2 ... Phase 2: Self-Services and Approval Processes ... 175 6.7 ... Summary and Outlook ... 184 6.7.1 ... Phase 3: Complete Integration of Authorization Management ... 186 6.7.2 ... Phase 4: Integration of SAP BusinessObjects Access Control ... 188 6.8 ... Evaluation of the Implementation of SAP NetWeaver IdM ... 188 7 ... IdM at Mechatronic ... 191 7.1 ... Development of IT at Mechatronic ... 193 7.2 ... Project Initiation ... 198 7.3 ... Project Preparations ... 201 7.4 ... Getting Started Milestone 1.0 ... 205 7.4.1 ... Design Phase ... 205 7.4.2 ... Implementation Phase ... 207 7.4.3 ... Stabilization Phase ... 212 7.5 ... Further Integrations Milestone 2.0 ... 213 7.5.1 ... Requirements of User Departments after Milestone 1.0 ... 214 7.5.2 ... Implementation of Milestone 2.0 ... 217 7.5.3 ... Stabilization Phase ... 220 7.6 ... Intermediate Phase Milestone 2.1 ... 221 7.6.1 ... Recording of Follow-Up Requirements ... 222 7.6.2 ... Implementation of Milestone 2.1 ... 224 7.6.3 ... Stabilization ... 228 7.7 ... Intermediate Phase Milestone 2.2 ... 231 7.7.1 ... Implementation of Milestone 2.2 ... 232 7.7.2 ... Stabilization Phase ... 238 7.8 ... Project End with Milestone 3 ... 239 7.9 ... Summary ... 240 8 ... Basic Concepts of SAP NetWeaver IdM ... 243 8.1 ... Data Storage ... 243 8.1.1 ... IC Data Model ... 244 8.1.2 ... Global Configuration: Repositories, Constants, and Variables ... 251 8.2 ... Roles and Privileges ... 253 8.2.1 ... Privileges in IC ... 253 8.2.2 ... Roles ... 255 8.2.3 ... Setting Up Role Hierarchies ... 259 8.2.4 ... Changing Roles or Role Hierarchies ... 261 8.3 ... Rule-Based Role Assignment ... 261 8.4 ... Tasks and Processes ... 264 8.4.1 ... Passes ... 267 8.4.2 ... Scripting ... 270 8.4.3 ... Jobs ... 270 8.4.4 ... Tasks ... 271 8.4.5 ... Scheduling of Standard Jobs ... 274 8.5 ... Summary ... 275 9 ... Summary and Outlook ... 277 9.1 ... Current Status ... 277 9.1.1 ... Identity Center (IC) ... 278 9.1.2 ... SAP Virtual Directory Server (VDS) ... 278 9.1.3 ... SAP NetWeaver IdM UI ... 279 9.1.4 ... SAP NetWeaver IdM and SAP BusinessObjects Access Control ... 279 9.1.5 ... SAP NetWeaver IdM and SAP BusinessObjects Crystal Reports ... 280 9.1.6 ... Available Connectors in IC ... 280 9.1.7 ... SAP NetWeaver IdM and SAP ERP HCM ... 281 9.2 ... Outlook and Wish List for Future Product Versions ... 281 9.2.1 ... Integration with SAP Solution Manager ... 281 9.2.2 ... Merging with SAP BusinessObjects Access Control ... 282 9.2.3 ... SAP NetWeaver Composition Environment (CE) and Business Process Management (BPM) ... 282 9.2.4 ... Predefined, Ready-for-Use Reporting ... 282 9.3 ... Organizational Challenges ... 283 9.3.1 ... Creating Organizational Acceptance of SAP NetWeaver IdM ... 283 9.3.2 ... Establishing a Holistic and Current Functional Role Model ... 284 9.4 ... Final Considerations ... 284 ... Appendices ... 285 A ... Additional Literature ... 285 A.1 ... Books and Articles ... 285 A.2 ... Online Sources Sorted by Chapters ... 285 The Authors ... 289 ... Index ... 293
Erscheint lt. Verlag | 30.4.2010 |
---|---|
Reihe/Serie | SAP Press |
Verlagsort | Maryland |
Sprache | englisch |
Maße | 175 x 228 mm |
Einbandart | gebunden |
Themenwelt | Mathematik / Informatik ► Informatik ► Netzwerke |
Informatik ► Weitere Themen ► SAP | |
ISBN-10 | 1-59229-338-7 / 1592293387 |
ISBN-13 | 978-1-59229-338-4 / 9781592293384 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich