With this IAM scenario variant, you use an LDAP-compatible directory service from a third-party vendor as the central store for all user data in your system landscape. You use this to synchronize user data across platforms.
The User Management Engine (UME) of the Enterprise Portal stores the user data directly in the LDAP directory. Although the Central User Administration of the ABAP systems continues to store its user data in the ABAP system, it periodically synchronizes the user data with the directory service.
Architecture of the Scenario Variant
The following figure shows the system landscape for this scenario variant:
Required SAP NetWeaver Usage Types
For this scenario variant, you require the following technical SAP NetWeaver Usage Types:
· EP
· AS Java
· AS ABAP
· LDAP-compatible directory server (external product)
IT Processes of the Scenario Variant
Process | What You Need to Know... |
Setting Up Central User Administration | With this process, you set up the central administration of ABAP systems in your system landscape. |
Configuring the CUA – LDAP Connection | With this process, you set up the connection between the central ABAP system and the LDAP directory. |
Configuring EP UME with LDAP Data Source | With this process, you install the Enterprise Portal and configure the user store of the User Management Engine (UME) so that it uses the LDAP directory. |
Maintaining Portal Roles | With this process, you prepare the roles for the users in the Enterprise Portal. |
Generating ABAP Authorization Roles | With this process, you create the required roles in the ABAP systems. You then update the central system of the CUA to make it aware of the data from the child systems. |
Creating Users and Assigning Roles in EP and Testing | In this process, you create users in the Enterprise Portal and assign roles to them. You then test the configuration. |
No comments:
Post a Comment