IDM connected with GRC

Hi All,
Would like to check a question with you. As I know SAP IDM can be connected with SAP GRC for risk analysis during user request. Does anyone know if there are any other IDM solutions (other than SAP IDM) which can be connected with SAP GRC and do risk analysis during user request?
Thanks in advance.
Benny Ren

Hi Ankur,
Thanks for your reply. As I understand the GRC adapter in ITIM works only with SAP resource (please correct me if I am wrong) and not any other ERP or non-ERP resource. Is there any way so that I can directly use webservices with ITIM without using ITIM adapter.
Hi Frank,
If I can integrate the webservice directly with ITIM, then what I can do is using the risk analysis find out what are the roles which violates the SoD. If web services can return that, then I can use the following steps:
- Create a Life cycle rule to find all the violations.
- Once violations are identified then send an approval for the violations.
- If this are approved, then the role can remain with the person.
- If rejected then the role will be removed through the life cycle it self.
Please let me know if what I think can be done and is feasible.
Thanks to all for your replies.
Regards,
Ashish Choudhary

Similar Messages

  • SUN idM integrate with GRC AC

    There are documents available for best practice on provisioning using CUP by integrating SUN idM with GRC AC...I have not found any document on best practice for deprovisioning when some one leaves organization...
    Is there any one who has worked on the same or are there any best practice guide on how it can be implemented...What should be architecture or data flow?
    Regards,
    Milan

    Hi Milan,
    here is the document you need:
    http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/e0b2e5c5-fa62-2c10-9687-ff98bc0b99f8
    Best,
    Frank

  • Tivoli IDM Integration with GRC 10

    Hi All ,
    Can someone please help me with the information about webservices that we need to enable on GRC 10 so that it can integrate with the IDM Solution (IBM Tivoli ) . I had a look at the GRC 10 docs in market place , however couldnt find any help on this.
    Thanks for your time.
    Vikas

    Hi vikas and Frank,
    Do you have any information related on How to enable the webservices in the GRC 10 (does NWBC holds the key). if you have any information related to it  please share it with me.
    Thanks and regards,
    keerthi

  • SAP IDM vs SAP GRC

    Hi All,
    One basic question is coming again and again due to overlapping features of SAP IDM and SAP GRC. Why SAP IDM is required when all most all use cases can be fulfilled by SAP GRC? Is there any document available which can tell me why customer can choose IDM when he already has GRC?
    1. SAP IDM and GRC both can accomplish access request and provisioning.
    2. SAP IDM and GRC both has capability of risk management.
    Then why SAP IDM is required?
    Thanks,
    Dhiman Paul.

    Hi Dhiman,
    SAP IDM is more flexible and is Java based (providing excellent customizations).  GRC 10 is ABAP based and originally designed for Access Control.  As mentioned by Chris, IDM connectors are flexible than GRC & provisioning workflow is highly variable.
    I'd say if there are quite a few number of Legacy systems to be connected for IDM solution, SAP IDM would be an ideal choice than SAP GRC, as it can be implemented with less cost and customization.
    My simple opinion.  There may be other points as well.
    BR,
    Ganesh

  • Oracle IdM integration with Microsoft ILM 2007/FIM 2010

    We currently have ILM 2007 in our environment with limited usage at the moment. We are looking at purchasing Oracle Identity Manager to implement an enterprise wide IAM solution.
    We were wondering if it is possible to continue using ILM like a middleware between our AD forests and the Oracle IdM. Where the Oracle IdM is the overarching IAM solution and Microsoft ILM 2007/FIM 2010 is like the metadirectory for our AD forests.
    Is this possible without installing the Oracle Management Connector on any of our DCs and using ILM as the directory that Oracle IdM connects to. All AD account provisioning/de-provisioning, acct updates, password sync/reset will be initiated from the Oracle IdM to ILM and then implemented on AD. In order words no direct interaction with AD domain controllers from Oracle IdM, everything will go to ILM and ILM in turn applies it to AD.
    Is this possible?
    Is there a custom connector that will work with ILM 2007/FIM 2010
    Is this a simple customization or something that can be problematic and expensive?
    Any feedback is much appreciated
    Thanks

    user1106726 wrote:
    We currently have ILM 2007 in our environment with limited usage at the moment. We are looking at purchasing Oracle Identity Manager to implement an enterprise wide IAM solution.
    We were wondering if it is possible to continue using ILM like a middleware between our AD forests and the Oracle IdM. Where the Oracle IdM is the overarching IAM solution and Microsoft ILM 2007/FIM 2010 is like the metadirectory for our AD forests.
    Is this possible without installing the Oracle Management Connector on any of our DCs and using ILM as the directory that Oracle IdM connects to. All AD account provisioning/de-provisioning, acct updates, password sync/reset will be initiated from the Oracle IdM to ILM and then implemented on AD. In order words no direct interaction with AD domain controllers from Oracle IdM, everything will go to ILM and ILM in turn applies it to AD.
    Is this possible?yes
    >
    Is there a custom connector that will work with ILM 2007/FIM 2010Yes, if you write one you will have a custom connector
    >
    Is this a simple customization or something that can be problematic and expensive?It won't be simple. Problematic and expensive maybe, depends on how good you are with OIM and ILM

  • Oracle IAM integration with GRC 10

    Hi All,
    Our client is using Oracle IAM for user provisioning process. Now they have SAP GRC being implemented for two of their SAP systems. Now client wants to integrate SAP GRC Access Risks analysis (ARA) for SOD analysis and User Access Management(UAM) for user provisioning modules of SAP GRC 10 with Oracle IAM.
    As far as i know, webservices needs to be activated in GRC 10 and has done that. Now i want to know how Oracle IAM communicates with GRC 10. How connectors needs to be developed, User account to be created for web service access and how the parameters are passed from oracle to grc.
    Also how many different scenarios are there in oracle IAM for this integration?
    In SAP IDM vs SAP GRC integration we have 2 scenarios.
    1. Request raised in IDM -> SOD analysis in GRC -> Provisioning in GRC -> Return success/failure status back to IDM
    2. Request raised in IDM -> SOD analysis in GRC -> Return SOD success/failure status back to IDM -> Provisioning in IDM
    So can anyone help with possible scenarios for this integration process??

    Hi vikas and Frank,
    Do you have any information related on How to enable the webservices in the GRC 10 (does NWBC holds the key). if you have any information related to it  please share it with me.
    Thanks and regards,
    keerthi

  • Auto-provisioning new users with GRC 10.1

    There is some lack of clarity at my client on auto-provisioning new users into SAP systems with GRC 10.  Here's what they want and I'm telling them they need SAP IdM.
    The client will regularly have upwards of 500 new users on an on-going basis.  These users are approved and created in Active Directory.  The client believes that GRC 10 can now pick up these new users from Active Directory and then go ahead and provision them into ECC and CRM automatically, as soon as they're created, with no further approval required.
    To the best of my knowledge, the easiest way to do this would be for IdM to do this, and have IdM trigger GRC for certain users, and to provision users who fall into this group of 500 users.
    These users are different from regular users, who need to go through the approval workflows.  Regular users will have managers and roles that need approval.  These 500 or so users are approved to be created in the system and don't need to get caught up in the approval workflow.
    Am I wrong in saying that IdM 7.2 is the best way to do this, or am I missing something about what GRC 10 can do?
    Thanks for your help.  I really appreciate it.

    Hi Santosh,
    In AC 10.1, I created one brf plus initiator rule.Although I saved it in GRAC_ACCESS_REQUEST package.Transport button is not available(Not greyed).
    Dis you faced this issue..How to get this change in transport??
    PS:Application are activated.
    Thanks,
    Mamoon

  • BI_CONT 7.35 with GRC 5.3

    Hi All,
    Has anyone had experience with activating this business content version with GRC 5.3 CC and AE?
    I have created the UD connection and activated all the process chains and downstream objects, however I am pulling almost no data into the DSO's and cubes.
    Master data looks to be populated fine.
    Any help is greatly appreciated.
    Kind Regards,
    Eric

    Hi Eric,
    I've not used the Business Content as such but have been involved with connecting GRC 5.3 to BW for reporting purposes.
    We had to resort to DB connect in our version to connect properly.
    Have you got Data Mart functionality (verson 5.3 SP9 and above)? If so, you can use that to prepare the data extract which makes life a little easier than having to manually identify the source of your key fields and characteristics.
    Simon

  • CC - Connecting with Oracle ERP

    Hi Expert!
    Do anyone have connect Compliance Calibrator with Oracle???
    I need some guide with the data extraction! can any one help me please? If anyone have some guide or steps to follow it would be perfect...
    Regards,
    Magaly

    Magaly,
    You need to use Greenlight Adapters to support GRC connection with oracle, jde and peoplesoft.
    Please refer the following SAP Note for the supporting versions.( I don't have any documentation)
    Note 1076755 - Greenlight Adapters- Versions of ORA, JDE and PS Supported
    Thanks
    Himadama

  • Connecting with ODSM to OVD fails caused by: java.lang.NoClassDefFoundError

    Hi,
    I have made a fresh new install of an Oracle Virtual Directory server running on Windows 2003 32-bit and an ODSM server (Weblogic) running on Windows 2003 64-bit using FMW Identity Management 11.1.1.2 for both OVD and ODSM (OVD of course being 32-bit and ODSM the 64-bit version).
    When I try to connect with ODSM to my OVD server the first time without using SSL and connecting to port 8899 I get a pop-up telling me to look for a "Server Exception during PPR, #1" error in the log. The log shows me indeed a javax.servlet.ServletException: javax/wsdl/OperationType caused by Caused by: java.lang.NoClassDefFoundError: javax/wsdl/OperationType Caused by: java.lang.ClassNotFoundException: javax.wsdl.OperationType.
    When I try it a second time with the same settings it tells me to look for a "Server Exception during PPR, #2[[" in the log. The log now shows me a javax.servlet.ServletException: Could not initialize class com.octetstring.vde.admin.services.client.VDEAdminServiceSoapBindingStub Caused by: java.lang.NoClassDefFoundError: Could not initialize class com.octetstring.vde.admin.services.client.VDEAdminServiceSoapBindingStub.
    Connecting using SSL fails with the same error as the second attempt without it except the error is now #3.
    Any idea what might be going wrong here? Could it be the firewall between ODSM and OVD? Is it using more than port 8899 to connect? Or is it the difference between 32/64 bit platform and the 64-bit JVM that is missing some classes? What is it?
    Thanks in advance,
    Bart.

    Hi,
    I got the environment working.
    Here is the environment details
    Windows 2003 32 bit
    WLS 10.1.3.3.
    OFM 11g updated upto patch 11.1.1.3
    Also during the IDM configuration, i have also added the OHS as part of the installation/configuration so that the HTTP_client.jar file is in the path.
    HTH.
    Regards,
    Ramnath

  • Adobe cloud has lost connection with the server

    Adobe cloud has lost connection with the server, can't get adobe cloud to work so I can re-install photoshop to fix a corrupted DLL file.

    *Adding new items/removing orphans*
    Try iTunes Folder Watch or iTunes Library Updater. Folder Watch is much faster on the adding files front, can be set to run in the background and includes a useful exclusion feature, however it’s slow at removing orphans. iTLU is better for this although doing it manually after looking at a list of proposed removals generated by Folder Watch is probably faster still. iTLU can also be set to update iTunes when you've used 3rd party tools to change tag info.
    You may need to amend the list of file types these programs look for. My list includes:
    .mp3 .mp4 .m4a .m4b .m4p .m4v .mov .wav .aif .mid .ipa .ipg .ite .itlp .m4r .pdf
    Note the last 6 types may not be recognised as already being in the library so should either be omitted from the search or you can add (at least for Folder Watch) individual exclusions for files you know are already in your library.
    tt2

  • Untrusted server cert chain - while connecting with ldap

    Hi All,
    I am getting the following error while running a standalone java program in windows 2000+jdk1.3 environment to connect with LDAP.
    javax.naming.CommunicationException: hostname:636 [Root exception is ja
    vax.net.ssl.SSLException: untrusted server cert chain]
    javax.naming.CommunicationException: hostname:636. Root exception is j
    avax.net.ssl.SSLException: untrusted server cert chain
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA12
    275)
    at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA12275)
    at java.io.OutputStream.write(Unknown Source)
    at com.sun.jndi.ldap.Connection.<init>(Unknown Source)
    at com.sun.jndi.ldap.LdapClient.<init>(Unknown Source)
    at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
    at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
    at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
    at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
    at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
    at javax.naming.InitialContext.init(Unknown Source)
    at javax.naming.InitialContext.<init>(Unknown Source)
    at javax.naming.directory.InitialDirContext.<init>(Unknown Source)
    at Test2.getProxyDirContext(Test2.java:66)
    at Test2.main(Test2.java:40)
    Any help would be appreciated
    Thanks in Advance
    Somu

    This got resolved when in the code the following
    System.setProperty("javax.net.ssl.tmrustStore", CertFileName);
    where cert file name is the filename with complete path.the file is a CA certificate of the LDAP server
    in X509 format

  • Hi, my MacBook Air is not working anymore if it's not connected with the power cable. It's pretty new so I can't imagine that the battery is dead already. Why can't I use my MacBook Air without the power cable even though I charged it for hours?

    Hi, my MacBook Air is not working anymore if it's not connected with the power cable. It's pretty new so I can't imagine that the battery is dead already. Why can't I use my MacBook Air without the power cable even though I charged it for hours?

    Please take the Mac to  Apple store to have it checked out.
    Genius Bar reservation
    http://www.apple.com/retail/geniusbar/
    Best.

  • HT204266 My iPad (version 1, IOS 5.1) has quit connecting with the store. I am unable to update or buy any app. I did a reboot and a reset with deleting the data. I can not find anything in support for this problem. Any help will be appreciated.

    My iPad (version 1, IOS 5.1) has quit connecting with the store. I am unable to update or buy any app. I did a reboot and a reset with deleting the data. I can not find anything in support for this problem. Any help will be appreciated.

    My iPad (version 1, IOS 5.1) has quit connecting with the store. I am unable to update or buy any app. I did a reboot and a reset with deleting the data. I can not find anything in support for this problem. Any help will be appreciated.

  • Lost connection with Time Capsule (Office for Mac programmes run down)

    My colleague and I work at the office with 2 Macbooks. Both are connected wirelessly to the Time Capsule, which we use as a shared hard disk. We use Office 2008 for Mac. Now Word and Excel run down often after of little things like doing a search or cutting and pasting. I get the spinning ball can only do a forced quit to end the program. This is frustrating and time consuming!
    A friend told me to change my UID, cause my colleague and I both have the same UID (501) at our Macbooks. He downloaded Server Admin Tools to change my UID into 1001 with Work Group Manager. But when I arrived at the office this morning I didn't have a connection with the Time Capsule. To be able to work I changed the UID back to 501 again (but now I can't open excel document inless I drag them to the hard disk of my Macbook).
    The friend is not a Apple professional so he doens’t know how to help me anymore. Does anyone else have a suggestion?

    Temporarily, try connecting an Ethenret cable from your Mac to one of the LAN <-> ports on the Time Capsule
    Open AirPort Utility and Click Manual Setup
    Click on the word "Status" (2nd Line) and a window will open to with information about why the light is flashing amber

Maybe you are looking for

  • HP Officejet Pro cannot install on laptop via wireless

    Trying to install a new HP8600 Pro Plus.  I have configured the wireless on the printer, and it is connected to my wireless network, has an IP address and good signal strength.  When I try to add this printer on my laptop (I have now tried several la

  • Probably a Stupid Newbie Question, but....

    Picked up a 8300 series Curve a couple of weeks ago.  Had it synched with my Outlook on my pc.  About a week ago the synch stopped working and I noticed that when the phone was plugged into the USB cord the little charger symbol would only stay lit u

  • Cannot install Adobe Acrobat X Pro on Windows Vista ultimate

    Here are additional Details: Intel(R) Core(TM)2 Duo CPU T5450 @1,66GHz 1,67 GHz Memory(RAM): 2046 MB System type: 32-bit Operating System Is anything possible? Which version of Adobe Acrobat would you recommend?

  • HT204053 How to get into voice mail

    Just like to know how to access my voice mail?

  • Intel Mini - HDTV with DVI or HDMI Problems

    Hello With my Samsung LE32 and the Intel Mini I get overscan in HDTV resolutions like 1280x720, so I used DisplayConfigX to go from 1280x720 (overscan) to 1240x680 128 Front Porch 19 80 Sync 5 240 Back Porch 38 1688 Total 750 As you can see in the fo