FIM 2010 in combination with SAP
Hello Guys! I have a customer which wants to migrate from Novell eDirectory to Active Directory. At this moment he uses the Identity manager from Novell to assign explicit roles to a SAP-user. Because of the replacement of eDirectory, he also wants to have a RBAC tool which is similar or better then the Novell Identity Manager. Is FIM 2010 a suitable solution to delegate roles in a SAP environment? Or should I use the SAP Identity Manager? Any advise would be welcome! Thnx in advance! best regards, Piet Engelen
March 24th, 2011 9:59am

Hi Piet you can use FIM to manage SAP roles. It's a simple attribute export of a string. SAP roles attribute string is a XML tree of all the roles a user owns and the name, start and end date of the role and so on of each role. Henry
Free Windows Admin Tool Kit Click here and download it now
March 27th, 2011 12:54pm

You can also look at Omada Identity Manager, this is build on top of FIM 2010 and is a very advanced RBAC tool.Need realtime FIM synchronization? check out the new http://www.traxionsolutions.com/imsequencer that supports FIM 2010 and Omada Identity Manager real time synchronization!
March 28th, 2011 11:18am

I only know that SAP Identity Manager is actually MaxWare, and I don't know how integrated that product is yet with SAP role definitions. However I do know that Omada built their business specifically with SAP role management in mind, as they had a significant number of their founding engineers who had a strong SAP background. This is a now very mature platform which complements FIM. When it comes to accessing SAP itself, the FIM SAP MA may not necessarily be your best option, depending on which version of SAP you are using ... there is at least one alternative SAP ECMA commercially available and listed on the FIM Management Agents from Partners page, including one from UNIFY designed to present this type of relational data to FIM as if it was a directory (multivalue attributes, references, multiple object types in a single MA, supporting full bi-directional flow, including delta imports). Once you get your role data into FIM, I have found that so long as you get your FIM schema custom resource type model model right (which you will know when you test your xpath!), the FIM portal has the power to deliver roll-your-own RBAC to complement its strong Request based access model. I have seen the results first hand and it certainly takes OOTB FIM up a notch :). Bob Bradley, www.unifysolutions.net (FIMBob?)
Free Windows Admin Tool Kit Click here and download it now
March 28th, 2011 5:41pm

Hi Piet, As you can see from thread Omada os well-known for our strong SAP competencies and our Role Manager for FIM 2010 which is 100% with FIM. We also offer a web services based SAP MA - if you require further information or have questions please feel free to contact me directly on: fla@omada.net /Frank
April 2nd, 2011 5:14am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics