on 08-01-2014 7:08 AM
Hi Everyone,
Our company is implementing BPC 10.0 and we have a specific team managing security in BPC. Once the security is assigned to a user in BPC then BPC is assigning the relevant BPC roles to users in SU01 in the backend (BW).
However we have connected BW to IdM and all the provisioning and de-provisioning in BW takes place via IdM.
Upon any changes to user in IdM, IdM is going into BW and wiping out the BPC roles which causing the users to lose access in BPC.
Has anyone faced this issue? Is there a work around?
Can we have IdM not touch the BPC roles in BW?
Please Help!
Thank you,
KV
Thank you Matt and Aman.
I have setup a custom ABAP update pass to address this issue.
The update pass reads all users and roles from the backend(BW) and manually assigns the ZBPC roles(assigned by BPC in BW) in IdM so IdM is aware of the BPC roles.
I have built a delta mechanism by writing the ZBPC roles to a temp table in IdM, compare them to the ZBPC role assigned in IdM and then add/remove the roles in IdM.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
In BPC 10 role is generated when a new TEAM/DAP is created.
In Our Project , We Copied system generated roles into our Project roles.
We created one customised table where we maintain entry of these generated roles with Project role &
mapping program where we mapped this roles.
Then we assign those Project Roles in Business roles which were assigned to users.
So IDM stopped whipping out users
Aman
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
95 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.