on 06-04-2018 1:49 PM
I'm working on a requirement to provision Users to HANA DB from a 3rd party IDM tool. Each user requires both a user in the ABAP system and a database user in SAP HANA to enable access to the relevant views. We have custom services built to provision Users tor ABAP system. But could anyone guide on how to achieve the User Management functionality to HANA DB ? SAP does support the following methods for synchronizing datatabase users with the existing users in the ABAP system:
First option is pretty much what I'm looking for.
Does anyone has worked on such a requirement ? Any APIs on how to achieve this ?
SAP IDM can provision to SAP HANA. This is provided as standard via the frameworks. You can also use LDAP with the newer revisions of HANA.
What third party tool are you using? You could always use SCIM, you'd have to develop this but it means not having to buy new products (assuming your current IDM tool is SCIM enabled).
I would recommend using the LDAP feature (if you're using AD already).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Michael,
Thanks for your response. Does SAP IDM use any services or is it aswell using LDAP ?
I'm currently working on is Omada IDM tool and we are working to integrate HANA DB for User and Role Management activities. To start with, we need to Read Users and Rols and Create, Modify and Assign Users with additional Roles / Privileges.
Could you point to any document which describes how to achieve this using SCIM connectivity ?
I'd explore further on LDAP feature aswell as we are already provisioning to AD.
Regards,
Naresh
You can use a VDS (Virtual Directory Server) in order to use the LDAP protocol.
SCIM is a open source protocol, there is no specific SAP documentation on this. You can get a developer to develop this SCIM protocol connector to do anything you want, there could some limitations on the HANA side but I am not sure. I would advise again that using the HANA LDAP feature would be the way to go as its seems its BAU for you.
HANA XS has an ability to dynamically create a user based on a SAML SSO login attempt.
The HANA system must be linked to the IDP and the IDP must have this option checked on.
Could this possibly be a solution for you?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.