Hi Folks,
I am troubleshooting an exisitng GRC installation.
Is it typical to configure GRC and UME to different source clients? If done so, what does it mean? How does it affect the risk analysis and user provisioning?
For example, the UME on AS Java is configured to use, say, ERP(100) client as the ABAP user store. On the same AS Java system, GRC is configured with JCo destinations pointing to ERP(200).
In this case, the master data source (users, roles) for Compliance Calibrator is ERP(200) and the user data source for Access Enforcer is ERP(200).
But the initial authentication to AE and CC is based on UME which is pointing to ERP(100) for authentication.
Is this a best practice recommendation ? I do not understand its usage. Please let me know your thoughts.
Regards
Reddy P.