our environment has SAP HR , GRC CUP (5.3) and Active directory(connected to IBM tivoli Manager).
I have a requirement where I need to provision user IDs to SAP systems through GRC CUP after the Hire event is completed in SAP HR. To provision in SAP, we need to first create Active directory ID ( network ID) before we can use this ID as sap user ID. we are planning to use position based security in SAP HR.
Question: After the Hiring event is completed,can I initiate 2 paths in GRC CUP workflow where one path creates the Active directory ID and then provides that Active directory ID to the second path which will then use this to provision in SAP systems.
The Active directory is connected to IBM Tivoli Identity manager. so we have to create Active Directory account through IBM Tivoli Manager.
Can you share your thougts on this. can we build a workflow like that. If not, any other alternative thoughts ??