010 SAP NetWeaver Identity Management 7.2 - Master Guide
Short Description
Download 010 SAP NetWeaver Identity Management 7.2 - Master Guide...
Description
Master Guide SAP® NetWeaver Identity Management 7.2 Target Audience ıÅßflÕM Technical Consultants ıÅßflÕM System Administrators
CUSTOMER ıÅßpð‡˚\ì¥P Š˝á¬'ª¦@4⁄Ý¢D˚_õæ‹á•ßÁÝ�[”oóè)ò‰ÁÚ‡ÝÓ� »qF‘†g?5ð¯RC¾
SAP AG Dietmar-Hopp-Allee 16 69190 Walldorf Germany T +49/18 05/34 34 34 F +49/18 05/34 34 20 www.sap.com
© Copyright 2012 SAP AG. All rights reserved. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. Microsoft, Windows, Excel, Outlook, PowerPoint, Silverlight, and Visual Studio are registered trademarks of Microsoft Corporation. IBM, DB2, DB2 Universal Database, System i, System i5, System p, System p5, System x, System z, System z10, z10, z/VM, z/ OS, OS/390, zEnterprise, PowerVM, Power Architecture, Power Systems, POWER7, POWER6+, POWER6, POWER, PowerHA, pureScale, PowerPC, BladeCenter, System Storage, Storwize, XIV, GPFS, HACMP, RETAIN, DB2 Connect, RACF, Redbooks, OS/2, AIX, Intelligent Miner, WebSphere, Tivoli, Informix, and Smarter Planet are trademarks or registered trademarks of IBM Corporation. Linux is the registered trademark of Linus Torvalds in the United States and other countries. Adobe, the Adobe logo, Acrobat, PostScript, and Reader are trademarks or registered trademarks of Adobe Systems Incorporated in the United States and other countries. Oracle and Java are registered trademarks of Oracle and its affiliates. UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group. Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered trademarks of Citrix Systems Inc. HTML, XML, XHTML, and W3C are trademarks or registered trademarks of W3C®, World Wide Web Consortium, Massachusetts Institute of Technology. Apple, App Store, iBooks, iPad, iPhone, iPhoto, iPod, iTunes, Multi-Touch, Objective-C, Retina, Safari, Siri, and Xcode are trademarks or registered trademarks of Apple Inc. IOS is a registered trademark of Cisco Systems Inc. RIM, BlackBerry, BBM, BlackBerry Curve, BlackBerry Bold, BlackBerry Pearl, BlackBerry Torch, BlackBerry Storm, BlackBerry Storm2, BlackBerry PlayBook, and BlackBerry App World are trademarks or registered trademarks of Research in Motion Limited. Google App Engine, Google Apps, Google Checkout, Google Data API, Google Maps, Google Mobile Ads, Google Mobile Updater, Google Mobile, Google Store, Google Sync, Google Updater, Google Voice, Google Mail, Gmail, YouTube, Dalvik and Android are trademarks or registered trademarks of Google Inc. INTERMEC is a registered trademark of Intermec Technologies Corporation. Wi-Fi is a registered trademark of Wi-Fi Alliance. Bluetooth is a registered trademark of Bluetooth SIG Inc. Motorola is a registered trademark of Motorola Trademark Holdings LLC. Computop is a registered trademark of Computop Wirtschaftsinformatik GmbH. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer, StreamWork, SAP HANA, and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries. Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, Crystal Decisions, Web Intelligence, Xcelsius, and other Business Objects products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Business Objects Software Ltd. Business Objects is an SAP company. Sybase and Adaptive Server, iAnywhere, Sybase 365, SQL Anywhere, and other Sybase products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Sybase Inc. Sybase is an SAP company.
2/40
CUSTOMER
2012-07-06
Crossgate, m@gic EDDY, B2B 360°, and B2B 360° Services are registered trademarks of Crossgate AG in Germany and other countries. Crossgate is an SAP company. All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary. These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies (“SAP Group”) for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty. Disclaimer
Some components of this product are based on Java™. Any code change in these components may cause unpredictable and severe malfunctions and is therefore expressly prohibited, as is any decompilation of these components. Any Java™ Source Code delivered with this product is only to be used by SAP’s Support Services and may not be modified or altered in any way. Documentation in the SAP Service Marketplace
You can find this document at the following address: http://service.sap.com/installguidesnwidm
2012-07-06
CUSTOMER
3/40
Typographic Conventions
Example
Description
Angle brackets indicate that you replace these words or characters with appropriate entries to make entries in the system, for example, “Enter your ”. Arrows separating the parts of a navigation path, for example, menu options Emphasized words or expressions Words or characters that you enter in the system exactly as they appear in the documentation Textual cross-references to an internet address, for example, http://www.sap.com Quicklinks added to the internet address of a homepage to enable quick access to specific content on the Web Hyperlink to an SAP Note, for example, SAP Note 123456 ¯W‡Ö¶: Words or characters quoted from the screen. These include field labels, screen titles, pushbutton labels, menu names, and menu options. ¯W‡Ö¶: Cross-references to other documentation or published works ¯W‡Ö¶: Output on the screen following a user action, for example, messages ¯W‡Ö¶: Source code or syntax quoted directly from a program ¯W‡Ö¶: File and directory names and their paths, names of variables and parameters, and names of installation, upgrade, and database tools Technical names of system objects. These include report names, program names, transaction codes, database table names, and key concepts of a programming language when they are surrounded by body text, for example, SELECT and INCLUDE Keys on the keyboard
Example Example
Example /example
123456 Example
Example
EXAMPLE
EXAMPLE
4/40
CUSTOMER
2012-07-06
Document History
CAUTION
Before you start the implementation, make sure you have the latest version of this document. You can find the latest version on SAP Service Marketplace http://service.sap.com/ installguidesnwidm. The following table provides an overview on the most important document changes: Version
Date
Description
1.7 1.6 1.5 1.4 1.3 1.2 1.1 1.0
2012-07-06 2012-01-13 2011-12-19 2011-12-08 2011-10-17 2011-03-11 2010-12-13 2010-12-06
Adjusted implementation sequence. Added note about DB maintenance. Added link to the documentation and resource map. Updated supported Oracle database versions. Inserted references to new upgrade and migration documents Updated references to several documents Updated references to several documents First version of the document
2012-07-06
CUSTOMER
5/40
Table of Contents
Chapter 1 1.1 1.2 1.3
Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 About this Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Related Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Important SAP Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Chapter 2 2.1 2.2
11 11
2.2.1 2.2.1.1 2.2.1.2 2.2.1.3 2.2.1.4 2.2.1.5 2.2.2 2.2.3 2.2.4 2.3 2.4
SAP NetWeaver Identity Management Overview . . . . . . . . . . . . . . . . . . . . Introduction to SAP NetWeaver Identity Management . . . . . . . . . . . . . . . . . . Software Units and Capabilities of SAP NetWeaver Identity Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Software Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Identity Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Virtual Directory Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Identity Management User Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Federation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . UWL IDM Connector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Connectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Frameworks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Solution-Wide Capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . System Landscape . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Overall Implementation Sequence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Chapter 3 3.1 3.2 3.3 3.4 3.5
SAP NetWeaver Identity Management Scenarios . . . . . . . . . . . . . . . . . . . . Provisioning for SAP or non-SAP Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . Integration with SAP HCM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Enhanced SAP Business Suite Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . Integration with SAP BusinessObjects Access Control . . . . . . . . . . . . . . . . . . . Identity Federation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
23 23 25 27 30 32
Chapter A A.1
Appendix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 List of Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
6/40
CUSTOMER
12 12 13 14 14 15 15 15 17 17 19 20
2012-07-06
1
Getting Started
1.1
About this Document
1 Getting Started
1.1 About this Document This Master Guide is the central starting point for the technical implementation of SAP NetWeaver Identity Management. You can find cross-scenario implementation information as well as scenariospecific information in this guide. The Master Guide provides an overview of SAP NetWeaver Identity Management, its software units, and its scenarios from a technical perspective. Use it to help you design your identity management system landscape before you start the implementation phase. It refers you to the required detailed documentation, mainly: 8)ÁÃùV Installation guides for single software components 8)ÁÃùV SAP Notes 8)ÁÃùV Configuration documentation 8)ÁÃùV Tutorials NOTE
Upgrade information is included in the installation guides for the single software components. In addition, the following documents are relevant. Document
Identity Management for SAP System Landscapes: Upgrading from Identity Management 7.1 to 7.2
Description
Describes the processes and steps necessary to upgrade the provisioning framework to the completely rewritten version of Release 7.2. SAP NetWeaver Describes the Identity process of Management upgrading a Migration solution Guide - Identity developed with Management SAP 7.1 to 7.2 NetWeaver Identity Management 7.1 to SAP
2012-07-06
Location http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/ library/uuid/10c2c969-09d6-2e10-7fb0-9a50eb339939? QuickLink=index&overridelayout=true&53468047868114
http://service.sap.com/~sapidb/011000358700001230022010ESAP
CUSTOMER
7/40
1
Getting Started
1.1
About this Document Document
Description
NetWeaver Identity Management 7.2. SAP NetWeaver Describes how Identity to analyze the Management configuration Using the on an existing Configuration configuration Analyzer for migration purposes.
Location
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/ library/uuid/602c4988-c4db-2e10-39a7-8f8404d39c51? QuickLink=index&overridelayout=true&52536040157678
The Master Guide consists of the following main sections: ü˚�Ý' SAP NetWeaver Identity Management Overview This section provides an overview of SAP NetWeaver Identity Management, including an overview of the software components that it comprises, the connectors and frameworks that are delivered, and an overview of the solution-wide capabilities that apply to all scenarios. It also provides an overview of the system landscape and the overall implementation sequence. ü˚�Ý' SAP NetWeaver Identity Management Scenarios This section provides an overview of the identity management scenarios: ü˚�ÝH Provisioning for SAP or non-SAP systems ü˚�ÝH Integration with SAP Human Capital Management (SAP HCM) ü˚�ÝH Enhanced SAP Business Suite integration ü˚�ÝH Integration with BusinessObjects Access Control ü˚�ÝH Federation NOTE
You can implement any or all of the scenarios in your landscape. NOTE
You can find the most current information about the technical implementation of SAP NetWeaver Identity Management and the latest installation and configuration guides at http:// scn.sap.com/docs/DOC-8397. We strongly recommend that you use the documents available here. The guides are regularly updated. Constraints
ü˚�Ý' The business scenarios that are presented here serve as examples of how you can use SAP software in your company. The business scenarios are only intended as models and do not necessarily run the way they are described here in your customer-specific system landscape. Ensure to check your requirements and systems to determine whether these scenarios can be used productively at your
8/40
CUSTOMER
2012-07-06
1
Getting Started
1.2
Related Information
site. Furthermore, we recommend that you test these scenarios thoroughly in your test systems to ensure they are complete and free of errors before going live. á“òÀ¿ This Master Guide primarily discusses the overall technical implementation of SAP NetWeaver Identity Management, rather than its subordinate components. This means that additional software dependencies might exist without being mentioned explicitly in this document. You can find more information on component-specific software dependencies in the corresponding installation guides. á“òÀ¿ Good quality of data is a prerequisite for the successful implementation of an identity management system. Before you start implementing SAP NetWeaver Identity Management, we recommend you clean up the identity data in those systems you want to integrate.
1.2 Related Information Planning Information
For more information about planning topics not covered in this guide, see the following content on SAP Service Marketplace or SDN: Content
Location on SAP Service Marketplace or SDN
Overview about the phases of an SAP NetWeaver Documentation and resource map: http://wiki.sdn.sap.com/ Identity Management project and guidelines about the wiki/display/Security/Planning+%28Release+7.2% implementation tasks associated with the 29 corresponding phases and where to find documentation about each task. Latest versions of installation guides http://service.sap.com/~sapidb/ 011000358700001223002010E
General information about SAP NetWeaver Identity Management Sizing, calculation of hardware requirements
http://sdn.sap.com/irj/sdn/nwidentitymanagement
SAP NetWeaver Identity Management Identity Center Minimum System Requirements: http://www.sdn.sap.com/irj/scn/ go/portal/prtroot/docs/library/uuid/c0b952d7dfd7-2b10-7981-e3db245e765f? QuickLink=index&overridelayout=true&49813030699 623
SAP NetWeaver Identity Management 7.1/7.2 Sizing Guide: http://service.sap.com/~sapidb/ 011000358700000425682010E
Released platforms and technology-related topics, Platform Availability Matrix: http:// such as maintenance strategies and language support service.sap.com/~form/handler?_APP= 00200682500000001303&_EVENT= DISP_NEW&00200682500000002804= 01200314690900002535
Windows Server and SQL Server:
http://
service.sap.com/~form/sapnet?_SHORTKEY= 01200252310000085820&
Other database and operating systems:
2012-07-06
CUSTOMER
9/40
1
Getting Started
1.3
Important SAP Notes
Content
Location on SAP Service Marketplace or SDN http://www.sdn.sap.com/irj/sdn/dbos
Network security
SAP NetWeaver Identity Management Security Guide: http:// service.sap.com/~sapidb/ 011000358700001223802010E
High Availability
Solution Operation Guide, Section 6: http:// service.sap.com/~sapidb/ 011000358700001223922010E
Information about Support Package Stacks, latest software versions and patch level requirements
http://service.sap.com/sp-stacks
Further Useful Links
The following table lists further useful links on SAP Service Marketplace: Content
Location on SAP Service Marketplace
Information about creating error messages SAP Notes search
http://service.sap.com/~form/sapnet?_SHORTKEY=01100035870000082707&_ SCENARIO=01100035870000000202&
http://service.sap.com/~form/sapnet?_ SHORTKEY=01100035870000006063&_SCENARIO=01100035870000000202&
SAP Software Distribution Center (software download and ordering of software) SAP Online Knowledge Products (OKPs) – role-specific Learning Maps
http://service.sap.com/swdc
http://service.sap.com/rkt
1.3 Important SAP Notes You must read the following SAP Notes before you start the installation. These SAP Notes contain the most recent information on the installation, as well as corrections to the installation documentation. Make sure that you have the up-to-date version of each SAP Note, which you can find on SAP Service Marketplace at http://service.sap.com/notes. SAP Note Number Title
Description
1498369
This is the central entry point for all SAP Notes related to SAP NetWeaver Identity Management 7.2.
10/40
Central note for SAP NetWeaver Identity Management 7.2
CUSTOMER
2012-07-06
2
SAP NetWeaver Identity Management Overview
2.1
Introduction to SAP NetWeaver Identity Management
2 SAP NetWeaver Identity Management Overview
2.1 Introduction to SAP NetWeaver Identity Management Enterprises are under pressure to increase the speed of deploying new applications and systems across their global networks, both internally and in the context of e-business with partners and customers. One of the challenges involved in these processes is the difficulty in finding and bringing together information relating to identities and resources that are distributed across multiple and often incompatible information sources. Identity data is often stored in many different applications throughout the enterprise and maintained manually in different locations. This is costly and, in addition to posing a security risk, can cause inconsistencies and low data quality. The prime objective of SAP NetWeaver Identity Management is to centrally manage and keep all identity data within the enterprise up-to-date. See the figure below.
1P
View more...
Comments