on 04-27-2016 9:15 PM
Hello All,
Could you please help me in configuring SSO between LDAP and GRC for End user logon funtionality.I do not see a post which talks clearly talks about this
I have configured the LDAP server in GRC and created a LDAP Connector which is working fine and our security team is able to sync all the LDAP Users into GRC system.
As part of GRC ARM End user Logon now I need to configure SSO between LDAP and GRC
user should be able to access GRC system with his LDAP authentication for requesting SAP access in the landscape.
We don’t create a ID for the User in SAP GRC but he will be able to access GRC system with his LDAP authentication.
if this can be achieved by exchanging the certificates between LDAP and GRC.
What kind of certificate should i ask our LDAP team to provde to add in strust of GRC.
i have gone through sap notes 1733442 which only talks about approaches to follow but ,there is no detailed process availabe for it.
im trying to acheieve SSO by the below approach as explained in the note
SSO via Browser with Certificate Auth (As we do in SAP)
1 Sync all AD users into GRC ABAP without password. -
2 Setup Certificate issuer to Authenticate against AD.
3 Setup GRC ABAP to trust that Certificate Authority/issuer
4 Login into Certificate Generator App on computer get the certificate in browser, access GRC 10 application URL
Please let me know.
Regards,
Shakeel Samdani
Message was edited by: Matthias Kaempfer
Requirement :
The Requirement is:
1) End User Logon : User will enter his WIN AD ID and password to login to End user logon URL (Active Directory authentication without SSO)
2) However the manager should be able to access the approval link via SSO.He will be a GRC user but He should not be prompted for user ID credentials
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Shakeel ,
We have a same scenario like yours, End user Module is accepting Active Directory credentials, But in GRC system all id's are not present .
We have set SSO using SAML authentication , SSO is working properly for all other application for eg NWBC , Web GUI etc but it is not working for End user Module.
Please let us know fix you adopted to correct this.
Regards
Irshad Akram
User | Count |
---|---|
84 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.