What Does the SAP ERPยฎย User Lifecycle Plugin Do?
SAP’s ERP software (SAP ERP Central Components) covers many central business processes. It is used for storing important information about products, orders, financial data and personal customer data. Business IT departments must ensure that critical data is well protected against unauthorized access. Employees who need access to SAP must therefore be provided with user names and passwords to authenticate themselves and log in to the software. Every new user must be created manually in SAP and receive specific permissions (transaction SU01).
Users and permissions in SAP must be managed parallel to users and permissions in Active Directory, consuming disproportionate amounts of time as it means double the workload, while also increasing the risk of human error significantly. To complicate things further, there is no reporting tool available that is both user-friendly and able to provide a visual summary of access rights for both systems. All of this is detrimental to data security.
With tenfold’s SAP ERP User Lifecycle Plugin, you can create, delete and modify users in SAP through tenfold, assign and retract permissions, and generally automate all of the tasks required for successful and faultless access management – all from within one central platform.
Enterprise Edition
System Requirements:
SAP ERPยฎย Central Components
RFC connection between tenfold Server and NetWeaver Server
Service account for tenfold with BAPI permissions for BAPI_USER_*
Features
Create, modify and lock SAPยฎ users and assign access rights to them.
Set user fields in SAPยฎ automatically, based on configurable mappings.
Define usernames automatically based on configurable rules.
Scan for duplicates in Active Directoryย and SAPยฎ systems.
Initial passwords:ย tenfoldย usesย one-time secrets (OTS)ย to guarantee aย safe transmission of initial passwords.
Deactivate user accounts.
Remove access roles.
Lock or delete users upon arrival of the set leaving date.
Reset own SAPยฎ password via web portal.
User authentication via secret questions and/or SMS tokens.
Regular synchronization with SAPยฎ in order to register changes that were not made viaย tenfold.
Connect individual systems and CUA (central user administration) as well as combinations thereof.