IT departments who must give Windows-based end-users access to SAP hosted on UNIX or Linux feel the pain daily: users are frustrated by having to remember multiple passwords, helpdesk resour...
IT departments who must give Windows-based end-users access to SAP hosted on UNIX or Linux feel the pain daily: users are frustrated by having to remember multiple passwords, helpdesk resources are consumed with constant account and password reset requests, provisioning new users is cumbersome, and any lapse in disabling access for exiting users could land them in trouble with IT security or compliance auditors. In this video chalktalk, you'll see how Centrify DirectControl addresses each of the technical and business challenges around delivering single sign-on for SAP users. IT then demonstrates how leveraging Active Directory represents a cost-effective and easy-to-deploy solution.
A comparison of the unsecure version of SAP sign-on versus DirectControl's secure, Kerberos-based silent authentication
How support for SAP Basis provides transparent sign-on for users who have access to multiple SAP instances
The productivity gains and help desk cost savings that IT departments realize from Active Directory single sign-on
The security benefits of having centralized control over access to SAP
A visual look at the authentication flow between the SAPgui, the SAP server, and Active Directory
How the DirectControl client agent for SAPgui works and deployment options
The architecture of the DirectControl agent on the SAP server
How Kerberos encrypts and thus protects communication of SAP data across the network
The challenges of setting up a fault-tolerant Kerberos stack on an SAP server and how Centrify solves them
The security advantages of managing access to SAP server via Active Directory
How DirectControl associates Active Directory identities with existing SAP identities and tools and strategies for the initial configuration
The ease and speed with which the DirectControl solution can be deployed
Security and compliance reasons why some organizations want end-users to be reprompted to log in versus silent authentication, and how IT managers can configure these login options using Windows Group Policy
DirectControl's comprehensive platform support for SAP on UNIX and Linux, and SAPgui for Windows and Java
Centrify's integrated role-based privilege management and session auditing
How the complexities of Active Directory (which is a multimaster database, supports cross-domain trusts, and the like) makes it extremely challenging to build a custom LDAP interface to SAP
The value of having an SAP-certified solution like Centrify DirectControl
The approach to supporting SAP Netweaver for J2EE and Portal
How Centrify's approach of leveraging existing infrastructure provides a simple and cost-effective solution