Skip to Content
Author's profile photo Matt Pollicove

SAP TechEd from an IDM Point of View

To boldly go where no man — where no one — has gone… before.

I have to tell you, this is how I feel after every TechEd, and I’ve been to at least six of them now. It’s always hard to sum up the TechEd experience, unless, of course, you’ve been there. It’s a whirlwind to say the least, learning, seeing old friends, making new ones, matching faces with email addresses/SCN IDs. At the end of every day it feels like I’ve run a marathon, mentally and physically.  If you’re a step counter, it’s pretty easy to reach your goals. And if you’re head is always spinning with everything you’ve learned.

If previous TechEds have been about specifics such as HANA, Fiori, Hybris, Lumira, this TechEd was certainly centered on Cloud based architectures. Everyone was talking about how their Service, Application, Module, etc. worked with SAP specific clouds or Enterprise based cloud technologies.

Learning.  Did a lot of that this week, with some very  good stuff by SAP Security and IDM people such as Plamen Pavlov, Hristo Borisov, Penka Tatarova, and Gerlinde Zibulski discussing issues regarding Cloud Based authentication, and the brand new SAP HANA Cloud Platform Identity Provisioning Service . While I was unable to attend the hands on sessions, I did hear back from several people that this brand new platform shows much promise for provisioning both SAP and non-SAP applications that are the basis of evolving cloud strategies. While attending a roadmap session for the Cloud Platform Identity Provisioning Service, I learned that the two main supported sources are LDAP and SCIM, this makes me think that the Virtual Directory Server could become very popular in enabling other types of applications for Cloud Provisioning. I’m sure I’ll be talking about this more in future blogs.

Roadmap. As always, there were a lot of roadmap sessions for the various identity and security related products. The security portfolio has grown quite large as we see below.


There are now 8 products in the portfolio, and as we’ve discussed they are organized into cloud and on premise architectures, but I could not help noticing a new addition, that I thought needed to be there for some time: SAP Access Control. In my opinion this change is long overdue, and from what I hear will lead to a better integration with SAP IDM in the long run.

SAP IDM. Yes, it’s still here and got more than its fair share of attention. The SAP IDM 8.0 RDS add-on is expected to be released before the end of September 2016, and of course, we have heard about the latest service pack. There’s some other new functionality coming for 8.0 in the next couple of SPs, and I’ve heard that we can expect another SP fairly soon. With the reshaping of the security portfolio, I can foresee steps to integrate with the new cloud based modules and the new additions.

Another thing that we can count on is that SAP IDM will continue to be further integrated into the overall SAP Landscape. We got to see a fascinating preview of a unified installation process for SAP IDM using SWPM that handles installing the Designtime and Runtime, Keys file, Dispatcher, and of course the SCA files. While that will put BASIS a little more in control of IDM installation and configuration, a comprehensive install process is a huge plus in my book. I am trying to get a little more information on this and will update the blog when I receive it.

For those of us still using 7.2, it’s still going to be around for a while yet, but I don’t know that we should expect much more development here, aside from patches.

SAP is making the next steps into the future and I think that 8.0 will be fulfilling that soon along with cloud, security, and landscape integration. We will just have to see what will come about at TechEd 2017. I for one am counting the days already until next year!

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Steffi Warnecke
      Steffi Warnecke

      Hello Matt,

      thank you for the summary!

      Sadly it looks like for 7.2 people like me, there wasn’t that much of new information released at TechEd. I’m sure happy the extented the support though.

      I’m looking at the 8.0 SP updates with an eager eye to see, if it’s finally up to shape enough to consider upgrading, but right now, especially after what I saw in my training course, I’m not to impressed.

      Reading about an easier installation is always good, but I wonder what happens if those steps need to be done by different people. Can it still be separated from each other or will this unified “One for all” approach be the only way to go? Speaking about who is in charge of what server and application.
      You said preview, so that’s still a bit down the road? Or was there an ETA communicated already?


      PS: To boldly go where no Steffi — has gone… before.
      PPS: Argh! This editor sure isn't a fan of space lines...

      Author's profile photo Matt Pollicove
      Matt Pollicove
      Blog Post Author

      Steffi, I didn't see a timeline on this, nor was there an official confirmation if this would be be definitely applied to 7.2.

      This is pretty much the way of the future, and works the same as say, the NetWeaver install.  This means that there should not be a need for multiple people to work on the install.

      I guess we'll have to see what the install package looks like!


      Author's profile photo Steffi Warnecke
      Steffi Warnecke

      It's not so much the need as the organizational structure I'm concerned about. 😉 I don't expect this installation package to be for 7.2 either way. As you said: development definitly concentrates on 8.0 now. And they probably should ...

      But yes, we will just wait and see.