Hello, good evening!

Is it possible to integrate Verify SaaS with an on-premise SAP instance for account provisioning? If so, what is the approach?

Regards,

Rodrigo

Yes - that is possible. SAP NW Adapter was one of the first "complex" on-prem adapter that was support for ISV SaaS.

You will need to install a provisioning gateway and SDI on-prem, import the adapter on the ISV SaaS side.

Now - that said - many use cases that people expect to implement for SAP will not be easily configured in ISV SaaS due to the complex nature of SAP - but whether ISV SaaS is supporting enough for your business is something you need to validate.

HTH  

Hello, good evening!

Is it possible to integrate Verify SaaS with an on-premise SAP instance for account provisioning? If so, what is the approach?

Regards,

Rodrigo

Yes - that is possible. SAP NW Adapter was one of the first "complex" on-prem adapter that was support for ISV SaaS.

You will need to install a provisioning gateway and SDI on-prem, import the adapter on the ISV SaaS side.

Now - that said - many use cases that people expect to implement for SAP will not be easily configured in ISV SaaS due to the complex nature of SAP - but whether ISV SaaS is supporting enough for your business is something you need to validate.

HTH  

Hello, good evening!

Is it possible to integrate Verify SaaS with an on-premise SAP instance for account provisioning? If so, what is the approach?

Regards,

Rodrigo

The provisioning is gateway is the docker version of the brokerage.

Whether you want to install SDI in a container or as a separate machine is your choice - I prefer to have the SDI/Dispatcher available on SW system as that makes it easier for me to debug and change - but my usage is primarily development/debugging not a production environment....

To setup the SAP NW in ISV you need to download the SAP NW Adapter and the upload the adapter profile to ISV - all of the provisioning adapters are handled this way. There are some provisioning connectors in ISV - but they are basically considered "cloud" provisioning adapters and does not require on-prem provisioning gateway.

HTH

Yes - that is possible. SAP NW Adapter was one of the first "complex" on-prem adapter that was support for ISV SaaS.

You will need to install a provisioning gateway and SDI on-prem, import the adapter on the ISV SaaS side.

Now - that said - many use cases that people expect to implement for SAP will not be easily configured in ISV SaaS due to the complex nature of SAP - but whether ISV SaaS is supporting enough for your business is something you need to validate.

HTH  

Hello, good evening!

Is it possible to integrate Verify SaaS with an on-premise SAP instance for account provisioning? If so, what is the approach?

Regards,

Rodrigo

The provisioning is gateway is the docker version of the brokerage.

Whether you want to install SDI in a container or as a separate machine is your choice - I prefer to have the SDI/Dispatcher available on SW system as that makes it easier for me to debug and change - but my usage is primarily development/debugging not a production environment....

To setup the SAP NW in ISV you need to download the SAP NW Adapter and the upload the adapter profile to ISV - all of the provisioning adapters are handled this way. There are some provisioning connectors in ISV - but they are basically considered "cloud" provisioning adapters and does not require on-prem provisioning gateway.

HTH

Yes - that is possible. SAP NW Adapter was one of the first "complex" on-prem adapter that was support for ISV SaaS.

You will need to install a provisioning gateway and SDI on-prem, import the adapter on the ISV SaaS side.

Now - that said - many use cases that people expect to implement for SAP will not be easily configured in ISV SaaS due to the complex nature of SAP - but whether ISV SaaS is supporting enough for your business is something you need to validate.

HTH  

Hello, good evening!

Is it possible to integrate Verify SaaS with an on-premise SAP instance for account provisioning? If so, what is the approach?

Regards,

Rodrigo

You need to follow the detailed instructions in the SAP Adapter documentation.

Basically that is adding jar files and XSL stylesheets to the SDI environment from the adapter - you also need to download the SAP JCO components from SAP (they are not allowed to be redistributed...).

When that is done you should work with your local SAP people to enable SNC from the adapter to SAP - else you cannot set productive passwords (and this will also ensure encrypted traffic...)

HTH 

The provisioning is gateway is the docker version of the brokerage.

Whether you want to install SDI in a container or as a separate machine is your choice - I prefer to have the SDI/Dispatcher available on SW system as that makes it easier for me to debug and change - but my usage is primarily development/debugging not a production environment....

To setup the SAP NW in ISV you need to download the SAP NW Adapter and the upload the adapter profile to ISV - all of the provisioning adapters are handled this way. There are some provisioning connectors in ISV - but they are basically considered "cloud" provisioning adapters and does not require on-prem provisioning gateway.

HTH

Yes - that is possible. SAP NW Adapter was one of the first "complex" on-prem adapter that was support for ISV SaaS.

You will need to install a provisioning gateway and SDI on-prem, import the adapter on the ISV SaaS side.

Now - that said - many use cases that people expect to implement for SAP will not be easily configured in ISV SaaS due to the complex nature of SAP - but whether ISV SaaS is supporting enough for your business is something you need to validate.

HTH  

Hello, good evening!

Is it possible to integrate Verify SaaS with an on-premise SAP instance for account provisioning? If so, what is the approach?

Regards,

Rodrigo

Hi Franz,

Perfect!

Is there any way to create a SDI hosts with High Availability to production environment?

Thank you very much!

Rodrigo Xavier Coordenador de Consultoria Segurança da Informação e Privacidade Rio de Janeiro (21) 2507-2010 São Paulo (11) 3167-0526 www.triscal.com.br

You need to follow the detailed instructions in the SAP Adapter documentation.

Basically that is adding jar files and XSL stylesheets to the SDI environment from the adapter - you also need to download the SAP JCO components from SAP (they are not allowed to be redistributed...).

When that is done you should work with your local SAP people to enable SNC from the adapter to SAP - else you cannot set productive passwords (and this will also ensure encrypted traffic...)

HTH 

The provisioning is gateway is the docker version of the brokerage.

Whether you want to install SDI in a container or as a separate machine is your choice - I prefer to have the SDI/Dispatcher available on SW system as that makes it easier for me to debug and change - but my usage is primarily development/debugging not a production environment....

To setup the SAP NW in ISV you need to download the SAP NW Adapter and the upload the adapter profile to ISV - all of the provisioning adapters are handled this way. There are some provisioning connectors in ISV - but they are basically considered "cloud" provisioning adapters and does not require on-prem provisioning gateway.

HTH

Yes - that is possible. SAP NW Adapter was one of the first "complex" on-prem adapter that was support for ISV SaaS.

You will need to install a provisioning gateway and SDI on-prem, import the adapter on the ISV SaaS side.

Now - that said - many use cases that people expect to implement for SAP will not be easily configured in ISV SaaS due to the complex nature of SAP - but whether ISV SaaS is supporting enough for your business is something you need to validate.

HTH  

Hello, good evening!

Is it possible to integrate Verify SaaS with an on-premise SAP instance for account provisioning? If so, what is the approach?

Regards,

Rodrigo

Yes - basically you can setup a number (normally 2) SDI/Dispatchers behind a loadbalancer. All the adapter operations are stateless so it does not matter where there are performed.

Now - that said - I really do not see a need for that except for certain specialized environment - I would use KISS principle - in many cases the additional cost in setup/maintenance and complexity in managing the environment is simply not worth the effort. What I see in most HA setup is that they are less stable than simple single server environments and they fail more often (think about that...) and are much more time consuming to get up and running after a failure.....

It is not that you can make this work - but in most scenarios 98% uptime is more than sufficient - and being able to recycle the environment quickly with minimal risk is much more efficient...

HTH  

Hi Franz,

Perfect!

Is there any way to create a SDI hosts with High Availability to production environment?

Thank you very much!

Rodrigo Xavier Coordenador de Consultoria Segurança da Informação e Privacidade Rio de Janeiro (21) 2507-2010 São Paulo (11) 3167-0526 www.triscal.com.br

You need to follow the detailed instructions in the SAP Adapter documentation.

Basically that is adding jar files and XSL stylesheets to the SDI environment from the adapter - you also need to download the SAP JCO components from SAP (they are not allowed to be redistributed...).

When that is done you should work with your local SAP people to enable SNC from the adapter to SAP - else you cannot set productive passwords (and this will also ensure encrypted traffic...)

HTH 

The provisioning is gateway is the docker version of the brokerage.

Whether you want to install SDI in a container or as a separate machine is your choice - I prefer to have the SDI/Dispatcher available on SW system as that makes it easier for me to debug and change - but my usage is primarily development/debugging not a production environment....

To setup the SAP NW in ISV you need to download the SAP NW Adapter and the upload the adapter profile to ISV - all of the provisioning adapters are handled this way. There are some provisioning connectors in ISV - but they are basically considered "cloud" provisioning adapters and does not require on-prem provisioning gateway.

HTH

Yes - that is possible. SAP NW Adapter was one of the first "complex" on-prem adapter that was support for ISV SaaS.

You will need to install a provisioning gateway and SDI on-prem, import the adapter on the ISV SaaS side.

Now - that said - many use cases that people expect to implement for SAP will not be easily configured in ISV SaaS due to the complex nature of SAP - but whether ISV SaaS is supporting enough for your business is something you need to validate.

HTH  

Hello, good evening!

Is it possible to integrate Verify SaaS with an on-premise SAP instance for account provisioning? If so, what is the approach?

Regards,

Rodrigo

Yes - basically you can setup a number (normally 2) SDI/Dispatchers behind a loadbalancer. All the adapter operations are stateless so it does not matter where there are performed.

Now - that said - I really do not see a need for that except for certain specialized environment - I would use KISS principle - in many cases the additional cost in setup/maintenance and complexity in managing the environment is simply not worth the effort. What I see in most HA setup is that they are less stable than simple single server environments and they fail more often (think about that...) and are much more time consuming to get up and running after a failure.....

It is not that you can make this work - but in most scenarios 98% uptime is more than sufficient - and being able to recycle the environment quickly with minimal risk is much more efficient...

HTH  

Hi Franz,

Perfect!

Is there any way to create a SDI hosts with High Availability to production environment?

Thank you very much!

Rodrigo Xavier Coordenador de Consultoria Segurança da Informação e Privacidade Rio de Janeiro (21) 2507-2010 São Paulo (11) 3167-0526 www.triscal.com.br

You need to follow the detailed instructions in the SAP Adapter documentation.

Basically that is adding jar files and XSL stylesheets to the SDI environment from the adapter - you also need to download the SAP JCO components from SAP (they are not allowed to be redistributed...).

When that is done you should work with your local SAP people to enable SNC from the adapter to SAP - else you cannot set productive passwords (and this will also ensure encrypted traffic...)

HTH 

The provisioning is gateway is the docker version of the brokerage.

Whether you want to install SDI in a container or as a separate machine is your choice - I prefer to have the SDI/Dispatcher available on SW system as that makes it easier for me to debug and change - but my usage is primarily development/debugging not a production environment....

To setup the SAP NW in ISV you need to download the SAP NW Adapter and the upload the adapter profile to ISV - all of the provisioning adapters are handled this way. There are some provisioning connectors in ISV - but they are basically considered "cloud" provisioning adapters and does not require on-prem provisioning gateway.

HTH

Yes - that is possible. SAP NW Adapter was one of the first "complex" on-prem adapter that was support for ISV SaaS.

You will need to install a provisioning gateway and SDI on-prem, import the adapter on the ISV SaaS side.

Now - that said - many use cases that people expect to implement for SAP will not be easily configured in ISV SaaS due to the complex nature of SAP - but whether ISV SaaS is supporting enough for your business is something you need to validate.

HTH  

Hello, good evening!

Is it possible to integrate Verify SaaS with an on-premise SAP instance for account provisioning? If so, what is the approach?

Regards,

Rodrigo

I am personally on 7.2 - the major difference is the shift to a newer Java and also a container version. From a tooling perspective the installation is quite different and there are some changes in the way the Eclipse UI and thee server components are separated compared to 7.2.

My normal recommendation would be to go with the latest and greatest - but here you need to check whether the specific adapter has been certified for version 10 and container the version - IIRC the latest SAP NW adapter is (an adapter that is not certified dos not mean it cannot run - but it is not guaranteed/supported and you may have to go to undocumented steps to get it working - so for a production environment that is not a good idea...) 

HTH

Yes - basically you can setup a number (normally 2) SDI/Dispatchers behind a loadbalancer. All the adapter operations are stateless so it does not matter where there are performed.

Now - that said - I really do not see a need for that except for certain specialized environment - I would use KISS principle - in many cases the additional cost in setup/maintenance and complexity in managing the environment is simply not worth the effort. What I see in most HA setup is that they are less stable than simple single server environments and they fail more often (think about that...) and are much more time consuming to get up and running after a failure.....

It is not that you can make this work - but in most scenarios 98% uptime is more than sufficient - and being able to recycle the environment quickly with minimal risk is much more efficient...

HTH  

Hi Franz,

Perfect!

Is there any way to create a SDI hosts with High Availability to production environment?

Thank you very much!

Rodrigo Xavier Coordenador de Consultoria Segurança da Informação e Privacidade Rio de Janeiro (21) 2507-2010 São Paulo (11) 3167-0526 www.triscal.com.br

You need to follow the detailed instructions in the SAP Adapter documentation.

Basically that is adding jar files and XSL stylesheets to the SDI environment from the adapter - you also need to download the SAP JCO components from SAP (they are not allowed to be redistributed...).

When that is done you should work with your local SAP people to enable SNC from the adapter to SAP - else you cannot set productive passwords (and this will also ensure encrypted traffic...)

HTH 

The provisioning is gateway is the docker version of the brokerage.

Whether you want to install SDI in a container or as a separate machine is your choice - I prefer to have the SDI/Dispatcher available on SW system as that makes it easier for me to debug and change - but my usage is primarily development/debugging not a production environment....

To setup the SAP NW in ISV you need to download the SAP NW Adapter and the upload the adapter profile to ISV - all of the provisioning adapters are handled this way. There are some provisioning connectors in ISV - but they are basically considered "cloud" provisioning adapters and does not require on-prem provisioning gateway.

HTH

Yes - that is possible. SAP NW Adapter was one of the first "complex" on-prem adapter that was support for ISV SaaS.

You will need to install a provisioning gateway and SDI on-prem, import the adapter on the ISV SaaS side.

Now - that said - many use cases that people expect to implement for SAP will not be easily configured in ISV SaaS due to the complex nature of SAP - but whether ISV SaaS is supporting enough for your business is something you need to validate.

HTH  

Hello, good evening!

Is it possible to integrate Verify SaaS with an on-premise SAP instance for account provisioning? If so, what is the approach?

Regards,

Rodrigo