HOW DO YOU ELIMINATE MULTIPLE ID’S PER USER, BY IMPLEMENTING SINGLE USER ID?
I am the Security Admin for my company ane we run SRM 4.0 (SRM Server 500;EBP5.0).
Due to the nature of our Organizational Structure, founded on several Purchasing Organizations and Purcahsing Groups, we have situations where our IOC (international Oil company) users, package and submit contracts to the National Oil Company Mangers, for several departments...e.g. User A-belonging to SHELL EXPLORATION department, is procuring and packaging contracts for three (3) units under Exploration;1. Geophysics,2. Evaluation,3. Geology.
In which case as our scenario allows, he has 3 differnt USER IDs to process contracts in the 3 Purchasing Groups.
Does anyone know how that, inspite of our current Organizational Structure set up, he can have and use, just one USER ID.
Chumy.
Software/Hardware used:
Software/Hardware used:
ASKED:
July 1, 2008 3:40 PM
UPDATED:
December 23, 2009 10:18 PM
Answer Wiki:
You can try single sign-on, but I don't think this technology is yet up to 'par'.
You might want to look at a technique called 'password syncronization'. You still create a user-id/password for each system/application the user needs (the user-id is the same for each access point). The software then centralizes the administration function - if a person needs 5 user-ids, then you create the ids/passwords in this centralized database. If one of the user-id passwords change, the system changes all of them to be the same. The user is still required to login, but the password is the same for each. In this manner, you can ensure that 'simple' passwords are filtered out (not allowed). Some of these software products allow you to run scripts to auto-logon users.
This is also very useful when a user leaves the company or you want to suspend the account because all of his/her access points are stored in a central area, and just be changing the password, you deny access.
Another benefit is auditability - you can quickly determin who has access to what applications.
This is not the best solution, but it allows a few people to control large bodies of user-ids/passwords.
There are other issues such as backup servers, security databases, scaleability, etc. If you research this topic, you will discover these and others. You should be aware of some of the negative issues as well.
Good Luck.
To see all answers submitted to the Answer Wiki: View Answer History.
I know this discussion is about a year old now but I think the answer can be refine a bit. I am not sure whether the multiple IDs per user approach is a good one for obvious reasons. By having One User – One ID policy, security will be streamlined and how you give access to resources within a group or company can be better refined with access control.
Here’s my plug – i work for a company that creates a solution that address issues like this. We support an open source project as well – check out http://www.likewiseopen.org