User Management in SAP environments has fundamentally changed over the course of the last 10 to 15 years. When centralizing user management became an increasing demand of SAP customers, SAP introduced CUA (Central User Administration) several years ago. However, CUA has some restrictions and many customers have chosen other options like provisioning tools from 3rd party vendors. Thus, SAP has decided to change the approach. SAP NetWeaver Identity Management no is the strategic recommendation of SAP for managing users across SAP systems. If blogged about that before here and here.
We have recently run a survey on what SAP customers are doing today and plan to do. The range of SAP systems in production is pretty big, from several respondents using 4 to 10 instances, but a few having a farge bigger number in use, up to 200. Amongst the responding organizations, close to a quarter is using CUA today for all production instances, while another third is using CUA for some of the production instances. That might be based on the fact that CUA doesn’t support all SAP systems. The reason might be also that CUA hasn’t deployed as the strategic tool for user management in the SAP environment, covering all instances.
Most of the organizations started using CUA early, but some few deployed the tool after 2007 and thus after the first strategic announcements of SAP that SAP NetWeaver Identity Management will be the successor for CUA. However, most customers will migrate from CUA. Roundabout 60% plan to migrate to SAP NetWeaver Identity Management, but only one out of ten companies plans to move to provisioning tool of another vendor. Interestingly, some 30% of the organizations don’t plan to replace CUA within the foreseeable time. From the ones migrating roughly half have started their migration, while most of the others will make that move within the next two years.
The numbers prove that SAP appears to be successful with their strategy of migrating from CUA to SAP NetWeaver Identity Management. The customers tend to choose SAP NetWeaver Identity Management for user management within their SAP environments. Given that there are sufficient architectural options for IAM today, with Access Governance solutions or Service Request portals on top of one or multiple provisioning tools below that, this approach still leaves sufficient strategic options for the holistic view on IAM and Access Governance for the entire, heterogeneous IT environment.
To learn more about these options and how to best manage SAP and other environments from the user management, access management, and IT governance perspective, visit EIC 2011 in Munich, May 10th to 13th.