Duet Enterprise Security Considerations

Duet Enterprise for Microsoft SharePoint and SAP enables SAP administrators to map SharePoint Server 2010 user accounts to SAP accounts.

Applies to: Duet Enterprise for Microsoft SharePoint and SAP Server 2.0 | Office 2010 | SharePoint Server 2010

SAP roles are defined in the SAP environment, and the SAP user-to-role assignment is managed in the SAP environment. SharePoint Server 2010 user accounts cannot be used to access information in SAP directly. The ability to secure SharePoint Server 2010 objects by using SAP roles decreases the administrative overhead of redefining those same roles in SharePoint Server 2010.

SAP Roles and Duet Enterprise Security

Mapping SharePoint Server 2010 users to SAP users enables SAP applications to authenticate a SharePoint Server 2010 user by looking up the SAP account that is mapped to that particular SharePoint Server 2010 user.

Duet Enterprise also enables the use of SAP roles as claims-based security principals in SharePoint Server 2010, so that SharePoint users and administrators can grant SAP users access to SharePoint securable objects, such as sites, lists, and items.

For more information about Duet Enterprise security, see Duet Enterprise Security Guide for Microsoft Administrators (https://go.microsoft.com/fwlink/?LinkID=194173).

See Also

Other Resources

SharePoint Claims-Based Identity (https://msdn.microsoft.com/en-us/library/ee535242.aspx)

Configure the Security Token Service (https://go.microsoft.com/fwlink/?LinkId=182064)