SAP, Web & Database Single Sign-On

Improve end-user satisfaction and streamline operations by tying access to SAP, web applications, and databases to a user's Active Directory account

The Challenge

End-user access to SAP, web applications and databases is an area fraught with risk for organizations with complex, cross-platform environments. While the Active Directory account of an exiting employee may be de-provisioned quickly, entitlements to SAP, intranets, HR systems, partner portals, and other apps may not be disabled for hours, days - or ever.

In such environments end-users are also frustrated trying to manage multiple accounts and passwords, and help desk resources are drained doing account resets.

Many current solutions require a separate authentication server, which often does not deliver true single sign-on but single sign-on just to the authentication server; the authentication server either has a separate identity store from Active Directory or must be synchronized with Active Directory. These complex architectures are expensive to license and deploy, and represent additional points of failure. These solutions may also rely on non-native, one-size-fits-all authentication clients that are difficult to deploy and configure.

The Solution

Centrify addresses these challenges with true single sign-on directly to Active Directory for SAP, web applications running on Apache, JBoss, Tomcat, WebLogic and WebSphere, and databases such as DB2. Native authentication modules plug seamlessly into the underlying Centrify agent on the managed application host systems, eliminating the need for separate authentication servers. Centrify's industry-standard solution delivers single sign-on for both intranets and inhouse web apps, as well as federated single sign-on for extranets and B2B applications. With Centrify you can:

  • Improve IT efficiency by leveraging existing accounts and skill sets
  • Enhance end-user productivity and satisfaction by giving them a single Active Directory account to access all of their applications
  • Close security gaps caused by delays in provisioning/de-provisioning and by orphan accounts

Through the same architecture, Centrify also secures the underlying host system, covering the industry's widest range of Linux and UNIX platforms.

Learn More

White PaperSingle Sign-On for SAP R/3 on UNIX with Centrify DirectControl and Microsoft Active Directory
White PaperSingle Sign-On and Federation for Java/Web with Centrify DirectControl and Microsoft Active Directory
On-Demand WebinarTake the Pain Out of Single Sign-On for SAP on UNIX/Linux
On-Demand WebinarSimplified SSO for Web and ERP
On-Demand WebinarSecure, Cost-Effective Implementation of Web and Java Application SSO
Video ChalktalkSingle Sign-On for SAP on UNIX and Linux Using Microsoft Active Directory
Video ChalktalkSingle Sign-On for Web Applications
Blog PostJava and J2EE Integration with Active Directory
Blog PostA Closer Look at Centrify DirectControl's Web SSO Solution
Blog PostEnabling SAP Single Sign-On (SSO) Leveraging Active Directory

Next Steps

Microsoft is pleased to partner with Centrify to help customers extend the use of Active Directory to their heterogeneous systems and applications, and now with Centrify's support for Microsoft ADFS this interoperability has been extended to Web Single Sign-on federated identity management scenarios.

Michael Stephenson
Director, Windows Server Division
Microsoft Corp.