Thursday, May 01, 2008

Working with SAP NetWeaver Identity Center 7.0 SP1

I am doing some consulting work for a company in Atlanta, Georgia for the next month. This has given me my first formal experience with IC 7.0 SP1, and my first ever experience running with Microsoft SQL Server 2005. All in all it's been a pleasant experience. The Trondheim Labs team has done some nice things to make the installation process go more smoothly and securely than ever before.

Notably good is that PHP updates go much more smoothly and do not require user intervention (do you wish to overwrite your PHP config).

Also during the SQL Server installation script, the person conducting the installation is prompted for individual passwords for mxmc_admin, mxmc_oper, mxmc_rt, and mxmc_prov. Lots of typing and verification for all the passwords, but time well spent.

What's bad about the process is that one must now download and install SMARTY separately, as it is no longer a part of the Workflow / Monitoring installers. It's pretty much a drop in installation so it's not that big a deal. I wonder if this is a bit of foreshadowing that PHP and Smarty are going away from IC?

On the down side of the installation we got a SQL error when initially logging into Worfklow which was:
PHP Warning: mssql_query() [function.mssql-query]:
message: The SELECT permission was denied on the object
'mxwv_ProvGroups', database 'mxmc_db', schema 'dbo'. (severity 14) in \dbwrapper.php on line 71 PHP Warning:
mssql_query() [function.mssql-query]: Query failed in
\dbwrapper.php on line 71

I also saw a simiar error for mxvc_idstore. The error is rather tough to spot as most of it appears behind the header graphics.

This error is specific to Microsoft SQL Server 2005 as it references the "dbo" schema. Schema level security does not exist in the SQL Server 2000.

To resolve this problem, log into the SQL Server 2005 Studio and select the Identity Center Database, then security, schemas and then DBO, permissions and then view database permissions. You will then need to grant SELECT permissions to mxmc_admin_u.

As we have a chance to do more, I will comment on it.
Post a Comment