Challenge 1: Self Service is Not Intuitive for Unsophisticated Users
Companies deploying NetWeaver Identity Management will find that that the interface for self service for the least technical employees will require training. Clicking a self service task to request a privilege or business role will result in a standard WebDynPro interface that will show them two search boxes. The one on the left will be for searching for what they want (Available) and the one on the right what they already have had assigned. Experience has shown that this interface can cause confusion with unsophisticated users. Companies will want to make judicious use of access controls to limit what choices are presented to the self service client. This requires that logic be established in advance based upon some set to which they are a member. Additionally, companies will want to train employees in advance of deployment to reduce help desk calls.
Challenge 2: Fragmented Documentation
The documentation for accomplishing end to end workflows is scattered across many different documents. There are few scenario based use case “how-to” documents. Companies deploying NetWeaver IdM 7.1 will want to permit sufficient time for their deployment team to work with the product in order to gain a full understanding, before undertaking a deployment. Alternatively, companies can bring in outside experts to assist, and train personnel.
Challenge 3: Limitations in the Staging Environment
NetWeaver IdM 7.1 uses an xml export file to move from development to Test and Test to Production. The file is exported using a built in utility. The file is created within the identity center by selecting export. Many settings between environments are not exported for example, repositories, event agents, provisioning/deprovisioning tasks on privileges must be done manually. There are some bugs, for example, complex linking between tasks are sometimes broken during import. These limitations can be mitigated with manual adjustments but the process is lengthy.
Challenge 4: Job Customization Frequently Requires Custom JavaScript
Under NetWeaver IdM 7.1 the imported “SAP Provisioning Framework” has greatly simplified system deployment, however, there are simple functions, for example, E-Mail notifications which still must be done entirely in JavaScript. This also applies to any non-simple data modification. This slows down deployment. The alternatives are to custom development Java templates or wait for the product to mature.
Challenge 5: Few Useful Reports Available in Default Installation
Most of the default reports available lack the simplicity of being able to easily show standard audit information like “who did what to whom and when”. Although extensive audit information is stored the database, it is not always easy to extract the data without extensive SQL queries. The documentation itself does not clearly explain the complex relationship between the data in the tables. There are no shortcuts available , careful analysis of the underlying tables and proper query writing must be done.
NB: Since I am on a project and can’t go to Tech Ed watch Matt Pollicove’s blog for updates on whether these challenges are being addressed.