Mapping SAP Mobile Platform Logical Roles to Physical Roles
All administrative users and their passwords are managed in the
enterprise security repository. In order for administrative users to have access to the
SAP Mobile Server in a production environment, you must map the SUP
default logical roles to the corresponding physical roles or groups in the security
repository.
- Default SUP Administrator Roles
SAP Mobile Platform roles are logical roles that are built into the system by default. To enable role-based access to the administrative interface, configure mapping of the SAP Mobile Platform Administrator and SAP Mobile Platform Domain Administrator logical roles to roles that exist in the security repository used for administrative authentication and authorization. In addition, you can configure the SAP Mobile Platform Helpdesk role, which provides read-only access to the administrative interface.
- Gathering Provider Group Information
Production environments rely on a production-grade security provider (commonly an LDAP directory) to authenticate administrators. To map the SUP default logical roles to the corresponding physical roles in the security provider, you must understand how the provider organizes users into groups.
- Mapping Default Administrator Roles
In order for administrators to be able to access the SAP Mobile Server, you must map the default SAP Mobile Platform logical roles to the corresponding physical roles in the security provider. You perform the mapping for the "default" domain in the "admin" security configuration.