How to change the existing sap logon ticket

HI
I did the System copy from my production server to Quality server.
Now everthing is working except Single Sign On.  This is due to SAPlogon ticket.
the SAPlogon ticket show the PRD sid. I am not able to change the existing sid in ticket.
Tell me how to chage the old saplogon ticket with new one.
Workaround i did in my server.
generated the new certificate for Quality server  and try to import in R/3 000 client.  but not successful.

Hello Lee,
You dont have to import the certificate from R/3 into portal
we have to generate the certificate in portal and then import in R/3
To generate the portal certificate in quality Portal system and uploading in R/3,please find the method:
Log on to the Visual Admin of Portal with administrator id and password. Go to the following node: Server 0 1_34158->services and then Key Storage
In Key Storage, go to TicketKeyStorage
Under Entry, choose Create.
The Key and Certificate Generation dialog appears
Enter the Subject Properties in the corresponding fields
CN=<Common Name>, OU=<Organization Unit Name>, O=<Organization Name>, L=< Locality Name >, ST=<State/Province>, C=DE. give SID of portal in CN
Give the Entry name as SAPLogonTicketKeypair.
Select Algorithm as DSA,also click on store certificate and then generate
You will see along with SAPLogonTicketKeypair, SAPLogonTicketKeypair-cert will also get generated.
Now we will have to import this SAPLogonTicketKeypair-cert in the ABAP systems
First we will have to download the certificate from the portal.
Now logon to the SAP Netweaver Portal with user administrator
Go to System Administration->System Configuration and then Keystore Administration.
In the Content tab you will find the list of certificates
We have to download SAPLogonTicketKeypair-cert .Click on Download verify.der file
To your desktop
Now we have to import the certificate in ABAP system.
Log on to the ABAP system 000 client and use T-Code STRUSTSSO2
Under Certificate, click on Import certificate
Give the path of verify.der file. The file format should be Binary
And upload it.
Now you can see the certificate has been uploaded. Check for the validity
Now click on Add to certificate to add this.
Now click on Add to ACL.
Enter System ID as the portal SID(i.e is SPQ) and client as 000 and click on Ok
Then save your entries
Hope this makes it clear
Rohit

Similar Messages

  • HT2204 how to change the existing ID form App Store

    how to change the existing ID form App Store

    You can tap on the id in Settings > iTunes & App Stores and log out of the account and you can then log in with a different account. But any content that was downloaded via the currently logged in account will remain tied to that account (so only that account can download updates to its apps), and if you turn on automatic downloads for an account, use iTunes match or re-download past purchases then you risk tying the device to that account for 90 days : http://support.apple.com/kb/HT4627

  • How to change the Existing alias with new alias name...MAXL SCRIPT

    HI Experts
    I need to change alias name of the existing member with new alias name.
    please send me maxl code to change the alias name .
    My thought is
    1) Old alias should be replaced with new alias name .
    2)There is one account that should be rolled out to another parent..these parents are already exsist
    3) I need a MAXL Script to change the new alias name .
    please suggest ASAP.
    Thanks
    USER

    John
    I heard that we can replace existing alias name with new alias thru MAXL
    i.e replace alias name XXXX member with YYYY ;
    please correct me if iam wrong ,might be Maxl command is wrong but this is the idea.
    Thanks
    USER

  • How to change the existing constraint for the table.

    hi my table having the check constraint. but now i want to change the values in that constraint.
    is it possible to change the check constraint values. and with out disable or drop my constraint. i dont want to change the constraint name also.
    now i will give you my existing constraint and proposed constraint syntax.
    my existing constraint Syntax is :
    CONSTRAINT CONS_MRANTYPE
    CHECK (MRAN_TYPE IN ('SP','JW','SD','SC','OT')
    my proposed constraint syntax is :
    CONSTRAINT CONS_MRANTYPE
    CHECK (MRAN_TYPE IN ('SP','JW','SD','SC','OT','JR')
    Thanks
    Indra

    Hi Indra,
    this forum is for problems related to Oracle SQL Developer Data Modeler.
    Philip

  • How to Change the Existing Sales Order Transaction

    Hi all,
    I am trying to change some of the fields in Existing Sales Order Transaction.
    Fields which i am trying to change are Ext. Reference number and Net Value.
    I am using CRM_ORDER_MAINTAIN to do so but its not working. I dont know if some BADI can solve my purpose.
    If anyone of you have done something like this please share with me and suggest me the solution for that.
    Thanks in Advance.
    Regards,
    Manoj Tiwari

    That you should be able to do in ORDER_SAVE badi.
    You will be able to find lots of discussions on usage of this badi here in this forum.
    You need to call ORDER_READ, then call ORDER_MAINTAIN to change the values according to your requirement.
    Regards,
    Kaushal

  • How to change the text in Logon Page in NWDS7.3/EP7.3

    Hello Experts,
    I am using NWDS7.3, & there is a requirement to change the text "User authentication failed " to some custom text. The message generally comes when you use wrong used id and password while logging portal url.
    I have downloaded the WAR file and extracted the Jar file(tcsecumelogonui_core.jar) to change the text under logonLabels.properties file but i can't see the key with respect to the message "User authentication failed". I cannot find the message in the .properties file.
    Can any one please help me to fix the issue.Any help will be rewared with points.
    -Regards
    Alok

    Dear Detlev,
    Thanks a lot for your valuable answer.  I have found the text for the "User Authentication Failed" , done the changes and depoyed the Jar file . This is working.
    But the same when i try to do for  "Authentication failed. Password locked" this message comes when i do multiple failed login. I need to change the text , i found  the text in the u2022sap.comtcjesecurityimpl.jar file, i made the changes in the JAR file ,replaced with the server jar file and restared.
    But the changes did'nt get reflected. Can you please suggest if i am chaning in the correct JAR file?. I am working in NWDS7.3
    Can you please help me on this. Appreciate your help .
    -Regards,
    Alok

  • How to change the branding image in logon page

    Hi All,
    I am customizing portal logon page.Can any body help me how to change the brandingimage in logon page.When i gone through the source code i couldnot find any webpath to include the brandimage.
    Thanks
    vinodh

    Hi,
    Check this:
    http://help.sap.com/saphelp_nw04s/helpdata/en/43/fc3ae22adb025fe10000000a1553f7/frameset.htm
    http://help.sap.com/saphelp_nw04/helpdata/en/52/4c6c3e58d0d064e10000000a114084/frameset.htm
    change the branding image of Portal
    Regards,
    Praveen Gudapati

  • How to change the email of the existing nokia acco...

    I have forgotten the password of my existing nokia account password...and can't open the email which is associated with that account because I have forgotten that password too...how to change the existing account email id as I couldn't use the nokia music subscription because of this

    If you have included a verified phone number, you can reset the password of your nokia account by entering your registered mobile number on the Forgot Password site. Once you have reset the password and access your Nokia account, you can now change the primary/associated e-mail address.
    go to account.nokia.com>Sign in account>Personal Information>E-mail address>Edit>Input your password and email address (new email address)> Add. 
    To make it your primary email, under E-mail, click on Edit , select the new email address as your primary email and click on Set as primary.

  • SSO using Kerberos with SAP Logon Tickets

    Hi,
    I am creating a Repository Manager for the Portal Knowledge Management System and I want to use SSO to a backend IIS application and I have a few questions here. 
    I have a three tiered architecture. 
    A.  The presentation tier (SAP Portal which has my Repository Manager implementation)
    B.  ASP.NET web service data layer.
    C.  Backend document management system which runs on IIS. 
    I have installed the ISAPI filter on my ASP.NET application server and have enabled this HOST account for delegation in MSAD 2003.   Server B will use Kerberos constrained delegation to access Server C, which is an IIS backend server. 
    My question is how do I pass an SAP Logon Ticket to an ASP.NET web service request from my Repository Manager implementation?  Basically how do I just make an HTTP request to an ASP.NET application from some portal iView or WebDynPro code and pass along the SAP Logon Ticket in the request so it can be interpreted by the ISAPI filter on the IIS server.  Does anyone have any sample code or an application here that does this?
    Thanks,
    Scott

    Hi Scott
    Did you managed to find out anything regarding how to pass SAP Logon ticket to ASP.NET Webservice. Can you share it with me?
    regards
    ram

  • Umw attribute responsible for user ID in SAP Logon Ticket

    In a typical portal login using the login module stack "ticket", I understand that j_user and j_password are used to login at the BasicPasswordLoginModule.
    With our UME running against an LDAP server, what attribute is responsible for the user ID of the generated SAP Logon Ticket at the CreateTicketLoginModule? It could be j_user or userid of the principal type account or the uniquename or loginid of the principal type user.
    Thanks,
    Florian

    i think it is by default but if you are using qoutes then you have to give it in upper case.
    select matnr into mara-matnr from mara where matnr = 'abc'.
    will not fetch any value here you have to give 'ABC'.
    regards
    shiba dutta

  • How to change the lenth of existing field in sap standard table

    Hi all,
    can anybody help,my requirement is, how to change the length of existing field in sap standard table....
    thanks in advance..

    Which field are you thinking of in particular?  Are you wanting to increase or decrease the length?
    Some fields are used so extensively that a change to their length will mean adjusting many tables, some of them potentially very large, and hence taking a long time to adjust.
    Some standard SAP programs expect certain fields to be of specific lengths and won't work if the length is changed.
    Some screens could cease to work.
    If you decrease length, then you could lose data.
    matt

  • How to implement SSO to non-SAP systems using SAP logon ticket?

    Hello,
    We would like to implement Single Sign On between our SAP Netweaver system and a Siebel which is a non-SAP system using SAP logon tickets.
    Can anyone please give me some leads on this, in particular:
    1. Is there a JAVA API or an SAP plug-in that can be implemented on the Siebel machine to extract the SAP logon ticket?
    2. As the other machine might seat on a complete different domain, is it possible to implement SAP logon ticket without using cookies (perhaps through the HTTP header?
    3. In case you think using SAP logon tickets is not the best solution here I would be happy to hear any other suggestions you might have.
    Roy

    Hi,
    I'm currently using SAML as well. Unfortunately the SAP J2EE cannot work as authority (identity provider) but what you can do is using an open implementation of SAML such as opensso which is an open version of SUNs Java System access manager.
    There are a couple of other projects such as opensaml, apache's wss4j or shibboleth that might be interesting in this context.
    I just installed opensso and got it working with SAP J2EE 7.0 using SAPs JAAS SAMLLoginModule to authenticate users within SAP J2EE.
    In this scenario opensso serves as identity provider just as you need! There are a couple of Policy agents available on SUNs Download site you can use with Apache, Tomcat, JBOSS, WebSphere, Bea Web Logic etc. in order to authenticate! Otherwise you just directly authenticate against opensso. When installing opensso you can configure the type of user store you want  to use! By default it uses LDAP but you can also use different types of user store using JDBC or other mechanisms. Since you have a Directory Service you could easily connect it to your existing directory.
    There is also a way to map user ids directly in opensso by adding a uid mapping class. I created some documentation with lots of screenshots about using opensso with SAP J2EE. You can easily use opensso with any other system that supports SAML. In the case of SAP the usage is currently limited to SAML versions 1.0 and 1.1. Version 2.0 is not yet supported but should be in one of the following versions.
    Here are some links you might want to check:
    OpenSAML: https://spaces.internet2.edu/display/OpenSAML/Home
    wss4j: http://ws.apache.org/wss4j/
    shibboleth: http://shibboleth.internet2.edu/
    opensso: https://opensso.dev.java.net/
    On SDN you will find a documentation on how to connect SUN Java System Access Manager to SAP J2EE (see https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/906d9fc6-31b9-2910-1385-90edad7d7570). As I said opensso is based on the SUN Access Manager code and looks quite the same. So you can adapt this documentation in order to configure opensso or you can just ask me for the documentation.
    Hope this is helpful...
    Let me know if you need further assistance on this topic
    Cheers

  • Error in the configuration for sap logon tickets

    Hi Forum,
    I use Tcode crmd_order_bp to see the BP cockpit and the error message displays as
    <b>Error in the configuration for SAP logon tickets</b>
    But if I click "Yes", system displays cockpit.
    How can I avoid this error.
    Thanks in advance
    Regards
    Shridhar

    You will still need to configure SSO (either by logon ticket or username/password). The data source access is done using the username/password configured in the UM Config dialog box.
    I can see where you're coming from with your thinking, however logon-ticket-based SSO is probably the best approach.
    Cheers,
    Darren.

  • How to Activate Send SAP Logon Ticket in Logon Security...??

    Hi
    I am trying to create RFC Destination for SAP EP 6.0. Here i need to activate <b>Send SAP Logon Ticket</b>. But that Activate Radio button is in disable mode. How to make it enable. Please Help me
    Best Regards
    Ravi Shankar B

    The F1 help for this option says:
    <i>When you activate this option, an attempt is made to create and send the SAP logon ticket for the current session, for a logon to the target system. Before you can create this ticket, the environment must be configured appropriately (for example, the profile parameter login/create_sso2_ticket must be set to 2).</i>
    So, J. has the right idea...
    Cheers

  • How to change the default operators in sap web ui Search screen?

    How to change the default operators in sap web ui Search screen?
    For eg. Using advance search option , I have some fields with default operators like equals, contains,is between, is less than and is greater than. I don't need all these operators for this field.
    I need only "equals" operator. How do i remove the rest of the operators?

    There is a view cluster crmvc_dq where all the standard setting is present related to you r issue. Please try if you can modify that, that way you will avoid the code.
    Incase you are not able to make any changes there then in that case you have to redefine the method GET_DQUERY_DEFINITION () of the IMPL class to delete the operators for a particular serach field.
    Regards,
    Harshit

Maybe you are looking for

  • Adding field in Report Painter

    Hello Gurus, I am working in the Report Painter PR20-001. My requirement is to add a new column in the output of the report but even when i am able to add a new field and save it on the reports execution i am unable to view the added field in the out

  • Iphone 5 no longer connects to wifi

    Iphone 5 no longer connects to wifi. Finds network, password correct but then ' cannot connect to network'. Connected to network till today, connects to other networks. Other iphone 5's are able to connect to this network. Please help? I have turned

  • Problem with compressing unicode file names in zip file

    Hi Everyone, I have a problem while compressing the unicode file name in a zip file. I used the below code for compressing the unicode files. String[] source = null; // C:\\TestData\\unicode_filename.txt :  unicode_filename.txt is the file created in

  • PLEASE HELP ITS URGENT (PROBLEM IN INCLUDE)

    IF I EXECUTE IN 4.6C ITS NOT GIVIN NY ERROR BUT THE SAME CODE IN 6.0 IS GIVING ERROR IF NOT ( ( text_flag = 'X' AND tcode_level > 0 ) OR              ( text_flag_level0 = 'X' AND                tcode_level      = 0   AND          )    ). ERROR IS: In

  • UNABLE TO RUN APPLETS ON A BROWSER

    I am unable to run applets on a browser which run well on an appletviewer. I kept the class file in the same directory as the web page,but it's only showing the applet window, and not showing it's contents. console shows... java.lang.NoClassDefFoundE