JCO authentication through communication user password expiry problem

Hi,
We are using communication user for accessing our metadata. As per help.sap.com the authorizations for this user must be set in the backend so that this user can access all DDIC function modules.I have doubts as follows
1. What are the Roles in R/3 we need to assign to the user to access DDIC function modules.
2.As per our company IT policy, The default settings in R/3 for change of initial password is 3 days. After 3 days the password gets expired? Which user are we supposed to use for jco Communication user, system user, or service user? plz clarify.
Regards,
Sreeram

Hi Sreeram,
For the JCo user for defining the metadata can be a service user. with jsf communication authorization.
hope this helps
-Madhu

Similar Messages

  • [nQSError: 43126]Authentication failed:invalid user/password, how to avoid?

    Hi,
    I encountered following error: [nQSError: 43126] Authentication failed: invalid user/password.
    when I was starting weblogic server, and server used to shutdown.
    After snooping around on net, came across this blog: http://obiee11gqna.blogspot.com/2011/09/obiee-11g-errors-nqserror-43113.html
    Found that password for MDS & BIPLATFORM was 'expired', was able to solve my problem and my Presentation Services were up & running.
    My question is, how to avoid password of MDS & BIPLATFORM from getting expired in future??
    Regards,
    Jitendra

    Dpka,
    Thanx for the link, it shows the way to avoid expiry of password.
    I also found another link, in comment section which is equally useful: http://www.artofbi.com/index.php/2011/03/mds-or-biplatform-schema-password-change-considerations/
    PS: Thanx to Deva as well for replying to my query.
    Regards,
    Jitendra

  • Authentication failed: invalid user/password.

    After uploading a new RPD in obiee( 11.1.1.5), my obiee has started failing with following error in nqserver.log. I have verified that BISystemUser password is the same in console and EM. I have also verified that I am entering correct RPD password while uploading it through EM. What else may be wrong ?
    [2011-08-23T03:52:39.000+00:00] [OracleBIServerComponent] [NOTIFICATION:1] [] [] [ecid: 004emGWVmAQAtHd5Tf^Ayc0000K2000000] [tid: b38396d0] [36007] Loading repository /product/obiee_11.1.1.5/instances/instance1/bifoundation/OracleBIServerComponent/coreapplication_obis1/repository/iipreports_BI0038.rpd.
    [2011-08-23T03:52:40.000+00:00] [OracleBIServerComponent] [NOTIFICATION:1] [] [] [ecid: 004emGWVmAQAtHd5Tf^Ayc0000K2000000] [tid: b0923b90] [14055] Loading subject area: AIP ...
    [2011-08-23T03:52:40.000+00:00] [OracleBIServerComponent] [NOTIFICATION:1] [] [] [ecid: 004emGWVmAQAtHd5Tf^Ayc0000K2000000] [tid: b0923b90] [14056] Finished loading subject area: AIP.
    [2011-08-23T03:52:40.000+00:00] [OracleBIServerComponent] [NOTIFICATION:1] [] [] [ecid: 004emGWVmAQAtHd5Tf^Ayc0000K2000000] [tid: b38396d0] [85003] MDX Member Name Cache subsystem started successfully.
    [2011-08-23T03:52:40.000+00:00] [OracleBIServerComponent] [NOTIFICATION:1] [] [] [ecid: 004emGWVmAQAtHd5Tf^Ayc0000K2000000] [tid: b38396d0] [85004] MDX Member Name Cache subsystem recovered entries: 0, size: 0 bytes.
    [2011-08-23T03:52:40.000+00:00] [OracleBIServerComponent] [ERROR:1] [] [] [ecid: 004emGWVmAQAtHd5Tf^Ayc0000K2000000] [tid: b38396d0] [13026] Error in getting roles from BI Security Service: 'Error Message From BI Security Service: [nQSError: 46164] HTTP Server returned 404 (Not Found) for URL .'
    [2011-08-23T03:52:40.000+00:00] [OracleBIServerComponent] [NOTIFICATION:1] [] [] [ecid: 004emGWVmAQAtHd5Tf^Ayc0000K2000000] [tid: b38396d0] nqsserver:     Clustered Oracle BI Server started. Version: 11.1.1.5.0.110427.0846.000.
    [2011-08-23T03:52:44.000+00:00] [OracleBIServerComponent] [NOTIFICATION:1] [] [] [ecid: 004emGWVmAQAtHd5Tf^Ayc0000K2000000] [tid: b0923b90] [43071] A connection with Cluster Controller xxx.us.oracle.com:9706 was established.
    [2011-08-23T03:52:46.000+00:00] [OracleBIServerComponent] [ERROR:1] [] [] [ecid: 004emGWtbaWAtHd5Tf^Ayc0000K3000001] [tid: b00beb90] Error Message From BI Security Service: [nQSError: 46164] HTTP Server returned 404 (Not Found) for URL .
    [2011-08-23T03:52:46.000+00:00] [OracleBIServerComponent] [ERROR:1] [] [] [ecid: 004emGWtbaWAtHd5Tf^Ayc0000K3000001] [tid: b00beb90] [nQSError: 43126] Authentication failed: invalid user/password.
    If I run opmnctl status then BIServer is up but the presentation services is down.
    Following error is observed in sawlog0.log
    [2011-08-22T22:52:46.000-05:00] [OBIPS] [ERROR:10] [] [saw.security.odbcuserpopulationimpl.initialize] [ecid: ] [tid: ] Authentication Failure.
    Odbc driver returned an error (SQLDriverConnectW).
    State: 08004. Code: 10018. [NQODBC] [SQL_STATE: 08004] [nQSError: 10018] Access for the requested connection is refused.
    [nQSError: 43113] Message returned from OBIS.
    [nQSError: 43126] Authentication failed: invalid user/password. (08004)[[
    File:odbcuserpoploaderimpl.cpp
    Line:292
    Location:
         saw.security.odbcuserpopulationimpl.initialize
         saw.catalog.local.loadCatalog
         saw.subsystems.catalogbootstrapper.loadcatalog
         saw.webextensionbase.init
         saw.sawserver
    ecid:
    [2011-08-22T22:52:46.000-05:00] [OBIPS] [NOTIFICATION:1] [] [saw.sawserver] [ecid: ] [tid: ] Oracle BI Presentation Services are shutting down.[[
    File:sawserver.cpp
    Line:712
    Location:
         saw.sawserver
    ecid:

    Hi,
    I have upgraded a existing OBIEE 10G file EBSAnalyticMaster.rpd to 11G using ua (upgrade assistant) and getting the same error while upgrading the catalog.
    Presentation service is not starting. Do you have a solution yet.

  • Communications user password expires

    Hi,
    The password of our  communications user (ZCONTRANS) always expires/deactivated.
    How can I set tha password of this particular user not to expire? 
    We could not chage the login/password_expiration_time parameter because we need dialog users password to expire every 90 days (for audit requirement).
    thanks,
    kbas

    HI,
    use the usertype 'SYSTEM' instead of usertype 'Communication'. Passwords of 'System'-users do not
    expire. (the usertype can be set in SU01->tab 'logondata')
    b.rgds, Bernhard

  • How can I change the User Password expiry date

    Hi,
    I want to know how can I change the password expiration date of my user without changing his password. For eg:-
    User password expires on 12th May 2007. I want to extend to 12th Jun 2007. Is there any option in Oracle.
    Alter User <USERNAME> password expire .....<to new date>;

    The command is not alter user set expire...
    You should modify the user's profile, and set a timeframe:
    ALTER PROFILE DEFAULT LIMIT
    PASSWORD_LIFE_TIME = num_of_days;
    This way your password will be valid from the last time it was changed and for the time frame previously defined.
    ~ Madrid.

  • NB & Sun One App Server 8.0 Bundle Admin User/Password & 503 Problem,

    Hi,
    Do you know the the username and password to enter admin console in Netbeans 3.6 & Sun One App Server 8.0 Bundle?
    Also when I executed my first app with the software, I got this message "HTTP Status 503 - This application is not currently available". Can you tell me what is this problem and how to fix it.
    Thanks very much,
    Blessings,
    Lorenzo Jimenez

    Hi,
    Do you see the deployed web application either in the admin console on in the runtime tab explorer of NetBeans, under the
    Sun Java System Application Server 8 --->Applications--->Web Applications
    node?
    503 error is a Service unavailable error:
    "The server is currently unable to handle the HTTP request due to a temporary overloading or maintenance of the server. The implication is that this is a temporary condition which will be alleviated after some delay. "
    Can you try to reload the page for this web app?
    Ludo

  • Initial password expires:Communication Users

    Hi All,
    I have created one user for early watch alert generation purpose user password expires every 15 days :
    Defined profile parameter is:login/password_max_idle_initial:14
    As per my understanding communication user password never expires.
    Kindly please suggest me
    Thanks in Advance
    Regards
    Nekkalapu

    Hi Siva,
    Thanks for you response.
    But it will effect to all the users right,sap also is not recomending to put 0 value this parameter.
    Is their any other way to resolev this issue.
    I am using communication users for generating earlywatch laerts.
    Advance thanks
    Regards
    Nekkalapu

  • WebService Call Fails for Communication Users

    Hi
    I am calling a BAPI through web service in VB.NET windows application.
    The application works fine with Dialog users but when I use Communication User then it thows this message.
    The Request Failed with HTTP Status 401: Unauthorized
    Where as if i call the same BAPI through RFC with for this Communication User it is successful.
    What can be the reason ?
    Regards
    Rajendra

    The Web Service uses the HTTP protocol, whereas the BAPI is using RFC protocol.
    The reason for the "unauthorized" error in HTTP is that you need to embed the user / password combination into the web service URL (assuming you have set the Web Service authentication method to user / password).
    Regards,
    D.

  • SAPJSF user  System user or communications user ??

    Hi Experts
    I have a doubt regarding user type of SAPJSF user .
    Link 1 says SAPJSF user should be of type "System".
    http://help.sap.com/saphelp_nw70/helpdata/en/49/bf6e8101755d5de10000000a421937/frameset.htm
    Link 2 says SAPJSF user should be of type "Communication"
    http://help.sap.com/saphelp_nw04/helpdata/EN/d4/abdc3ed98f7650e10000000a114084/frameset.htm
    Only difference i found between two from portal perspective is
    System User : password does not expire.
    Communication user : password can expire according to security policy.
    Kindly let me know which link should i follow ??

    I got the answer .
    In nw2004 ,
    SAPJSF as Communication user.
    http://help.sap.com/saphelp_nw04/helpdata/EN/8f/67d27676ace84080964d4c4223bb3c/frameset.htm
    In Netweaver 7.0
    SAPJSF as System user.
    http://help.sap.com/saphelp_nw70/helpdata/en/8f/67d27676ace84080964d4c4223bb3c/frameset.htm.
    Thanks
    Purav

  • Problem in RFC as JCO changed from user/password to  SSO

    Hi all
    Initially i was using CO with user/password properties but now it has been changed to SO.
    In my webdynpro project there are 3 RFC Models being used.
    Out of which 2 are working fine and giving the desired results but 1 RFC works fine on the R/3 side but from the webdynpro side it does not work just displays bapireturn - "Not successful".
    As the properties of the JCO changes to USer/password , the RFC works fine giving the desired results
    Plz let me know wht cld be the problem
    Thanks and Regards

    Vindhya,
    With SSO, the details of the user who's logged in goto R/3 and thus determines if the user has authorizations to run this RFC. This user could be different from the user you were using previously without SSO.
    Meaning, this time, with SSO, the user is you whereas the user for user/pwd is someone else and you dont have authorizations to run the RFC??
    And another thing, even if you can successfully run that RFC logging into R/3, your userid may not have RFC authorizations (which is required to do a RFC call). IF thats the case, you need to talk to your security/basis guys.
    Lemme know if that could be the case in your situation.
    Rajit
    Message was edited by:
            Rajit Srinivas

  • Problem with Notifications on Create User/ Change User Password

    Hello,
    I'm having a problem sending emails to users when an account is created in OIM.
    I added a notification to the user and user's manager on the Create User task in the Xellerate User process definition but the emails are not being sent.
    I know that if I create another task with the purpose of sending emails and invoke it through the response in the Create User task, it will work.
    My aim is to avoid adding tasks for something OIM should be able to do OOTB.
    I'm also unable to send an email when a password is updated.. I did the same thing as for the Create User and I know the task (Change User Password) is being invoked by looking at the logs but the emails aren't being sent.
    Has anyone ran into such problems?
    I'm having these problems in the Xellerate User process task.. i've added notifications in other process tasks (mainly approval tasks) and they are working fine.
    Thanks in advance

    Hi,
    I am just confuse with your response.Have you added the "Password Updated" task in xellerate user provisioning process?
    Now if you changing password in OIM profile it will trigger "Change User Password" task not the "Password Updated" task and even if you add "Password Updated" task on Xellerate User provisioning task you can't see this task in Resource Details.
    Now assume if you added your notification on "Password Updated" task of any resource which user is provisioned to even then when you change oim password it only trigger "Change User Password" task.So try to have your notification on "Change User Password" task.
    Please clarify so that I can response correctly.
    Regards
    Nitesh

  • Cisco ACS 5.4 + Anyconnect 3.1 NAM with 802.1x, problem with changing ACS Radius user password

    Dear all,
    Presently, we are testing 802.1x using Cisco ACS 5.4 and Cisco Anyconnect v3.1 as 802.1x supplicant. We have created predefined NAM profiles (with Cisco Profile Editor) and applied as default in on our test machine. We are using PEAP (MsCHAPv2) and ACS local user credentials for authenticating process. We have noticed that, when we try to authenticate the network with predefined profile (network profile has Administrator Network privileges) and Windows user on test machine has no Admin privileges we are not able to change ACS user password (checked "Change password on next login" in the ACS user profile). In the Monitoring and Report View we get Failure Reason "24203 User need to change password"  but no popup window apears in Anyconnect. When we change Windows local user privileges to Admin or create Anyconnect network profile localy (privileges User Network) then, we are able to finish the process.
    Have you ever been facing the problem described above. Is it Anyconnect bug? How can we fix it?
    Best regards,
    Piotr

    If this happens with all machines then if a microsoft guy can look the app logs/privileges. It seems the app is requesting privilege that it is not authorized to and that's why the propmt window fails to appear. If we know what that privilege is we can probably fix it. If that privilege is not even required for smooth work Cisco need probably to fix this behavior.
    I am sorry if I am not able to help but I am not using the anyconnect for production.
    Regards,
    Amjad
    Rating useful replies is more useful than saying "Thank you"

  • ACS user authenticating through Windows Database

    Hello,
    Please, i need a document/ guideline on how to configure ACS 4.2 user authenticating through Windows Database and the ACS server is running on an appliance.
    Please, help.
    Regards,
    Ethelbert

    Hi,
    If you delete the user in AD, then it would not authenticate the user even if the dynamic mapped user exists in the ACS database, as the password would not be verified from the AD for the user.
    The dynamically mapped user entry would still exist in ACS and would not get deleted if the user is deleted from AD.
    tnx
    somishra

  • Use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature?

    Dear all,
    I am looking to setup the use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature. We SSO to the backened ABAP AS via an SAP NW Portal to which SPNEgo kerberos authentication is setup. Today we specify R3 user id/password to digitally approvae a lot release. The idea is to have users maintain one AD password and don't have to remember the R/3 password anymore and also our Security team to avoid password maintenance.
    I know there are 3 options for digital signature and
    System signature with authorization by user ID and password (We use this currently)
    Digital User signature with verification - (We would like to use this with AD userid/password, so the system still ask the users their AD userid/password for the authentication when they try to "sign" a document.)
    User signature without verification
    Do you think there is a way to configure the system in order to ask and check the active directory userid/password instead of SAP R/3 password? Where can I found documentation about it ?
    I have several different versions of AS ABAP starting from NW 7.02 to NW 7.31.
    My active directory is based on Windows 2008.
    Thanks in advance!!
    Dhee

    Actually enabling Kerberos for SSO purposes and enabling Kerberos for digital signatures are two different topics although the latter is because of the former. I'm interested in the topic as well and I'm currently looking at different options. SAP provides a BAdI for the digital signature API which can be used for external authentication but they do not provide the solution to invoke Kerberos authentication based on username and password. SAP provides a semi solution with NWSSO 2.0 SP2 which works only on Windows with classic dynpros meaning SAP GUI for Windows is assumed. The solution is based on an ActiveX component which does the actual Kerberos authentication using the Secure Login Client which is part of the NWSSO suite. Extending that implementation to non-Windows and non-GUI applications would require some sort of web enabled service that could be used to authenticate the user with username and password. In case authentication is successful, a Kerberos token would be returned to SAP which would then be validated. All the required pieces are there since SAP has Kerberos support now in both stacks of the NetWeaver Application Server, some bits are still missing though which leaves customers looking at 3rd party or custom solutions.

  • Hi, i forgot my macbook pro(snow leopard) password and i tried to reset it through single user mode, but whenever i type, everything comes out in CAPs instead of lower case. Each time i press the minus(-), it always comes out as an underscore(_).Pls help.

    Hi, i forgot my macbook pro(snow leopard) password and i tried to reset it through single user mode, but whenever i type, everything comes out in CAPs instead of lower case. Each time i press the minus(-), it always comes out as an underscore(_).Pls help.

    Well, you can try easing the shift key up with something thin but flexible (credit card sort of thing) but if the contacts below are stuck you may need to get it seen to by an authorised repairer.
    If you can borrow a keyboard (a PC one will probably work as long as the password is alpha-numeric with no special characters) you can at least get in to backup your HD before going for repair.

Maybe you are looking for