Usually this system rejects access using SSO tickets exception

Similar Messages

• Error:System rejects all logons using SSO tickets:RRMX

  Hi,
     I have created a System in my portal which connects to the BW system.I am able to execute the transaction RSA1 by creating a transaction iview which connects to the system created above but when i try to execute RRMX in a transaction iview i get an error displaying a message : System rejects all logons using SSO tickets.
  The transaction iview uses WinGUI.
  Please let me know if anyone has the solution for this.
  ThanksInAdvance,
  Varma.

  Hi Rajendra,
  I guess you need rrmx access to change the queries ? i that is the case did you guys try role "com.sap.ip.bi.business_explorer_showcase" which has Bex web analyzer, where in you can create or modify queries in Java built in iviews. Have a look at that and hope it might be useful.
  Thanks,
  Praveen
  PS.Dont forget to reward points

• RFC_ERROR_LOGON_FAILURE: System received an expired SSO ticket

  Hi All,
  We installed NW 7.0 SP 14 with EP 7.0; All the post-installation steps were completed and JCo's configured with SSO to backend ECC 6.0 system.
  Since morning we are getting he below mention error when trying to test the JCo's for all the users.
  com.sap.mw.jco.JCO$Exception: (103) RFC_ERROR_LOGON_FAILURE: System received an expired SSO ticket.
  Tried many variations and also changed the Ticket expiration time(to 24 from 8) restarted the server but the problem still remains. Can any one suggest any more ideas on how to sole this?
  Is this problem any where related to CR Content? If so can you suggest how to check the current veriosn and how to find out the exact level which would be supported for our NW system.
  Thanks in advace for you help.
  Thanks,
  Sravanthi

  Hi,
  Your portal certificate has expired.
  To renew - you need to generate a new one in the ticket keystore using Visual Admin.
  Next you export the new updated ticket to the trusting system (in yoru case ECC) using tcode STRUSTSSO2.
  You then import the ticket and assign it to the ACL.
  Issue should then be resolved.

• Error "Bridge CS6 was not found on this system. To use this command, please reinstall Bridge CS6"

  Hi all,
  We are having issues with Adobe Bridge working properly with Photoshop.  When trying to access Bridge through Photoshop we receive the following error "Bridge CS6 was not found on this system.  To use this command, please reinstall Bridge CS6"
  - We have the Master Collection CS6 installed
  - Bridge CS6 is working fine as a stand-alone program
  - This is installed on Windows 7 x64
  - I am unable to find an uninstall location for Bridge CS6, it is not under control panel > Adobe Master Suite
  - All adobe products are up-to-date as of this morning.
  Any help would be appreciated.
  Thanks,
  Message title was edited by: Brett N

  Bacterin1 wrote:
  It has not worked previously.
  Does not make a difference is bridge is open or not.
  Yes, we are accessing it through File/browse in bridge.
  OK, back to square 1.
  Does Bridge work normally?  Does it load Bridge CS6 or does CS5 come up?  Only one version can run at same time.
  If you double click on an image it opens in CS6?

• RFC_ERROR_LOGON_FAILURE: This system rejects all logons using SSO tickets

  hello again,
  i manage to restart my server and applications
  but now when i try to start :
  http://host:port/b2b/b2b/init.do
  and i can't
  the logs show these line which i don't understand :
  1}#2#parameters: [client]='null' [user]='null' [language]='null' [ashost]='null' [systemnumber]='null' [mshost]='null' [gwhost]='null' [gwserv]='null' [group]='null' [systemid]='null'
  Properties: {lang=en, passwd=?, sysnr=01, client=300, user=$MYSAPSSO2$, ashost=192.168.1.14, jco.client.type=A, maxcon=0, jco.client.trace=1, codepage=1100}
  Client not connected#com.sap.mw.jco.JCO$Exception: (101) RFC_ERROR_PROGRAM: 'mysapsso2' missing
       at com.sap.mw.jco.MiddlewareJRfc.generateJCoException(MiddlewareJRfc.java:456)
       at com.sap.mw.jco.MiddlewareJRfc$Client.connect(MiddlewareJRfc.java:922)
       at com.sap.mw.jco.JCO$Client.connect(JCO.java:3171)
       at com.sap.isa.core.eai.sp.jco.JCoConnectionStateless.getInternalJCoClient(JCoConnectionStateless.java:118)
       at com.sap.isa.core.eai.sp.jco.JCoConnectionStateless.isValid(JCoConnectionStateless.java:479)
       at com.sap.isa.user.backend.crm.IsaUserBaseCRM.loginViaTicket(IsaUserBaseCRM.java:1677)
       at com.sap.isa.user.backend.crm.IsaUserBaseCRM.loginForBPRole(IsaUserBaseCRM.java:127)
       at com.sap.isa.user.backend.crm.UserBaseCRM.login(UserBaseCRM.java:248)
       at com.sap.isa.user.businessobject.UserBase.login(UserBase.java:308)
  #1.5#000423A6E1B400640000002E0000169C00041D66DC92778B#1158227531375#tracing.isa.runtime#sap.com/crm~b2b#tracing.isa.runtime#ABAHMANE#466##crm_CRM_15121750#ABAHMANE#a4727b3043d611dbc03b000423a6e1b4#SAPEngine_Application_Thread[impl:3]_17##0#0#Debug##Plain###[actionxecution]='end' [actionclass]='com.sap.isa.user.action.LoginBaseAction' [path]='/login' [forward]='/base/error_ume.jsp' [exectime]='32'#
  #1.5#000423A6E1B400480000000F0000169C00041D66DCE4AE38#1158227536750#tracing.advisor.method#sap.com/crm~b2b#tracing.advisor.method#ABAHMANE#466##crm_CRM_15121750#ABAHMANE#a4727b3043d611dbc03b000423a6e1b4#SAPEngine_Application_Thread[impl:3]_8##0#0#Debug##Plain###AdvisorBusinessObjectManager:<constructor>#
  #1.5#000423A6E1B40048000000120000169C00041D66DCE4B676#1158227536765#tracing.isa.runtime#sap.com/crm~b2b#tracing.isa.runtime#ABAHMANE#466##crm_CRM_15121750#ABAHMANE#a4727b3043d611dbc03b000423a6e1b4#SAPEngine_Application_Thread[impl:3]_8##0#0#Debug##Plain###[actionxecution]='begin' [actionclass]='com.sap.isa.isacore.action.IsaCoreInitAction' [path]='/b2b/coreinit'#
  #1.5#000423A6E1B40048000000130000169C00041D66DCE4C261#1158227536765#tracing.isa.runtime#sap.com/crm~b2b#tracing.isa.runtime#ABAHMANE#466##crm_CRM_15121750#ABAHMANE#a4727b3043d611dbc03b000423a6e1b4#SAPEngine_Application_Thread[impl:3]_8##0#0#Debug##Plain###[actionxecution]='end' [actionclass]='com.sap.isa.isacore.action.IsaCoreInitAction' [path]='/b2b/coreinit' [forward]='/user/performLogin.do' [exectime]='0'#
  #1.5#000423A6E1B40048000000140000169C00041D66DCE4C607#1158227536765#tracing.isa.runtime#sap.com/crm~b2b#tracing.isa.runtime#ABAHMANE#466##crm_CRM_15121750#ABAHMANE#a4727b3043d611dbc03b000423a6e1b4#SAPEngine_Application_Thread[impl:3]_8##0#0#Debug##Plain###[actionxecution]='begin' [actionclass]='com.sap.isa.core.action.SetReloginCookieAction' [path]='/relogin/setcookie'#
  #1.5#000423A6E1B4004800000
  many thnx if you can help me

  it doesn't work ..
  i need to understand the meaning of SSO ticket in  sap logon..
  i still have the error :
  parameters: [client]='null' [user]='null' [language]='null' [ashost]='null' [systemnumber]='null' [mshost]='null' [gwhost]='null' [gwserv]='null' [group]='null' [systemid]='null'
  Properties: <u>{lang=en, passwd=?, sysnr=01, client=300, user=$MYSAPSSO2$, ashost=192.168.1.14, jco.client.type=A, maxcon=0, jco.client.trace=1, codepage=1100}</u>Client not connected#com.sap.mw.jco.JCO$Exception: (101) RFC_ERROR_PROGRAM: 'mysapsso2' missing
       at com.sap.mw.jco.MiddlewareJRfc.generateJCoException(MiddlewareJRfc.java:456)
  why does it replace the user i mapped in XCM JCO setting with the user 'mysapsso2' ?
  plz help me

• Urgent: Portal access using SSO with Windows NT

  Dear all,
  I'm planning to implement SSO for Portal with Window NT authentication.
  Can anybody explain me the steps to do...
  If the internal users logs in NT domain say..("ABC"). he/she should be authenticated to Portal without giving logon credentials.. automatically they needs to enter into portal.
  I'm using NW'04 SR1(EP6.0 SP9) with AIX 5.2/oracle
  Microsoft ADS(LDAP)
  Pl explain me...
  Appreciated with reward points...
  regards
  PRadeep

  Hi,
  in order to apply windows SSO you will need to install the IIS proxy module in front of your portal, this module knows how to handle users authentication using the NTLM/kerberos features MS ADS supports.
  the specific procedure for implementing it can be found in the documentation/help. i have managed to find it in the EP6 sp2 security guide but i think it is the same for the EP6 SP9 as well. so just go to this link:
  <u><b>https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/ep/d-f/ep 6.0 sp2 security guide.pdf</b></u>
  keep in mind that you will need to be logged on to SDN.

• Problem about SSO using logon ticket  with user mapping

  Hi everyone ,
  I had done SSO with Portal , BW and R/3 system.
  I use logon ticket with user mapping .
  When user name is same in Portal as in R/3 system, or user name is same in Portal as in BW , user can access R/3 transactions and BW report without logon.
  There are some Portal users name which are different with R/3 user and  BW user. And I done the user mapping for these  user.
  But some user mapping works fine,but most of them can't work,means that most of them need to enter mapped user ID and password.
  What's the reason?
  When SSO using logon ticket with user mapping, the Portal user which is different with R/3 user and BW user,  can they access R/3 transaction iview and BW report iview without logon?

  Hi Chen,
  What you have done is correct. But the problem lies here.
  Since you are using the same system object for accessing the iview, where the ticket method is set to SAPLOGONTICKET in the user Management property of the system object.
  To avoid this create another system object like the previous one but set the logon method to UIDPW and select admin, user from the drop down box. Also create a system alias for this system.
  Now create another iview like the previous one but link this iview to the new system. Now do the user mapping for the users which are different in portal compared with R/3. Now you should be able to login without any problems.
  Another important point is login to portal with Fully qualified domain name. In the ITS property of the system object also give the FQDN.
  Hope this helps
  Regards
  Arun

• UWL config-S ystem received an expired SSO ticket not found in system

  Hi All,
    We are getting following erro while configuring UWL.
  Exception type:com.sap.netweaver.bc.uwl.connect.ConnectorException Message:uwlExceptionID: 1179143938021 :uwlExceptionID: 1179143938021 JCO Function template USER_NAME_GET:SAPR3CLNT900WF:com.sap.mw.jco.JCO$Exception: (103) RFC_ERROR_LOGON_FAILURE: System received an expired SSO ticket not found in system
  Please HELP.
  Rgds
  Ganga

  hi ganga,
  may be there is problem with uwl configuration. u try with this link....
  hope ur error will clear........
  <b>How configure UWL in Portal 7.0,
  Problem configuring UWL,</b>
  regards
  bhargava

• RFC Destination from CE is unwantedly using SSO

  Hi,
  Our developers are testing some services from Service Browser in CE 7.11 system. They are using the RFC Destination SAP_ECC which we have created from NWA --> Configuration Management --> Security --> Destinations.
  In this RFC, we have given the details of the backend ECC system and also selected the user type as "Technical User" and provided a user/password. Pinging the destination from here works just fine.
  But, when one of our services from Service Browser calls this destination SAP_ECC to access the backend system, then the call is not connecting to the backend using the technical user supplied in the destination, but is trying to use SSO. Thus the user being passed is not the technical user but the user of the developer who is calling the service. The error message says:
  This system rejects all logons using SSO tickets
  We do not have any intention of using SSO here.
  Can someone suggest how to figure out why SSO is coming into picture and what can we do to elimincate this issue?
  Thanks,
  Shitij

  set the sso parameters in the backend.

• Where to get the SSO ticket for a JCO-Connection from?

  Hey All,
  The szenario is, I've got a Java application and I want to connect to a SAP System. For this I want to use SSO. In the documentation of JCO I found this phrase:
  For SSO specify the user to be $MYSAPSSO2$ and pass the base64 encoded ticket as as the passwd parameter.
  Well... Now my question... Where to get this base64 ticket from? The problem is, I'm NOT using WebDynpro, it's a custom application running on client side. Now how to get the needed information? (PSE?)
  It would be great when you could give me a clue.
  Best regards,
  Kristian

  This linksactualy leads to the same place I mentioned where
  it installs the
  player over the Internet
  Another thing is that these players are said to be different
  for different
  browsers which means they are working together with a
  browser. I am looking
  for a player which allows to play SWF file directly, without
  a browser.
  I have such a player installed together with FLASH-8 - I am
  looking for
  such a player
  "DMennenoh" <[email protected]> wrote in
  message
  news:e2qgmu$t5r$[email protected]..
  > Does this help:
  >
  http://www.macromedia.com/shockwave/download/alternates/
  >
  > --
  > Dave -
  > Adobe Community Expert
  > www.blurredistinction.com
  > www.macromedia.com/support/forums/team_macromedia/
  >
  >

• Impact of Hardware Change on SSO tickets

  Hi Experts,
  We are carrying out a hardware refresh  of our production EP database server.  Hardware refresh involves changing the server on which the EP database & application servers are residing with no change in the Hostname and IP addresses for the EP servers.
  We use SSO tickets to connect our EP system to our ECC6 system for accessing ESS/MSS functionality & are doing an impact analysis before the hardware refresh & would like to check if there can be any impact to the single sign on setup between our EP & ECC6 system.
  Appreciate any comments.  Thanks.
  Regards,
  Murali

  Hi,
  There should be no effect at all unless and until Hostname and IP address does not change.
  With Regrads,
  Saurabh

• Project Server 2010 PWA Provisioning Error - System.UnauthorizedAccessException: Access is denied.

  Hi,
  When migrating from a Prod Environment to a Test Environment using the Project Server 2010 5 Database backup and restore process (actually 6 DB's with the Project Sites DB), upon encountering a failure during provisioning the PWA Instance, we get the errors listed
  at the base of this posting in our Event Logs.
  To clarify what we have done already, we have:
  1. Backed up the 6 databases from the Source Environment.
  2. Removed the existing PWA_Content and PWS_Content (Project Sites) databases from the Target Environment Farm.
  3. Restored the 6 databases in the Target Environment.
  4. Given the SP Farm Service Account 'db_owner' rights to each of the 6 restored databases.
  5. Added the PWA_Content and PWS_Content databases  (exact same names) to the Target Environment.
  6. Locked down (offline/stopped), all of the SharePoint Content databases in the Farm except for the PWA_Content database.
  7. Run the PWA Provisioning process from the 'Project Server' SharePoint Service in Central Admin.
  It is during the PWA provisioning that we encounter these errors.
  As the Target Environment is for Test/Dev purposes, the SP Farm Service Account is setup to support all of the SharePoint Farm Services, is in the Local Admin Group of each of the Servers (App, WFE and DB), and is actually in the sysadmin
  role on the DB Server.
  Any suggestions on what is causing this denied access situation would be most appreciated.
  Cheers,
  Wayne
  Event Log Entries:
  ============================================
  Log Name:      Application
  Source:        Microsoft-SharePoint Products-Project Server
  Date:          1/22/2014 2:47:34 PM
  Event ID:      6971
  Task Category: Provisioning
  Level:         Error
  Keywords:     
  User:          ACCOUNTS\svc_psfarm
  Computer:      SERVER.accounts.domain.com
  Description:
  Failed to provision site PWA with error: Microsoft.Office.Project.Server.Administration.ProvisionException: Membership synchronization failed. ---> System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
     at Microsoft.SharePoint.Library.SPRequest.AddRoleDef(String bstrUrl, String bstrName, String bstrDescription, Boolean bHidden, Int32 lRoleOrder, UInt64 iPermMask, Byte iType, Int32 lRoleDefID)
     at Microsoft.SharePoint.SPRoleDefinitionCollection.AddCore(SPRoleDefinition role)
  etc....
  Failed to create the Report Center web (Exception: PSI Entry Point:
  Project User: DOMAIN\svc_psfarm Correlation Id: c0a30b18-46e4-4447-b469-f8fd3bb1490a
  PWA Site URL: http://pstest2010/PWA
  SSP Name: Project Server
  PSError: NoError (0))
  Failed to grant 'DOMAIN\svc_psfarm' access to web application 'SPWebApplication Name=Portal'.
  Error: System.Security.SecurityException: Access denied.  Only machine administrators are allowed to create administration service job definitions of type: Microsoft.SharePoint.Administration.SPUpdateWorkerProcessGroup, Microsoft.SharePoint, Version=14.0.0.0,
  Culture=neutral, PublicKeyToken=71e9bce111e9429c.
     at Microsoft.SharePoint.Administration.SPAdministrationServiceJobDefinition..ctor(String name, SPService service, SPServer server, SPJobLockType lockType)
     at Microsoft.SharePoint.Administration.SPUpdateWorkerProcessGroup..ctor(SPTimerService timerService, String[] loginsToAdd, String[] loginsToRemove)
     at Microsoft.SharePoint.Administration.SPWebApplication.GrantAccessToProcessIdentity(String username, SPPolicyRoleType policyRole)
     at Microsoft.Office.Project.Server.Administration.PsiServiceApplication.GrantAccessToWebApp(List`1 webApps, String userName) The Zone of the assembly that failed was: MyComputer

  Is the Test and Production in the same domain. If they are not, then the SIDs associated with the SQL accounts may look the same but they are not.  At times, I have had to recreated accounts when in different domains.
  I would also use PowerShell cmdlets and see if it finds any issues, such as Test-SPContentDatase.. Validate the SharePoint content databases, because if not setup properly the Provisioning will fail.
  Also check these properties.
  $web=get-spweb http://prodproj01/pwa
  $Web.AllProperties[“PWAURL”] ### see what the value is.. you may have to blank it out, specially if it is pointing to a different URL
  Here is how to fix.
  $Web.AllProperties[“PWAURL”]=””
  $web.Update()
  Michael Wharton, MVP, MBA, PMP, MCT, MCTS, MCSD, MCSE+I, MCDBA
  Website http://www.WhartonComputer.com
  Blog http://MyProjectExpert.com contains my field notes and SQL queries

• SSO ticket expired !!

  Hi ,
    we are running EP 7.0 (NW04s) and we are getting following error in ESS
  while opening it,
  <b>com.sap.mw.jco.JCO$Exception: (103) RFC_ERROR_LOGON_FAILURE: System received an expired SSO ticket</b>
       at com.sap.mw.jco.MiddlewareJRfc.generateJCoException(MiddlewareJRfc.java:455)
       at com.sap.mw.jco.MiddlewareJRfc$Client.connect(MiddlewareJRfc.java:1015)
       at com.sap.mw.jco.JCO$Client.connect(JCO.java:3238) ................
  and strangely we are facing this problem for few user id's. its not generic problem
  also if i delete cookies and temp files from internet option, it works for some time ,
  then throws same error again.
  finally clearing temp files and cookies also works on some system.
  Any suggestion would be appreciated.
  Thanks in advance
  Abhay

  Hey,
  For those perticular users, there shoud be an active session in R/3. In SM04 delete the sessions opened by JCo user.
  Look at following threads
  Re: System received an expired SSO ticket
  SSO ticket expires
  SAP Note 825149--SSO ticket expired
  Cheers!!
  AShutosh

• Integrate a https site into portal using sso

  Hi all,
  We have a information system application which is a 'https' site for the company users. Now I would like to integrate this to our portal using SSO. could you please suggest me the how to accomplish this.
  thanks in advance
  -Henry

  Hi Henry,
  Is your information system a SAP system or Non-SAP system ?
  Anyways, there are various options for doing this
  1)Kerberos Authentication
  2)PAS
  3) JAAS
  4)SAML
  check out this link
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/58094632-0301-0010-a391-fc0de26f010e
  Check this for details on various methods for SAP and Non-SAP systems
  http://help.sap.com/saphelp_nw04/helpdata/en/04/120b40c6c01961e10000000a155106/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/04/120b40c6c01961e10000000a155106/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/04/120b40c6c01961e10000000a155106/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/04/120b40c6c01961e10000000a155106/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/04/120b40c6c01961e10000000a155106/frameset.htm
  Regards,
  Piyush
  ps: pls reward points if u find this info useful.

• To use a router to set up a local wifi network. Would this system be suitable to use with an Apple TV or is internet access require

  I'm considering using Apple TV to connect to a projector in a church hall which does not have any internet access. I intend to use a router to set up a local wifi network. Would this system be suitable to use with an Apple TV or is internet access require

  Welcome to the Apple Community.
  Yes, that will be fine providing you don't want to play any protected content.