Afctl (Adaptive Firewall) error in 10.8.2

I have enabled the Adaptive Firewall in OS X Server (2.2) under Mountain Lion 10.8.2 as per Apple's instructions:
http://support.apple.com/kb/HT5519
However, I get back an error everytime I try to enable it:
# afctl -f
No ALTQ support in kernel
ALTQ related functions disabled
pf enabled
Token : 18446743524496027528
No ALTQ support in kernel
ALTQ related functions disabled
Jan 22 17:41:50 server.domainredacted.com afctl[17998] <Notice>: Cannot update the Event Monitor config
When I try to alter a setting:
sh-3.2# afctl -T 10
Jan 22 17:42:09 server.domainredacted.com afctl[18005] <Notice>: Cannot update the Event Monitor config
Or when I try to disable it:
sh-3.2# afctl -X
Jan 22 17:45:29 server.domainredacted.com afctl[18021] <Notice>: Cannot update the Event Monitor config
I thought perhaps that afctl was having trouble writing to AdaptiveFirewall.plist in /Applications/Server.app/Contents/ServerRoot/private/etc/emond.d/rules
sh-3.2# ls -l /Applications/Server.app/Contents/ServerRoot/private/etc/emond.d/rules
total 0
-rw-r--r--  1 root  wheel   3344 Jan 22 00:11 AdaptiveFirewall.plist
But even adding world write permissions to this file didn't help.
I also wondered if perhaps afctl was looking for AdaptiveFIrewall.plist in the wrong place:
sh-3.2# ls -l /etc/emond.d/rules/
total 0
-rw-r--r--  1 root  wheel   822 Jan 21 20:01 SampleRules.plist
-rw-r--r--  1 root  wheel  8964 Jan 21 20:01 Xsan.plist
But copying AdaptiveFirewall.plist here (or symbolic linking the file in this dir) didn't do the trick either.
Anyone have any idea why afctl keeps complaining that it  "Cannot update the Event Monitor config" in OS X Server 2.2 / Mountain Lion 10.8.2?
Rusty

An additional (and confusing) update. The adaptive firewall may actually be doing something on my machine after all, but it's definitely not consistent. While digging through my logs again today, I noticed the events that I've pasted below. Apologies for the wall of text, but I've included the entire transcript of the attack for completeness.
2/6/13 10:48:44.161 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:48:44.161 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:48:51.331 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:48:51.331 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:48:55.243 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:48:55.243 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:03.151 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:03.151 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:07.112 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:07.112 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:10.989 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:10.989 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:21.890 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:21.890 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:25.801 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:25.801 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:29.699 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:29.699 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:29.700 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:29.870 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:29.948 PM afctl[25763]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:29.954 PM emond[117]: 381912569.864889 Host at <IP-ADDRESS> was blocked for 15
2/6/13 10:49:29.954 PM emond[117]: 381912569.864889 Host at <IP-ADDRESS> was blocked for 15
2/6/13 10:49:29.954 PM emond[117]: 381912569.864889 Host at <IP-ADDRESS> was blocked for 15
2/6/13 10:49:33.591 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:33.591 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:33.592 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:33.669 PM afctl[25764]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:33.675 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:33.754 PM afctl[25765]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:33.759 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:33.836 PM afctl[25766]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:37.477 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:37.477 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:37.478 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:37.552 PM afctl[25768]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:37.558 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:37.633 PM afctl[25769]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:37.638 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:37.720 PM afctl[25770]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:41.433 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:41.433 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:41.434 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:41.511 PM afctl[25771]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:41.516 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:41.597 PM afctl[25772]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:41.602 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:41.678 PM afctl[25773]: Address already in the blacklist, not added (timeout has been updated)
Note that I've made no changes to this server since my last post, but afctl does indeed appear to be working in those logs; there are no more login attempts from that IP after this excerpt. Additionally, I thought this might be a good sign for progress on getting Apple's KB Article (http://support.apple.com/kb/HT5519) to work, but I still receive the <Notice>: Cannot update the Event Monitor config error.
Also, what's up with the auth errors logging after the IP's already been blocked? And there's a 4-second window preceeding them each time.
Curiouser and couriser.

Similar Messages

  • Controlling the Adaptive Firewall with `afctl`

    For those of you that don't know, afctl controls (is?) Leopard Server's Adaptive Firewall. Its a really cool program, you give it an IP address, and a time-to-live in minutes, and that ip instantly gets firewalled for about that many minutes.
    Here is the man page for the program:
    http://developer.apple.com/documentation/Darwin/Reference/ManPages/man8/afctl.8. html
    And here is the man page for it's config file:
    http://developer.apple.com/documentation/Darwin/Reference/ManPages/man5/af.plist .5.html
    At first it seems like the perfect program. But I'm having big problems with it, all regarding rule numbers.
    afctl's first firewall rule is number 1700. Its next rule is 1705. And so on and so on. Now my rules come from a script I have running on my server, that automatically 'detects' abusers and blocks them. Rules last for 1 hour. So after the first hour of running, rule 1700 will expire, then 1705 and so on. New rules that are constantly getting generated, are up to maybe lets just say 1840.
    So even though rules only last an hour, the rule numbers keep going up and up and up. This becomes a big problem because once the rules get to 12300, the overlap and then pass existing rules in ipfw. Once they surpass this, incoming packets are matched and accepted before they get to their block rule (generated by afctl). So every second or so, another and another and another firewall rule gets added to block that same IP. But the rules are so high they don't work. Multiply this by 30 or 40 IPs at a time and you can see how once my afctl rules get to 12300, total chaos ensues.
    If I totally disable my script for two hours, and let all my afctl rules expire. Then I can re-enable the script and it will start generating rules again at 1700. But this can be a problem, some times I'm getting more traffic than I can handle during those two hours. After about 250 requests per second, things start to get sketchy.
    I need a way to manage these rule numbers without having to turn off the script that makes these rules.
    One thing that confuses me is the 'default_set' setting in the af.plist file. I'm not sure what this means, but does this somehow let me put my afctl rules into their own 'group'? The default setting for 'default_set' in my plist file is 17. That means nothing to me though. Reading the ipfw man page, it refers to it's whole configuration as it's 'ruleset'. So I'm not sure what this setting is, or if it can help me.
    As it stands now, I have to 'reset' my rules (by way of disabling my script and letting all afctl created rules expire) about every other day. If I could have afctl rules increment by 1 instead of 5, that would give me about 10 days. Still a bandaid, but a better bandaid. If there was a way to make afctl choose rules that are the lowest available rule number greater than 1699, so as rules expired, their numbers would be recycled. That would also work. Although i'd feel better if my dymanic rules also had a greater range to life in, than 1700-12300. But I'd have to be under one **** of an attack for that not to be enough.

    Well I found a solution, but it's not great. I run the following commands daily (nightly).
    sudo rm /var/db/af/blacklist;
    sudo ipfw delete set 17;
    sudo /usr/libexec/afctl;
    This deletes any memory afctl has of it's rules. Then it manually deletes all the rules it's made. Then it recreates it's database file.
    This will make your rules start over every night so you won't get 'rule number overflow' headaches.
    OF COURSE the whole point of afctl is auto-expiring firewall rules. So if you're going to do this, I might as well have my server firewall addresses directly to ipfw instead of bothering with afctl. I'm going to leave it using afctl now only because its already set up and running. At least I can be away from my server now without having a rule number overflow which for several different reasons brings my server to it's knees.

  • Adaptive Firewall & afctl

    is the adaptive firewall working in 10.6 Server? i can't get it to auto block an IP after numerous failed attempts like 10.5 Server does.

    I highly recommend adding:
    export PATH=$PATH:/Applications/Server.app/Contents/ServerRoot/usr/libexec
    to ~/.bash_profile
    That way, afctl can be easily summoned:
    $ which afctl
    /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl
    Rusty

  • Unable to enable the adaptive firewall: No ALTQ support in kernel ALTQ related functions disabled

    No ALTQ support in kernel ALTQ related functions disabled
    OS X Server: How to enable the adaptive firewall - Apple Support
    Recently ran the latest OS X Yosemite Server Updates: OS X v10.10.3 and Server v4.1.  Tried to enable the "adaptive firewall" by following the steps in Apple's article (see above) and encountered the error after the second line of commands
    Charlie$ sudo pfctl -f /etc/pf.conf
    pfctl: Use of -f option, could result in flushing of rules
    present in the main ruleset added by the system at startup.
    See /etc/pf.conf for further details.
    No ALTQ support in kernel
    ALTQ related functions disabled
    server:~ Charlie$

    I'm not sure that is an error, it is a warning.
    The Mac kernel is not compiled with support for ALTQ so you can't use those features.
    Carry on & test your firewall is working as you expect.

  • How to get Alerts mail for adapter engine errors in SAP PI 7.0

    Hi Friends,
    I configured Alerts in PI 7.0. with the help of t-code u2018ALRTCATDEF and created a new alert catergory.
    In container tab i have mentioned all give below elements.
    SXMS_MSG_GUID, SXMS_RULE_NAME, SXMS_ERROR_CAT, SXMS_ERROR_CODE, SXMS_FROM_PARTY, SXMS_FROM_SERVICE, SXMS_FROM_NAMESPACE, SXMS_FROM_INTERFACE, SXMS_TO_PARTY, SXMS_TO_SERVICE, SXMS_TO_NAMESPACE,SXMS_TO_INTERFACE
    I am getting alerts when I manually test the alerts configurations by running the report u2018RSALERTTESTu2019.
    I am getting mail as :
    Alert ID: ##00009##
    Dear Administrator,
    This is with respect to XI Scenario. During processing of XML file from ECC or XYZ Server, Following error has been occured:
    Message ID:
    Interface:
    NOTE: To check the file name, go to SXMB_MONI and search for above message ID.
    Double click on that message ID and click on error in left hand tree.
    Please take appropriate action in co-ordination with respective functional and BASIS consultant.
    But When I am getting a error , I am not getting an alert mail. Right now iam doing in XI Development.
    I am not getting an Alert mail , when my message is in status of : System Error . Error catergory is : XI_J2EE_ADAPTER_JDBC.
    Kindly tell how to get alert mail for error catergory : XI_J2EE_ADAPTER_JDBC and in Adapter engine errors.
    How to get alert mail when my message is failed with any reason in Adapter engine.
    Waiting for quick replay. Please help me out.
    Regards,
    Ahmed.

    Hi thanks for quick reply.
    As per your given link : http://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/14877. [original link is broken]
    I have done all these steps. But still little problem.
    as per link he is getting Error  description , error message id , alert rule..
    In my case I am not getting these information. when my messages failed. When I am doing manully testing the alert getting an mail as :
    Alert ID: ##00009##
    Dear Administrator,
    This is with respect to XI Scenario. During processing of XML file from ECC or XYZ Server, Following error has been occured:
    Message ID:
    Interface:
    NOTE: To check the file name, go to SXMB_MONI and search for above message ID.
    Double click on that message ID and click on error in left hand tree.
    Please take appropriate action in co-ordination with respective functional and BASIS consultant.
    Is it okay the body of mail??.
    I am not getting alert mail when my messages failed in adapter engine and Integration Engine.
    Ex my message is failed in AE:as below.
    My messages flow as : SAP --> XI --> DB.
    Messages is success (in ECC moni)> XI moni also success> XI Adapter engine getting error as (Status: System Error) and (Error Category : XI_J2EE_ADAPTER_JDBC).
    Regards,
    Ahmed.

  • Error -:  AIP-50031:  B2B adapter general error: java.lang.NullPointerExce

    I have configured two B2B trading partner over ebMS communication. I have also configured an internal delivery channel using JMS.I am posting a msg(the Tp identification is through duns no.) on the JMS queue and I am not able to receive it on the Tp side and i am getting the following error
    008.11.28 at 01:53:36:544: Thread-13: B2B - (ERROR) java.lang.NullPointerException
         at oracle.tip.adapter.b2b.msgproc.DbAccess.insertMsgTblRow(DbAccess.java:806)
         at oracle.tip.adapter.b2b.msgproc.DbAccess.updateWireBusinessToErrorState(DbAccess.java:5365)
         at oracle.tip.adapter.b2b.engine.Engine.handleOutboundException(Engine.java:4109)
         at oracle.tip.adapter.b2b.engine.Engine.processOutgoingMessage(Engine.java:1130)
         at oracle.tip.adapter.b2b.transport.AppInterfaceListener.onMessage(AppInterfaceListener.java:137)
         at oracle.tip.transport.basic.jms.JMSMonitor.processMessages(JMSMonitor.java:610)
         at oracle.tip.transport.basic.jms.JMSMonitor.run(JMSMonitor.java:236)
    2008.11.28 at 01:53:36:544: Thread-13: B2B - (ERROR) Error -: AIP-50031: B2B adapter general error: java.lang.NullPointerException
         at oracle.tip.adapter.b2b.msgproc.DbAccess.updateWireBusinessToErrorState(DbAccess.java:5426)
         at oracle.tip.adapter.b2b.engine.Engine.handleOutboundException(Engine.java:4109)
         at oracle.tip.adapter.b2b.engine.Engine.processOutgoingMessage(Engine.java:1130)
         at oracle.tip.adapter.b2b.transport.AppInterfaceListener.onMessage(AppInterfaceListener.java:137)
         at oracle.tip.transport.basic.jms.JMSMonitor.processMessages(JMSMonitor.java:610)
         at oracle.tip.transport.basic.jms.JMSMonitor.run(JMSMonitor.java:236)
    Caused by: java.lang.NullPointerException
         at oracle.tip.adapter.b2b.msgproc.DbAccess.insertMsgTblRow(DbAccess.java:806)
         at oracle.tip.adapter.b2b.msgproc.DbAccess.updateWireBusinessToErrorState(DbAccess.java:5365)
    I am able to recevie the Heased but not the payload
         ... 5 more

    Hi,
    ":" - has been used as default separator so if you identifier holds this value, please enable add the tip.properties entry as below and things should be fine.
    oracle.tip.adapter.b2b.partyTypeAndValueSeparator=#.
    Here's a sample for jms enqueue,
    FROM_PARTY= urn:oasis:names:tc:ebXML-cppa:partyid-type:duns#232510151
    TO_PARTY= urn:oasis:names:tc:ebXML-cppa:partyid-type:duns#123456789
    Just replace the "FROM_PARTY" and "TO_PARTY" as "from" and "to" for AQ.
    Thanks,
    Sinkar
    [From Ramesh Team]

  • SRFC-adapter  and file adapter with error: no adapter found

    Hello,
    we have two scenarios here in an XI 3.0 SP12:
    First scenario connects two R/3 systems via RFC adapter (outbound / inbound) for an RFC in a standard R/3 function module SUSR_ZBV_GET_REMOTE_PROFILES.
    The RFC is synchronous.
    Second scenario uses file adapter to send file from A to B.
    When starting the RFC call from the sender system the error message in area "call adapter" for XML message in the trace is "exception while reading from SLD:Property sap_xiadapterservice.adapterType does not exist".
    Message in RWB:
    "Transmitting the message using connection http://abc038.ceu.test.com:8077/sap/xi/engine?type=entry failed, due to: XIServer:AE_DETAILS_GET_ERROR:Property sap_xiadapterservice.adapterType does not: Unable to find any Adapter Engines."
    Same problem for file adapter!
    Here is the message from the file adapter error log entry in SXMB_MONI:
    <?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
    - <!--  Call Adapter
      -->
    - <SAP:Error xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" SOAP:mustUnderstand="">
      <SAP:Category>XIServer</SAP:Category>
      <SAP:Code area="INTERNAL">AE_DETAILS_GET_ERROR</SAP:Code>
      <SAP:P1>af.kx1.test038</SAP:P1>
      <SAP:P2 />
      <SAP:P3 />
      <SAP:P4 />
      <SAP:AdditionalText>Property sap_xiadapterservice.adapterType does not: Unable to find any Adapter Engines</SAP:AdditionalText>
      <SAP:ApplicationFaultMessage namespace="" />
      <SAP:Stack>Error when reading the access data (URL, user, password) for the Adapter Engine af.kx1.test038</SAP:Stack>
      <SAP:Retry>M</SAP:Retry>
      </SAP:Error>
    Looks like an identical problem for both adapter.
    What we have done (checked) so far:
    - SLD connection is working
    - Vis.Admin.: no problems found
    (SAP RFC adapter active, file adapter active)
    - Component monitoring: no errors, adapters are fine
    - all rfc connections checked: ok
    - have checked user and pwd and replaced to be sure
    - cache refresh: ok
    - reimport of SWCV to IR for RFC: done, no result
    Does anybody have an idea, how to get rid of that?
    Best regards
    Dirk

    Hello Udo,
    in Adapter monitoring all adapters are listed and per adapter (here RFC and FILE) all adapter entries from the scenarios are available (sender / receiver comm. channel entries - in green)!
    Pipeline URL in SLD Bus. Syst. is fine ( and an IDOC adapter scenario is running successfully) !
    I think this is a really tricky one!
    Best regards
    Dirk

  • Error in Inbound B2B: AIP-50031:  B2B adapter general error: java.lang.Null

    Hi,
    I am getting the following error in inbound B2B - Custom Document over Generic Exchange - SFTP
    Description: B2B adapter general error
    StackTrace:
    Error -: AIP-50031: B2B adapter general error
         at oracle.tip.adapter.b2b.engine.Engine.processIncomingMessage(Engine.java:1900)
         at oracle.tip.adapter.b2b.engine.Engine.incomingContinueProcess(Engine.java:2657)
         at oracle.tip.adapter.b2b.engine.Engine.handleMessageEvent(Engine.java:2527)
         at oracle.tip.adapter.b2b.engine.Engine.processEvents(Engine.java:2482)
         at oracle.tip.adapter.b2b.data.MsgListener.onMessage(MsgListener.java:530)
         at oracle.tip.adapter.b2b.data.MsgListener.run(MsgListener.java:376)
         at java.lang.Thread.run(Thread.java:534)
    ]]>
    The outbound B2B is working fine; however for the inbound file transfer the file is picked up from the trading partner and this exception occurs.
    Thanks

    Please paste more log in trace 32 mode. What is the name of the file you are receiving? By default B2B expects incoming filename as -
    <FromTPName>UniqueId.<anyFile_Extn>
    For e.g., if partner MarketInc is sending the file then it's name should be - MarketInc_12345.dat or MarketInc_34567.xml
    Make sure that listening channel is not marked as internal as well.
    Regards,
    Anuj

  • BINDING.JCA-12510 JCA Resource Adapter location error in SOA 11g Suite

    Hi,
    I am just testing one simple SOA Application in SOA 11g Suite. Created a SOA Composite Application with one DB Adapter at designtime all worked fine with DB Adapter. But when I deploy the Application on the server I get the following error:
    The JCA Binding Component was unable to establish an outbound JCA CCI connection due to the following issue: BINDING.JCA-12510 JCA Resource Adapter location error. Unable to locate the JCA Resource Adapter via .jca binding file element <connection-factory/> The JCA Binding Component is unable to startup the Resource Adapter specified in the <connection-factory/> element: location='eis/DB/soademoDatabase'. The reason for this is most likely that either 1) the Resource Adapters RAR file has not been deployed successfully to the WebLogic Application server or 2) the '<jndi-name>' element in weblogic-ra.xml has not been set to eis/DB/soademoDatabase. In the last case you will have to add a new WebLogic JCA connection factory (deploy a RAR). Please correct this and then restart the Application Server ".Do I need to jndi-name in weblogic-ra.xml if so what is the exact location. Any help is appreciated.
    Thanks

    I did but still not able to connect now getting the following error. I went to the Weblogic Console, clicked on deployments, selected DBAdapter, clicked on configuration ,
    and then I don't see outbound configurations instead it shows Outbound Connection Pools, Under Outbound Connection Pools tab I clicked on New and it asked to select Outbound Connection Group I selected the one that was already there (with JNDI eis/DB/SOADemo) and then created my JNDI which was added to the default Outbound Connection Group and in the end it asked to save the Plan.xml which I saved it under a new directory created under soa directory. But still am not able to connect.
    How do I create my own Connection Group as don't want to use the defualt one out there.
    After creating the JNDI Name it asks for saving the Plan.xml file. Where exactly we save this file. Are there any standards.
    Why can't I update any properties when I click on the new JNDI name it takes to Settings for javax.resource.cci.ConnectionFactory --> Outbound Connection Properties but there I see a save buttn but I can't make any changes.
    BINDING.JCA-12563 Exception occured when binding was invoked. Exception occured during invocation of JCA binding: "JCA Binding execute of Reference operation 'getCreditValidationSelect' failed due to: Could not create/access the TopLink Session. This session is used to connect to the datastore. Caused by javax.resource.spi.InvalidPropertyException: Missing Property Exception. Missing Property: [DBManagedConnectionFactory.userName]. You may have set a property (in _db.jca) which requires another property to be set also. Make sure the property is set in the interaction (activation) spec by editing its definition in _db.jca. . ". The invoked JCA adapter raised a resource exception. Please examine the above error message carefully to determine a resolution. Is there any documentation that lists all these steps as I couldn't find it anywhere. The guide only talks abou DBAdapter but how to configure etc can't find any info. Any help is appreciated.
    Thanks.

  • Alert for adapter engine error

    Hello experts
    We have configured the alerts for the adapter engine errors .We have configured the variable &SXMS_TO_ADAPTER_ERRTXT& element which is having the CHAR70 type for getting the adapter engine error text in the alert inbox.so for any adapter engine error greater than 70  chracters ,it is getting truncated to 70 chracters only.but we want to have the whole adapter error log text.
    Can anyone please throw some light on this.
    Thanks
    sabyasachi

    Moha,
    It seems that it cannot support more than that.
    Problem with Alert Text
    Re: Message Size in ALERTS
    It is worth taking a look at this blog:
    /people/community.user/blog/2006/10/16/simple-steps-to-get-descriptive-alerts-from-bpm-in-xi
    Regards,
    ---Satish

  • AS2 Adapter in error

    Hello,
    I have got an error in AS2 adapter.
    Error message is as shown below :
    Message processing failed. Cause: javax.resource.ResourceException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing request can not be repeated. # , SEEBURGER AS2: org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing request can not be repeated. #
    we are struggling for this error for quite few days.
    Can anyone help me out what we can check in this ?? what could be a possible cause for same??
    Thanks a lot in adavance !!!
    Regards,
    Vikrant

    Hi Vikrant
    Just have alook at this thread may get some clue ..
    Seeburger AS2 Adapter sending message error
    Re: Error in AS2 RCV adapter.. SEEBURGER AS2: 307 Temporary Redirect #
    Regrds
    Abhishek

  • IDoc Adapter throws error

    We are trying to send data to SAPR/3 47 IDES using IDoc Adapter.
    the data is sent to XI from SQL database thro JDBC adapter and then to R/3 thro IDoc adapter.
    All this is in Asynchronous mode and at no point we chose synchronous (IDoc adapter does not suppost Asynchronous process right).
    But we are getting the following error:
    <?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
    - <!--  Call Adapter
      -->
    - <SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SAP="http://sap.com/xi/XI/Message/30">
    - <SOAP:Header>
    - <SAP:Main xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" versionMajor="003" versionMinor="000" SOAP:mustUnderstand="1" wsu:Id="wsuid-main-92ABE13F5C59AB7FE10000000A1551F7">
      <SAP:MessageClass>SystemError</SAP:MessageClass>
      <SAP:ProcessingMode>synchronous</SAP:ProcessingMode>
      <SAP:MessageId>B7685EB2-42F1-554B-80CC-6ADFC86C7975</SAP:MessageId>
      <SAP:RefToMessageId>35A42550-81F9-11D9-AFC7-00C09F450580</SAP:RefToMessageId>
      <SAP:TimeSent>2005-02-18T22:05:33Z</SAP:TimeSent>
    - <SAP:Sender>
      <SAP:Service>S70_812</SAP:Service>
      <SAP:Interface namespace="urn:sap-com:document:sap:idoc:messages">DEBMAS.DEBMAS04</SAP:Interface>
      </SAP:Sender>
      <?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
    - <!--  Call Adapter
      -->
    - <SAP:Error xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" SOAP:mustUnderstand="1">
      <SAP:Category>XIAdapter</SAP:Category>
      <SAP:Code area="IDOC_ADAPTER">ATTRIBUTE_BE_NOT_SUPP</SAP:Code>
      <SAP:P1 />
      <SAP:P2 />
      <SAP:P3 />
      <SAP:P4 />
      <SAP:AdditionalText />
      <SAP:ApplicationFaultMessage namespace="" />
      <SAP:Stack>Only asynchronous processing supported for IDoc adapter outbound processing</SAP:Stack>
      <SAP:Retry>N</SAP:Retry>
      </SAP:Error>
    We are not sure where from this synchronous is being picked?
    Please advise.
    Thanks,
    Bhaskar and Anil

    In the Processing Parameters section of the JDBC adapter, make sure you have Exactly Once (Asynchronous) selected.

  • PLAIN HTTP ADAPTER -ATTRIBUTE_SERVER ERROR

    Hi,
    I am facing the following error while using HTTP Receiver adapter,
      <?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
    - <!--  Call Adapter
      -->
    - <SAP:Error xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" SOAP:mustUnderstand="">
      <SAP:Category>XIAdapter</SAP:Category>
      <SAP:Code area="PLAINHTTP_ADAPTER">ATTRIBUTE_SERVER</SAP:Code>
      <SAP:P1>500</SAP:P1>
      <SAP:P2>Internal Server Error</SAP:P2>
      <SAP:P3>Error during parsing of SOAP header</SAP:P3>
      <SAP:P4 />
      <SAP:AdditionalText />
      <SAP:ApplicationFaultMessage namespace="" />
      <SAP:Stack>Http server code 500 reason Internal Server Error explanation Error during parsing of SOAP header</SAP:Stack>
      <SAP:Retry>M</SAP:Retry>
      </SAP:Error>
    Help me to solve this problem

    Hi Prabu,
    You should be using adapter type XI to connect to the receiver SAP system and not HTTP.  Define an RFC connection from XI to that SAP system (SM59 use type HTTP connection to ABAP system) and use that RFC connection name in you XI receiver communication channel.

  • Firewall error now won't turn on

    last night i received the firewall error message, and today my nano will not turn on. i've checked everything, but nothing is working. when i plug it into my computer, the screen flashes blank once,and then goes black again. the 5 r's did nothing. what should i do?
    ipod nano first generation   Windows XP  

    Ouch! That really stinks
    I would contact AppleCare or make an appointment for your local Apple Store.
    At this point, i believe your phone is just dead. Its possible the power brick was badly manufactured or something of the like, so make sure you also get the cord and power brick replaced.
    Good luck!

  • Abap tables for adapter engine errors

    Hello,
    Which ABAP tables in PI will have the data relating to adapter engine errors (like the communication channel errors). Is there any way I can get the adapter engine errors from abap tables?
    Any help is very much appreciated.
    Thanks
    MLS

    Hello,
    What I am trying to do is write a report in ABAP, which will read the table for errors (for messages which are not processed successfully in Integration engine or adapter engine) and email those errors to users. If there is communication channel error in RWB, the message in sxmb_moni is still shown as success and is not being updated in table SXMSPERROR.
    We cannot use PI Alerts here since the email list is dynamic for the same PI interface.
    Any ideas on how to accomplish this?
    Thanks
    MLS

Maybe you are looking for

  • Last day of previous month for data load

    Hi, I have to load data from the previous month into the psa and then into an infocube. I was wondering as to how to get the last of the previous month to write a code in ABAP. I will be writing the code at the infopackage level in the data selection

  • SAP 4.7 IDES Install Error on Oracle 8.1.6

    J:\usr\sap\DVP\SYS\exe\run/R3load.exe: START OF LOG: 20070228150927 J:\usr\sap\DVP\SYS\exe\run/R3load.exe: sccsid @(#) $Id: //bas/620/src/R3ld/R3load/R3ldmain.c#5 $ SAP J:\usr\sap\DVP\SYS\exe\run/R3load.exe: version R6.20/V1.2 J:\usr\sap\DVP\SYS\exe\

  • How to Compress non-image object in Acrobat 9 Pro/Acrobat X Pro

    Hi, I am newbie and don't know where to post this question exactly. Forgive me if I am incorrect. How can we compress "non-image object" in "Acrobat 9 Pro/Acrobat X Pro" Thanks in advance for your suggestion & help. Thanks & Regards, Raja. S

  • Error to import  RFC (ABAP) service in CAF

    I am trying to import a ABAP service  (as an external service) BAPI_USER_GET_DETAIL and getting the following error after selecting  BAPI_USER_GET_DETAIL  checkbox cannot load R/3 descriptions. Env. - NetweSAP NetWeaver Developer Studio Version: 7.0.

  • Export internal table to Excel file pressing a new button created in ALV

    Hello, I am trying to implement the functionality to export to excel file inside a button that i have created into my ALV. I don't want to use FileDownload UI. The code I have set for event handler of this button is the following: METHOD attach_files