CAD login failure with CUPS integration

Similar Messages

• Login Failure with psconsole

  I am new with Sun Portal 7.1. I have successfully installed and configure the Portal Server 7.1
  But the moment i log out from the psconsole and try to log in with amadmin and the correct password,
  the system gives me authentication failure.
  Pls help is urgently needed.
  I have the Portal Server running in a SLES 10 VM.
  sco

  hi,
  could you please post any log messages?
  u can give this a shot if u're running on solaris machine.
  here's a checklist.
  1) are you able to login to amconsole? if access manager is deployed on a different container from portal server, start that container (if AM is on web server & PS on appserver, start both)
  2) is your directory server up and running? if not, start it using /opt/SUNWdsee/ds6/bin/dsadm start /var/opt/SUNWdsee/dsins1
  3) is the cacao running? try cacaoadm status & see if it is. if not, do "cacaoadm start". in case u get command not found, do "/opt/SUNWcacao/bin/cacaoadm start"
  if none of these work, please post log messages so that we can see where the problem lies.

• IMAP login failures with known good settings

  I cannot set an IMAP account for a particular mail server. The settings are known good (work in other clients) The server is absolutly an IMAP server. the login fails no matter what i try. If I recreate the account but make it pop 3 it works fine, but IMAP will not.
  The settings used are at this link, under IMAP:
  https://www.rit.edu/its/services/email/setup/setup_exchange_quick_reference.html
  Any thoughts would be appreciated.
  Thanks,
  Alan

  So your not a student or alumni?
  It is that Kerberos for SMTP that gets me. That requires a token server to be .
  Try the It people with how to you connect your computer to the issuing trust tokens
  So I think the answer is ask the IT people how you connect your computer to the Kerberos/GSSAPI realm so the SMTP can authenticate. I have a feeling there is a [https://www.rit.edu/its/services/vpn VPN ]in your future, but we will see.

• Login failure with no feedback

  I have installed OiD 2.1.1 successfully with its own database.
  from the prompt i ran the following commands to run OiD server :
  oidmon connect=second sleep=10 start
  oidctl connect=second server=OIDLDAPD instance=1 start
  after that i made sure that the OracleDirectoryService is running in windows services.
  THE PROBLEM is that when running OiD Manager and writting id "cn=orcladmin" and password "welcome"
  in the login dialog and clicking "login" button it gets dimmed and the message "connecting..." appears and lasts forever
  without any response or feedback.
  I am asking if any step in installation is missing ????

  Try marking the flag "SSL-enabled" in the login dialog and select the SSL-port.

• SSL VPN Login failure issue

  Hello,
  I am having an issue with some users trying to login to our SSL VPN (Anyconnect) via ASA5505 8.2(1).  Authentication is done via AD.  From the same computer, the client finds the DNS name and unlocks the login username and password.  When I enter a username and password and click connect, it is instantly rejected with login failure with the following event log:
  Function: ConnectMgr::setPromptAttributes
  File: .\ConnectMgr.cpp
  Line: 2657
  Invoked Function: setPromptAttributes
  Return Code: -33554423 (0xFE000009)
  Description: GLOBAL_ERROR_UNEXPECTED
  Error text:
  Login failed.
  If I change the user account to another user (from the same PC), login works perfectly fine - this is only happening with 3 or 4 users - I have compared the user accounts of a failing account and a successful account and they are identical in AD. 
  This has been driving me crazy - as a work around for the failing users, I just created a temporary account which works perfectly fine.  The request doesn't even seem to hit the ASA (there is nothing in the logs that show a failed attempt).  Still troubleshooting and looking at certificate's at this point.  Any help/suggestions would be greatly appreciated!!  Thanks.
  Regards.
  After a little more testing, seems somehow related to users being in to many groups in AD.      
  Message was edited by: Rich Viola

  Hello,
  If the website is unavailable or in this case, the website is missing several characters(charts, canvas, etc or some other objects), usually could be an issue with the rewrite engine.
  Solution (workaround):
  You may use smart tunnel for this website, so the rewrite engine will not override any content, and it will display the website as it should.
  You can implement it as follow:
  Add a Bookmark
  Bookmark for the service and clicking the Enable Smart Tunnel option in the Add or Edit Bookmark dialog box.
  For further information you can find it here:
  http://www.cisco.com/c/en/us/td/docs/security/asa/asa83/configuration/guide/config/webvpn.html#wp1272236
  Let me know how tit works out!
  Please don't forget to rate and mark as correct the helpful Post!
  David Castro,
  Regards,

• Historical Reporting Client Login Failure - UCCX 7.0(1)

  We're experiencing intermittent login failures with the Historical Reporting Client, extract from the log file below:
  1: 28/04/2010 11:58:25 %CHC-LOG_SUBFAC-3-UNK: Error # 35761 ,Description= Request timed out ,LastDllError= 0
  2: 28/04/2010 11:58:25 %CHC-LOG_SUBFAC-3-UNK:Authentication response was NOT received from (http://<ip address>/histRepWebSrvrComp/histRepClientsServlet)
  3: 28/04/2010 11:58:25 %CHC-LOG_SUBFAC-3-UNK:Login Error | Invalid server name or IP address. Check the server name or IP address and login again.
  4: 28/04/2010 11:58:30 %CHC-LOG_SUBFAC-3-UNK:Authentication response was NOT received from (http://ip address/histRepWebSrvrComp/histRepClientsServlet)
  5: 28/04/2010 11:58:30 %CHC-LOG_SUBFAC-3-UNK:Login Error | Invalid server name or IP address. Check the server name or IP address and login again.
  6: 28/04/2010 11:58:30 %CHC-LOG_SUBFAC-3-UNK:Connection to web server failed due to: 12017 : Operation cancelled
  7: 28/04/2010 11:59:05 %CHC-LOG_SUBFAC-3-UNK:Connection to web server failed due to: 12017 : Operation cancelled
  8: 28/04/2010 11:59:05 %CHC-LOG_SUBFAC-3-UNK:Failed to load authentication response due to empty XML buffer from authentication servlet)
  9: 28/04/2010 11:59:05 %CHC-LOG_SUBFAC-3-UNK:Login Error | Invalid server name or IP address. Check the server name or IP address and login again.
  Does anyone know why this may be happening as it's driving the customer mad. User can usually login after a few attempts.
  The authentication timeout is set to 15 seconds, surely this is more than enough time or should we increase the timer?
  Any advice much appreciated.

  Hi Robert
  Thanks for the response and all very good suggestions which should help Chris narrow down his particular issue.
  It's been about a year since we last looked at this so I'd quite forgotten most of the diagnostics we'd done however we did go through most of the same diagnostics ourselves but the resolution was hampered due to the fact we support the telephony/WAN and another third party supports the desktops and LAN infrastructure so after months of to and fro with the customer and their third party (and many, many man hours) we eventually left the risk with the customer and investigations never progressed any further.
  1.) Upgrade to UCCX 7.0SR5.  This is a very stable release of code with few open bugs or caveats against it.
              - Agreed. We also ran into other bugs which required an upgrade.
  2.) Verify that the active NIC is indeed at the top of the bindings order.  Just having it active isn't enough, there needs to be the further test of moving to the top of the bindings order.
              - We did check this.
  3.) Verify that the hosts file on the UCCX server(s) has the external IP and hostname of the server in it.
              - Did this too.
  4.) Check the remote locations to verify that the network is correctly configured, there are no line errors on the WAN circuits, no misconfiguration on the switch/router ports and that QOS is in place across the network.
              - This part of the investigation stalled due to another 3rd party supporting the onsite network however no WAN issues were found.
  5.) Try to take a test system that is on the same network as the one having HRC errors.  See if it's seeing the issues.  If not, progressively move out to other offices/locations until you replicate the issue and then see what has changed.  Something there should hopefully point to the cause of the error.
              - We did this also, using my laptop I connected from various locations and even when using the same network connection as the end user had no problems, we did note the successful connection attempts used a slightly different network route/DNS/WINS however again got nowhere with the third party supporting this aspect of the network.
  6.) Finally, you may want to consider creating external data warehouse servers so that your UCCX servers aren't serving up the HRC data.
              - Not an option for this customer, again this aspect of the service is a different third party on their own network and customer not willing to pay for additional servers for the telephony estate to provide this functionality when they only have a few CCX users.
  Regards
  June

• SPM integration with CUP 5.3

  All the issues regarding SPM integration with CUP is resolved, with the exception of one which is mentioned below:
  Any user can go and raise a request for the FF ID from CUP Super User Access workflow, and are created in the backend, but they do not get the access to FF ID when trying to Login.
  My query: is there any means to capture the user detail much in advance while the request is processed in the workflow and reject the request before it could be created and stored in backend.
  Ideally The user not having minimum privilege of u201C/VIRSA/Z_VFAT_FIREFIGHTERu201D should not Login with the FF ID, which is met here, but this is checked only after the user get the access to FF ID and try to LOG into FF ID using his Login detail.
  Please put some clarity on this.
  Thanks,
  Abhimanu Singh

  Hi Sabita,
  Thanks for the reply but this do not answer my question. Let me come in detail on this topic:
  SAP Backend:
  We have FF ID Owner, FF ID Controller, FF ID and Firefighters in the Backend.
  FF ID owner has the minimun role required for becoimng the owner is /VIRSA/Z_VFAT_ID_OWNER.
  FF ID Controller created with the minimum role /VIRSA/Z_VFAT_ID_OWNER for the monitoring purpose of all the reports.
  FF ID is defined with the defined task in the role being assigned to it.
  Firefighter is created with the minimum role /VIRSA/Z_VFAT_FIREFIGHTER to get the access to FF ID for the limited period as defined by the FF ID Owner.
  For example:
  FF ID Owner: User ID is FFO
  FF ID Controller: User ID is FFC
  FF ID: User ID is FID
  Firefighter: User ID is FFS
  Now the Question is from
  SAP Frontend Java stack
  I can see that the users(other than FFS) who are not defined as firefighter in the backend can still go and put a request for the FF ID access and gets provisioned.
  When you go and check in the backend with the firefighter Owner ID/FF Administrator ID you can see the requested user listed there with the limited time period in the firefighter list.
  Now comes the real picture: when this user(other than FFS) tries to login using his user ID he will not get the FF ID Login link on the page which is ideally correct. This is because any user not defined as firefighter in the backend with the minimum role /VIRSA/Z_VFAT_FIREFIGHTER should not get the access to FF ID.
  My question comes here:
  Is there any option in the frontend which could inform the user (other than FFS) much in advance and stop him requesting for the FF ID which has no meaning since it is finally not going to get the access in the backend to the FF ID.
  Please get back to me if you require some more information.
  Thanks,
  Abhimanu Singh

• Primavera login error with Integration API (Ver. 8.3)

  Dear all
  Currently, I found one issue while using [Session.login] method on Primavera Integration API (Ver8.3).
  [Codes]:
     DatabaseInstance[] dbinstance = Session.getDatabaseInstances(RMIURL.getRmiUrl(RMIURL.LOCAL_SERVICE));
     session = Session.login(RMIURL.getRmiUrl(RMIURL.LOCAL_SERVICE),
                                            dbinstance[0].getDatabaseId(),
                                            "UserId",
                                            "Password");
  [Error Messages]:
  com.primavera.integration.client.ClientException: Fatal error: null
    at com.primavera.integration.client.Session.a(Session.java:387)
    at com.primavera.integration.client.Session.login(Session.java:347)
    at ite.test.main(test.java:29)
  Caused by: java.lang.NullPointerException
    at com.primavera.bo.datacaches.ServerUserPrivsCache.getServerUserPrivsCache(ServerUserPrivsCache.java:749)
    at com.primavera.bo.common.b.a(LoginHelper.java:360)
    at com.primavera.bo.common.b.a(LoginHelper.java:168)
    at com.primavera.bo.remotable.SessionLifetime.login(SessionLifetime.java:57)
    at com.primavera.bo.remotable.qproxy.SessionLifetime.login(SessionLifetime.java:76)
    at com.primavera.bo.DBSessionLifetime.login(DBSessionLifetime.java:28)
    at com.primavera.integration.server.ServerFacadeBase.login(ServerFacadeBase.java:434)
    at com.primavera.integration.server.ServerFacade.login(ServerFacade.java:11)
    at com.primavera.integration.client.LocalSession.login(LocalSession.java:94)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at com.primavera.integration.client.Session.a(Session.java:359)
    ... 2 more
  Does anyone kind to help me to solve this?

  rp0428 wrote:
  Since that is a 3rd party API throwing the exception you will need to post in a forum for that API.
  I'm locking this thread now.

• After creating a contained database, getting a login failure error while trying to connect to it.

  After creating a contained database and a user with passowrd under the same database, I tried connecting to the contained database. I entered the server name, login credentials and went to the connection properties tab to select the contained database using
  <browse server> option under "connect to database". Here I get the login failure error.
  TITLE: Browse Server for Database
  Failed to connect to server <servername>\<login>. (Microsoft.SqlServer.ConnectionInfo)
  But when I manually enter the Database name instead of selecting from the <browse server> option the connection gets through.
  Is this a Bug ? Has anyone else faced this error?

  Hello,
  Is this a Bug ? Has anyone else faced this error?
  It's not a bug, it's working as intended. Contained users don't have instance level permissions and cannot "login" to the instance (which is what the "browse" button is attempting). In order for it to work, the database name must be in the connection string
  (which with the browse button, it will not be).
  Welcome to contained users, they aren't for everyone.
  Sean Gallardy | Blog | Microsoft Certified Master

• Understanding ERM and CUP integration in AC 10.0

  Iu2019m reaching out in hopes to get a better understanding of how AC 10.0 is meant to handle the ERM and CUP integration (Iu2019m still stuck on the old names :).  Any feedback would be greatly appreciated.
  Currently, we have a requirement to setup the GRC Production box so it can provision user access in the Production ECC but create security roles in Development ECC.  This is typically what we see since most clients want to follow their manual transport process to get the security roles from Dev --> QA --> Prod.
  Something I noticed in CUP is when a user adds a role to the request form u2013 the role is associated to a system (i.e. Production ECC or Development ECC).  If we create a role using ERM and it only gets generated in Development ECC u2013 will we be able to select this role in CUP for user assignment in Production ECC? (assuming itu2019s been transported outside of GRC)
  Note: At this point the new role will only be associated to Development ECC from a GRC perspective?  So if we assign it in CUP u2013 it will only be associated to Development ECC...?
  Do we have to manually perform another u201Crole import / syncu201D from the Production ECC to sync the roles so theyu2019re available in CUP?
  This is based on the understanding that CUP looks for available roles for assignment from ERM rather than the Production ECC.  Is that correct?  Can we have CUP look in the backend rather than ERM?
  My question is around the manual u201Crole import / syncu201D that needs to get performed for CUP.  Is this really mandatory based on the requirements?  It would mean I need to perform a u201Crole import / syncu201D every time a new role is created/deleted/changedu2026  Maybe Iu2019m missing something with the new 10.0 integration / functionality?  Are other companies doing something different?
  Please let me know what you think.  Your insight is greatly appreciated!

  Frank,
  Thanks for clarifying.
  Can you clarify what you mean when you say "you just need to tell CUP that the roles are available in PRD"? What does this mean?
  This goes back to the original question - do we need to perform another import of the roles from ECC PRD to ERM? My understanding is that the ERM role repository is looking at my original import of roles and then each role I create using ERM after that. How will it know which roles are in PRD if I don't do a routine synch?
  Also, you mentioned "each role has attributes that define in which systems it should be available for requests", where does this get defined? I believe you are referring to the "Role Status" which is set to Development, Production or Testing. I only see the ability to set this during the Role Import, but what about roles which have been created using ERM. I don't see it in the Role details screen - where is the setting?

• SQL Server 2012 syspolicy_purge_history job causes cross-instance login failures w. EraseSystemHealthPhantomRecords

  I have unique service accounts set up for multiple instances on the same SQL Server 2012.
  When step 3 of the inbuilt syspolicy_purge_history job(Erase Phantom System Health Records) runs, it appears to attempt to run against every instance on the server despite being passed the instance path!
  The SQLServer's powershell script call:
  if ('$(ESCAPE_SQUOTE(INST))' -eq 'MSSQLSERVER') {$a = '\DEFAULT'} ELSE {$a = ''};
  (Get-Item SQLSERVER:\SQLPolicy\$(ESCAPE_NONE(SRVR))$a).EraseSystemHealthPhantomRecords()
  so with instances SERVER\X this runs as...
  (Get-Item SQLSERVER:\SQLPolicy\SERVER\X).EraseSystemHealthPhantomRecords()
  SERVER\X's job will run and I will see login failures in the error logs of SERVER\Y and SERVER\Z for the service account set up for instance X.
  It seems Microsoft's only 'accepted solution' to this problem is for me to compromise my security by escalating the access of these service accounts?
  Has anyone else run into and corrected this failure?

  Hi Atombath,
  When you install multiple instances on one Server, and  the SQL Server’s powershell scripts are the same in inbuilt syspolicy_purge_history job steps. However, when you start PowerShell by right clicking
   syspolicy_purge_history job, you will find it will point to their own instance. I do a test in my SQL Server 2012,
   it will not across instance to collect the error logs. So I recommend you use its original powershell scripts for the syspolicy_purge_history job.
  Sometimes, if you run the syspolicy_purge_history job on a clustered instance, the syspolicy_purge_history SQL Server Agent job may fail due to using the computer node name instead of the virtual server name. For more information, see:
  http://support.microsoft.com/kb/955726/en-us
  In addition, you can use different service account for your multiple SQL Server instances on the same Server. And make sure the accounts that you created get added to the sysadmin fixed server role, the accounts are also set in the three Agent roles (SqlAgentUserRole,
  SqlAgentReaderRole, and SqlAgentOperatorRole).
  Regards,
  Sofiya Li
  Sofiya Li
  TechNet Community Support

• Rep-0076 Internal failure in Product Integration

  Hi
  I am getting an error rep-0076 "Internal failure in Product
  Integration" when I am running a report in Web.
  I call report using
  run_product(REPORTS, /* product name */
  'simp_comp.rdf', /* Reports document */
  SYNCHRONOUS, /* communication mode */
  RUNTIME, /* execution mode */
  FILESYSTEM, /* location of the Reports
  document */
  plid /* handle to the parameter
  list */
  Sometimes rep-0076 comes. Sometimes it does not. Would you
  suggest what is the best way to get rid of this error? Is this
  the problem with memory?.
  Thanks.

  Have a read through the paper Oracle9iAS Forms Services 6i and Reports Integration.
  This white paper explores various ways to implement calls to Oracle Reports from Forms running on the Web. This paper is on OTN under "products" link, then "Forms" link under Oracle 9i Application server related features & Products, then "Internet Deployment" link and you will find this paper.
  Hope this helps,
  Candace Stover
  Form Product Management

• SP15 in Java engine failed, "Login Failure: all modules ignored"

  Hi
  During the installation of sp15 (with JSPM) failed, the sdm log shows:
  ERROR: Cannot connect to Host: [hostname] with user name: [J2EE_ADMIN]
  My instance was down so I started but now there is an error, when I try to log on to User management it give me the error: "Login Failure: all modules ignored".
  I checked the logs for the server and found the following:
  #1.5^H#0000000000000067000000250000596D00045A79FA4B224F#1225379843613#com.sap.engine.services.security.resource.ResourceHandl
  eImpl#sap.com/com.sap.security.core.admin#com.sap.engine.services.security.resource.ResourceHandleImpl#J2EE_GUEST#0##n/a##da7
  065c0a69511ddb438000000000000#SAPEngine_Application_Thread[impl:3]_15##0#0#Error#1#/System/Security/Audit/J2EE#Java###ACCESS.
  ERROR: Authorization check for caller assignment to J2EE resource [ : : : ].#4#SAP-J2EE-Engine#session-pool#ge
  t_session_pool#ALL#
  #1.5^H#0000000000000067000000260000596D00045A79FA4B32AC#1225379843613#com.sap.engine.services.security.authentication.loginco
  ntext#sap.com/com.sap.security.core.admin#com.sap.engine.services.security.authentication.logincontext#J2EE_GUEST#0##n/a##da7
  065c0a69511ddb438000000000000#SAPEngine_Application_Thread[impl:3]_15##0#0#Error##Java###Caller not authorized.
  [EXCEPTION]
  #1#com.sap.engine.services.security.exceptions.BaseSecurityException: Caller not authorized.
          at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:627)
          at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:513)
          at com.sap.engine.services.security.resource.ResourceContextImpl.checkPermission(ResourceContextImpl.java:45)
          at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:119)
          at com.sap.engine.services.security.server.AuthenticationContextImpl.getSessionPool(AuthenticationContextImpl.java:39
  5)
          at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginContextFactory(AuthenticationContextImpl
  .java:740)
          at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginContext(AuthenticationContextImpl.java:2
  54)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:324)
          at com.sap.engine.system.SystemLoginModule.initialize(SystemLoginModule.java:72)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:324)
          at javax.security.auth.login.LoginContext.invoke(LoginContext.java:662)
          at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
          at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
          at java.security.AccessController.doPrivileged(Native Method)
          at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
          at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
          at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:146)
          at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.forceLoggedInUser(SAPJ2EEAuthenticator.java:231)
          at com.sap.security.core.admin.ServletAccessToLogic.getActiveUser(ServletAccessToLogic.java:141)
          at com.sap.security.core.admin.UserAdminLogic.executeRequest(UserAdminLogic.java:438)
          at com.sap.security.core.admin.UserAdminServlet.doPost(UserAdminServlet.java:26)
          at com.sap.security.core.admin.UserAdminServlet.doGet(UserAdminServlet.java:19)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
          at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
          at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
          at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
          at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
          at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessio
  nMessageListener.java:33)
          at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
          at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
          at java.security.AccessController.doPrivileged(Native Method)
          at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
          at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  I found the SAP Note 971249 but Iu2019m not sure it applies and even I can log on into Visual administrator.
  Log for the Visual Administrator
  <!LOGHEADER[START]/>
  <!HELP[Manual modification of the header may cause parsing problem!]/>
  <!LOGGINGVERSION[1.5.3.7185 - 630]/>
  <!NAME[/usr/sap/SID/DVEBMGS00/j2ee/admin/log/./traces/visual_administration.trc]/>
  <!PATTERN[visual_administration.trc]/>
  <!FORMATTER[com.sap.tc.logging.ListFormatter]/>
  <!ENCODING[UTF8]/>
  <!FILESET[0, 5, 10000000]/>
  <!PREVIOUSFILE[visual_administration.4.trc]/>
  <!NEXTFILE[visual_administration.1.trc]/>
  <!LOGHEADER[END]/>
  #1.5^H#C000AC11873E00000000000100CEC78D00045A541BE7A040#1225217198758#com.sap.engine.services.adminadapter.gui.tasks.LoginTas
  k##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-1,5,main]##0#0#Error#1#/System/Server/VisualA
  dministrationTool#Java###Error while trying to login to host: null
  [EXCEPTION]
  #1#java.lang.NullPointerException
          at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImpl.login(RemoteLoginContextHelperImpl.
  java:72)
          at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImplp4_Skel.dispatch(RemoteLoginContextH
  elperImplp4_Skel.java:64)
          at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:319)
          at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:200)
          at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:136)
          at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessio
  nMessageListener.java:33)
          at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
          at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
          at java.security.AccessController.doPrivileged(Native Method)
          at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
          at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  Thank you very much for your help.
  Best Regards

  hi
  we had the same issue some time back when we upgraded to SP15, we opened a OSS message and SAP had to come and fix the issue.
  It was some inconsistencies in -Config DB settings and they made quite a few changes in security/configurations/ticket(config tool)
  also
  one Java parameter was wrong(config tool - server config) :
  -Djava.security.policy=/java.policy  it should be -
  > Djava.security.policy=./java.policy (The DOT was missing)
  thank you
  Jonu Joy

• OS X server (10.10.1) Imap Internal login failure

  I have a problem with my main server on a OS X server 10.10.1 (Mac mini)
  Clients cannot log in to the IMAP side of an account on the server.
  So when using the mail client Connection Doctor the SMTP is successful and the IMAP portion not.
  This happens with both accounts Local as with the accounts in the Open Directory service
  The log of the Open Directory service indicates that ist was an successful login.
  The IMAP log shows.
  error Jan 17 18:44:04 imap-login: Info: Internal login failure (pid=93306 id=27) (internal failure, 1 successful auths): user=<test>, method=PLAIN, rip=10.0.0.101, lip=10.0.0.101, mpid=93310, TLS
  The user test is local users.
  The server was up-grade from Maverick to Yosemite a few months ago.
  It runs 10.10.1 and Server 4.0.3
  Any suggestion?
  Thanks and regards,
  Jacob

  The reason that I wanted to use WGM was because it allows you to configure a maximum backup volume size per machine. If you just configure through TM, a single machine could fill the entire volume with backups.
  I know that there's a way to use hdiutil to max the sparsebundle size that is created when you don't use WGM, but lets face it folks - if the option is there, then apple should support it!

• Workflow Agent login failure

  Hi Everybody,
  I m following KFI process for Invoice Processing.The document image is successfully loaded into UCM and display in IPM search criteria.But the thing is that when ever i m watching Documentrouting in EM ,there is no instance created .
  IPM logs:Workflow Agent login failure
  Please guide me how to solve this one.
  With Regards
  Jyoti

  Hi Everybody,
  Actually imaging.ear was missing.It has solved with the patch installation for soa suite 11.1.1.3 in linux machine.
  Thnx for co-operation.
  With Regards
  Jyoti