Creation of Communication users in CUP

Similar Messages

• Creating Communication users in CUP (II)

  Hi again,
  Following the previous post Creation of Communication users in CUP I would like to post a further question:
  When requesting provisioning for a user in a target SAP System and having LDAP set as user data source, user ID is search by using the "magnifying glass".
  Question 1) What  if we are creating a user ID for a communication user that does not exist in LDAP?
  Thanks in advance. Best regards,
    Imanol

  Frank,
  You never loose
  Clear first option. What about the second one? What do you mean by  sending the request through the web service? Could you provide me more details about that?
  Many thanks in advance. Regards,
     Imanol
  By the way, sorry for beaten Germany in Semifinals Spain is crazy these days.after winning the first football world cup.

• Error: Creation of a new user in CUP

  Dear all,
  During the creation of a new user in CUP, is generated the following error message:
  Error in the provisioning request. The error occurred in the system(s). Details of error: USER CREATE-Length password is not enough (minimum length: 8 characters).
  Thanks all for any suggestions!
  Liliana!

  Hi,
  Thanks for your answers!
  My version is SAP GRC AC 5.3 and Support Package: 16.
  This is the complete error when I try to create a new user in CUP:
  iniu2011-07-04 07:59:19,520 [SAPEngine_Application_Thread[impl:3]_8] ERROR com.virsa.ae.service.ServiceException: Longitud clave acceso insuficiente (     )
  com.virsa.ae.service.ServiceException: Longitud clave acceso insuficiente (longitud mínima: 8 caracteres)
       at com.virsa.ae.service.sap.SAPProvisionDAO.createUser(SAPProvisionDAO.java:324)
       at com.virsa.ae.service.sap.ProvisionSAPUserDAO.createUserInNonCUA(ProvisionSAPUserDAO.java:1784)
       at com.virsa.ae.service.sap.ProvisionSAPUserDAO.createUser(ProvisionSAPUserDAO.java:352)
       at com.virsa.ae.service.sap.ProvisionSAPUserDAO.provisionUser(ProvisionSAPUserDAO.java:120)
       at com.virsa.ae.accessrequests.bo.ProvisioningBO.autoProvision(ProvisioningBO.java:219)
       at com.virsa.ae.accessrequests.bo.RequestBO.autoProvisioningForApprove(RequestBO.java:6164)
       at com.virsa.ae.accessrequests.bo.RequestBO.callAEExitService(RequestBO.java:7263)
       at com.virsa.ae.accessrequests.bo.RequestBO.callExitService(RequestBO.java:7037)
       at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6889)
       at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:6682)
       at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:1022)
       at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:106)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:219)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  Thanks all for any suggestions!
  Liliana!

• When I try to sign in to the support community using one of my email addresses it asks for my apple support community user name and when I type in what I think it might be I get one of several messeges Ie. An account using this e-mail address already exis

  When I try to sign in to the support community using one of my e-mail addresses and I put in nothing or what I thought was my apple support community user name I can get one of several messages
  Ie.1. Please specify a user name
  2.An account using this e-mail address already exists; only one account per e-mail address is allowed on Apple Support Communities
  How do I find out what my Apple Support Communities user name is

  Good luck with this!!!
  EVEN USING what WAS my Username, this is the exact problem I am having having entered my correct ID and Password.
  Rgds
  Rod

• Replicate in the Master controller and creation of new user with cisco prime infrastructure 2.1.

  Hello!!
  We have multiple controllers Cisco WLC 5508 (all running software version 7.6.120.0) distributed in various buildings and a controller in other control building (also Cisco WLC 7.6.120.0 5508) operating as Master and backup of the buildings's controllers . 
  Each building is radiated such an SSID that is used as a validation of the user connected to that SSID web portal each controller (in the WLAN, Security -> Layer 3 -> Web Policy), using the local database to validate the user. 
  The problem is that the local database of users is not being replicated between controllers buildings and the Master controller, so if you drop the controller of a building, the Master controller begins to provide service to the buildings access points, but the equivalent radiated SSID cannot able to validate users. 
  I need know if it's possible through Cisco Prime Infrastruture 2.1, first replicate in the Master controller on the basis of existing controllers buildings each local data and, second, that the creation of new users are automatically perform both the controllers like to the Master .
  Thanks.

  As noted earlier, it is not advisable to use the root user to log in for normal use. New users and groups can be created by navigating to Administration > Users, Roles & AAA as shown in the preceding figures. It would help to chalk out what are the various levels at which you want to distribute the users, and to create those roles first. It doesn’t really matter whether you create users or groups first. New users can be easily added by going to Administration > Users, Roles & AAA > Users > Add Users > Select “Add Users” from the drop-down on the right side. Once you get into the add user workflow, fill in the username, password, and local authorization for this user as shown in the figure below.
  A virtual domain can also be assigned to the users when you define their roles by selecting the virtual domain on the left side and moving it to the right side as shown in the image below (left).

• Autorization of Sales District and Price List Creation to the User

  Dear Experts,
  At Present the end user (customer) is sending the request of New Sales District and Price List Creation to SAP SD Consultant and the consultant creates the same in Development Client SPRO through T code OVR0 etc. and then transports the same to Quality and Production Server. This Process takes a lot of time
  We want to provide the direct access of Sales district and Price List creation to the user in PRD.
  Kindly Let me know what is the best way in which we can handle this situation.
  Regards,
  Ranjan Singh

  Are you sure you want to do that? You will create inconsistencies between the systems which will jepardise future tests. I suggest you just train end-user to do the procedure him/her self. I don't think it costs so much time to transport a couple of requests.

• Initial password expires:Communication Users

  Hi All,
  I have created one user for early watch alert generation purpose user password expires every 15 days :
  Defined profile parameter is:login/password_max_idle_initial:14
  As per my understanding communication user password never expires.
  Kindly please suggest me
  Thanks in Advance
  Regards
  Nekkalapu

  Hi Siva,
  Thanks for you response.
  But it will effect to all the users right,sap also is not recomending to put 0 value this parameter.
  Is their any other way to resolev this issue.
  I am using communication users for generating earlywatch laerts.
  Advance thanks
  Regards
  Nekkalapu

• Query SAP BW via BO universe - Dialog user / Communication user

  Hi,
  Context: XI 3.1 Web Intelligence on top of SAP BW.
  Can a communication user be used in the universe connection? or does it need to be a dialog user?
  Possibly the following post already gives the answer:
  Change BEX query to run in background process instead of dialog?
  Terminology used there is slightly different, we just want to be sure.
  Thanks!
  Raf

  Hi,
  I just tried it with User Type = Communications data and with User Type = System. Both of them worked fine and I was able to display the queries/infocubes from BW.
  Hth.,
  Jacob

• Use of communication user in RFC of HCM process types

  Dear All,
  I have created an HCM-PA package, and when used a communication user in the RFC it gives me the error that no data exists for your user in the Transfer selection criteria activity (This is not an issue with defining target areas I have confirmed)
  I then used my ID ( a dialog user) and it works well. However, now I want other users (about 10) to be able to run their respective packages. Does that mean I have to add each of these 10 users to the RFC? How can I resolve this without having to use their ID in the RFC maintenance?
  Thanks
  Harmeet

  Hi Harmeet,
  the easiest thing to do is to define a CPIC user in your receiver system destination and then to use the customising activity "Set technical switches". Here you can set a switch called SND_LOGON to the value 'X'.  When you do this, the person who calls the transfer program with the activity "Transfer Selection Criteria" must explicitly log on using their own sender system user.
  This method means that the user must have the correct HCM authorisations and prevents that a dialogue user is defined in the RFC definition (which, of course, anybody could use).
  Hope this helps.
  Gerard.

• WebService Call Fails for Communication Users

  Hi
  I am calling a BAPI through web service in VB.NET windows application.
  The application works fine with Dialog users but when I use Communication User then it thows this message.
  The Request Failed with HTTP Status 401: Unauthorized
  Where as if i call the same BAPI through RFC with for this Communication User it is successful.
  What can be the reason ?
  Regards
  Rajendra

  The Web Service uses the HTTP protocol, whereas the BAPI is using RFC protocol.
  The reason for the "unauthorized" error in HTTP is that you need to embed the user / password combination into the web service URL (assuming you have set the Web Service authentication method to user / password).
  Regards,
  D.

• Is Communication user recommended to access Webdynpro ABAP?

  Hi,
  I don´t know if somebody knows if we can recomend the client to use a communication user type for accesing Webdynpros for ABAP, can this cause some licence problems? or communication users can be used by final users without a problem?
  Hope somebody can help!
  Thanx in advanced!
  kind regards,
  Gerardo J

  Hi Gerardo,
  main difference between dialog and communication user is the access via SAPgui. The license still depends on the role of the user not the user type.
  Property \ User Type            Dialog  Communication   System  Service
  Dialog logon (SAP GUI)          X       -               -       X
  Multiple logons                 -       X               X       X
  RFC logon                       X       X               X       X
  Background job execution        X       -               X       X
  Password change                 X       X               -       -
  Logon ticket can be generated   X       X               -       -
  Probably you mean "named user" and "anonymous user". For this Q you always have to ask your SAP sales person (because it depends...)
  Hope this helps a little bit.
  Best regards, Uwe

• JCO authentication through communication user password expiry problem

  Hi,
  We are using communication user for accessing our metadata. As per help.sap.com the authorizations for this user must be set in the backend so that this user can access all DDIC function modules.I have doubts as follows
  1. What are the Roles in R/3 we need to assign to the user to access DDIC function modules.
  2.As per our company IT policy, The default settings in R/3 for change of initial password is 3 days. After 3 days the password gets expired? Which user are we supposed to use for jco Communication user, system user, or service user? plz clarify.
  Regards,
  Sreeram

  Hi Sreeram,
  For the JCo user for defining the metadata can be a service user. with jsf communication authorization.
  hope this helps
  -Madhu

• Communication User Is Enough In RFC Destination Userid-Parameter

  Hi Guys,
     I Have The Rquirement Like,i have to call the remote function module which is in quality server from the development system,so for that i have created rfc destination in development system in the logon&security,i have given the userid,which was created by the basis team,this user is a communication user,not a dialog user,with this communication user, iam unable to connect to the system through program
           call function fm1 destination des.
  i would like to know whther we can conncet to the system through the communication user,or dialog user is must.please give ur valuble suggestion on this query..
                           thanks in advance...
  thanks&regards
     srinivasulu.j

  Hi Ranganath,
      Thanks For u r valuble suggestion,with the communication user given in rfc destination ,the connection is not establishing,when i click on test connection button in sm59,it is not showing any error,but when iam trying to execute form the program by calling the remote function module by giving the rfc destination,i checked in debugging,it is not connecting to the other sytem,pls provide some solution for this..
  thanks&regards
    srinivasulu.j

• Communications user password expires

  Hi,
  The password of our  communications user (ZCONTRANS) always expires/deactivated.
  How can I set tha password of this particular user not to expire? 
  We could not chage the login/password_expiration_time parameter because we need dialog users password to expire every 90 days (for audit requirement).
  thanks,
  kbas

  HI,
  use the usertype 'SYSTEM' instead of usertype 'Communication'. Passwords of 'System'-users do not
  expire. (the usertype can be set in SU01->tab 'logondata')
  b.rgds, Bernhard

• Communication User Locked..

  Hi All,
  Can you plz provide the information for this problem.
  How does a communication user gets locked & what could be the root cause for that problem?
  Thanks & Regards
  Srinivas K

  Hi Srinivas,
  Reasons for this:
  1) Somebody has changed the password of the communication id
  2) An RFC defined to refer that client has an incorrect password in SM59 for that Comm. id.
  >
  Srinivas K wrote:
  > a) If the password for the communication user has been expired, then do we need to reset it by using SU01?
  >
  Passwords for Communication users do not expire. Yes, SU01 is the way by which you change passwords, even for communication users. As mentioned earlier, its a bad idea changing the password of a Comm. user, as all other RFC's referencing to that client will have to be updated with the correct credentials.
  > b)"Communication users details not changed in all RFC communication configuration"---> I couldnt understand this, so could u plz provide some more information regarding this.
  >
  > Can we get information in ST05, with related to this problem?
  Debug the issue more. Look at the change documents of the Comm. user. See if anyone has changed the password. If not, then there might be a possiblity that some RFC referencing to that client has the incorrect details. ST05 is not what you are looking for. Look at SM20N (AIS) for the details.
  Do not change Comm. users to Service type! Comm. users normally have broad authorization, making it a service id is a heavy risk as SAP GUI access will be opened up!
  You might want to post/move this to the security forum
  Thank you
  Abhishek