Enforcing LDAP Policy for Portal....

Similar Messages

• Multiple LDAP Sources for Portal

  Per the HELP docs and other forum suggestions, I uploaded a new XML file and called it multildap_datasource.xml
  After uploading, it does NOT appear in the drop-down list of files to pick? Am I missing something here?

  Hi,
  Check if you get any error message.
  also check in the configuration adapter to see if the file uploaded.

• Weblogic Portal 10.3 : Password Expiry Policy for DefaultAuthenticator

  Hi,
  I wan to create a Password Expiry Policy for Default Authenticator in Weblogic Portal can somebody explain me the steps.
  Password: Should be minimum 8 characters and One Capital letter and One Number minimum
  Password: Should be expired after 90 days
  Thanks in Advance,
  Viswanath K

  You cannot directly do this as far as I know.
  a. Either write your own custom authentication provider that implements these rules, or use an off the shelf LDAP that lets you specify these rules
  b. Implement this outside the authenticator (i.e. when the user specifies the password , validate these rules). When the user changes his password , record the date, when the user logs in , check the date for expiry etc,
  regards
  deepak

• Steps for portal and Microsoft LDAP server integration

  Hi,
  Could any one guide me steps for portal and Microsoft LDAP server integration. Need it urgently.
  Thanks in advance.
  Regards,
  Niraj

  Please don't cross post in multiple forums..

• OIM OES Integration to use LDAP groups for policy making

  Hi ,
  I am trying to make policy for the OIM application using OES. i want to use my LDAP groups as principals to control the access in OIM. How it can be achieved
  Thanks
  Edited by: user10660448 on May 21, 2013 1:35 AM

  Note that you can use the internal LDAP that comes with WebLogic, for your users and groups if you want.
  When you have multiple domains, you have a problem with this set-up as the internal LDAP is coupled to
  a specific domain. This means that users you created in one domain are not visible in the other. When using
  a separate LDAP that contains the users. You can configure in each domain an authenticator that points
  to the LDAP. In this way you can share to user accross multiple domains.
  When you are planning to use one domain you can stick with the internal LDAP if you want.
  An example set-up (that uses access manager not identity manager) can be found here: http://middlewaremagic.com/weblogic/?p=7819,
  which might help you in how to proceed.

• Role of LDAP server in portal

  HI
  Can any one tell me what is the role of LDAP server in portal
  Thanks
  shashank

  Hi Shashak,
  if you use the LDAP Server as UME User Store, the security policy from the LDAP server is enforced. This means that if the data source has defined its own security policy, there is no standard interface to pass on any error messages received from the data source to the UME user in the same level of detail and in the correct language. The user only receives a very generic error message. Therefore, you would need to adapt the Portal security policy accordingly. You can find some further information under http://help.sap.com/saphelp_nw04/helpdata/en/7f/c52442ad9f5133e10000000a155106/frameset.htm.
  More general information on LDAP integration you can find under http://help.sap.com/saphelp_nw04/helpdata/en/3b/68ff407765ed6fe10000000a1550b0/frameset.htm.
  Best regards,
  Joerg

• Could not deploy policy for resource: type= url , application=MySecurex,

  Hi
  My situation :
  I have 2 managed weblogic portal 10.3.0 managed servers in a cluster and 1 admin server. All are running as a service.
  Deployments of new versions of applications are submitted by an automated script.
  The steps in the script are :
  - stop the services of the managed servers
  - undeploy the previous version by using ant task
  <target name="undeploy_old" description="undeploy old application" depends="downloadFiles">
                 <java classname="weblogic.Deployer" output="./temp/${buildProject}_${deployEnv}/${buildVersion}/undeploy.txt" fork="yes">
                      <arg value="-adminurl" /> <arg value="${adminurl}" />
                      <arg value="-username" /> <arg value="${weblogic_user}" />
                      <arg value="-password" /> <arg value="${weblogic_pwd}" />
                      <arg value="-undeploy" />
                      <arg value="-name" />
                      <arg value="${buildProject}" />
                      <arg value="-verbose" />
                      <classpath refid="project.class.path"/>
                 </java>     - deploy the new version by using ant task
       <java classname="weblogic.Deployer"
                 output="./temp/${buildProject}_${deployEnv}/${buildVersion}/deploy.txt"
                 fork="yes"
                 maxmemory="512m"
                 inputstring="" >
           <arg value="-adminurl" /> <arg value="${adminurl}" />
           <arg value="-username" /> <arg value="${weblogic_user}" />
           <arg value="-password" /> <arg value="${weblogic_pwd}" />
           <arg value="-stage" />
           <arg value="-verbose" />
            <arg value="-upload" />
           <arg value="-deploy" />
           <arg value="-name" /> <arg value="${buildProject}" />
           <arg value="-source" /> <arg value="./temp/${buildProject}_${deployEnv}/${buildVersion}/${buildProject}.ear" />
           <arg value="-targets" /> <arg value="${deploytargetinstances}" />
            <classpath refid="project.class.path"/>
       </java>- start the services of the managed servers
  Problem:
  When the managed servers are restarting and the new version is going to prepared status, an error occurs for the new version of the application :
  ####<27-dec-2011 13.42 u. CET> <Info> <Deployer> <S40BEAPORTACC1> <s40beaportacc1p9106> <[STANDBY] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1324989758076> <BEA-149059> <Module MySecurexEarAdmin of application MySecurex is transitioning from STATE_NEW to STATE_PREPARED on server s40beaportacc1p9106.>
  ####<27-dec-2011 13.42 u. CET> <Error> <Security> <S40BEAPORTACC1> <s40beaportacc1p9106> <[STANDBY] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1324989758779> <BEA-090064> <The DeployableAuthorizer "myrealm_weblogic.security.providers.xacml.authorization.XACMLAuthorizationProviderImpl" returned an error: weblogic.security.spi.ResourceCreationException: [Security:090310]Failed to create resource.>
  ####<27-dec-2011 13.42 u. CET> <Error> <HTTP> <S40BEAPORTACC1> <s40beaportacc1p9106> <[STANDBY] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1324989758779> <BEA-101199> <Could not deploy policy for resource: type=<url>, application=MySecurex, contextPath=/MySecurexEarAdmin, uri=/campaigns/emails/*.
  weblogic.security.service.ResourceCreationException: weblogic.security.spi.ResourceCreationException: [Security:090310]Failed to create resource
       at com.bea.common.security.internal.service.PolicyDeploymentServiceImpl$DeploymentHandlerImpl.deployPolicy(PolicyDeploymentServiceImpl.java:173)
       at weblogic.security.service.WLSPolicyDeploymentServiceWrapper$DeploymentHandlerImpl.deployPolicy(Unknown Source)
       at weblogic.security.service.AuthorizationManager$HandlerAdaptor.deployPolicy(Unknown Source)
       at weblogic.security.service.AuthorizationManager.deployPolicy(Unknown Source)
       at weblogic.servlet.security.internal.ResourceConstraint.deploy(ResourceConstraint.java:108)
       at weblogic.servlet.security.internal.WebAppSecurityWLS.deployPolicies(WebAppSecurityWLS.java:253)
       at weblogic.servlet.security.internal.WebAppSecurity.registerSecurityConstraints(WebAppSecurity.java:140)
       at weblogic.servlet.internal.WebAppServletContext.prepareFromDescriptors(WebAppServletContext.java:1189)
       at weblogic.servlet.internal.WebAppServletContext.prepare(WebAppServletContext.java:1121)
       at weblogic.servlet.internal.HttpServer.doPostContextInit(HttpServer.java:449)
       at weblogic.servlet.internal.HttpServer.loadWebApp(HttpServer.java:424)
       at weblogic.servlet.internal.WebAppModule.registerWebApp(WebAppModule.java:910)
       at weblogic.servlet.internal.WebAppModule.prepare(WebAppModule.java:364)
       at weblogic.application.internal.flow.ScopedModuleDriver.prepare(ScopedModuleDriver.java:176)
       at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:93)
       at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:387)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
       at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:58)
       at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:42)
       at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:615)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
       at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
       at weblogic.application.internal.EarDeployment.prepare(EarDeployment.java:16)
       at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:155)
       at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
       at weblogic.deploy.internal.targetserver.AppDeployment.prepare(AppDeployment.java:141)
       at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
       at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:187)
       at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
       at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:233)
       at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
       at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
       at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:173)
       at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:89)
       at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
       at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:516)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  weblogic.security.spi.ResourceCreationException: [Security:090310]Failed to create resource
       at weblogic.security.providers.xacml.DeployableAuthorizationProviderV2Helper.deployPolicy(DeployableAuthorizationProviderV2Helper.java:119)
       at weblogic.security.providers.xacml.DeployableAuthorizationProviderV2Helper.deployPolicy(DeployableAuthorizationProviderV2Helper.java:162)
       at weblogic.security.providers.xacml.authorization.XACMLAuthorizationProviderImpl.deployPolicy(XACMLAuthorizationProviderImpl.java:281)
  weblogic.management.utils.CreateException:
       at com.bea.security.providers.xacml.entitlement.PolicyManager.setPolicy(PolicyManager.java:241)
       at com.bea.security.providers.xacml.entitlement.PolicyManager.setPolicy(PolicyManager.java:165)
       at weblogic.security.providers.xacml.DeployableAuthorizationProviderV2Helper.deployPolicy(DeployableAuthorizationProviderV2Helper.java:112)
  com.bea.security.xacml.PolicyStoreException: <openjpa-1.1.0-r422266:657916 fatal store error> kodo.jdo.FatalDataStoreException: The transaction has been rolled back.  See the nested exceptions for details on the errors that occurred.
       at com.bea.security.providers.xacml.store.BasePolicyStore.setPolicy(BasePolicyStore.java:684)
       at com.bea.security.providers.xacml.store.BasePolicyStore.setPolicy(BasePolicyStore.java:576)
       at com.bea.security.providers.xacml.entitlement.PolicyManager.setPolicy(PolicyManager.java:222)
       at com.bea.security.providers.xacml.entitlement.PolicyManager.setPolicy(PolicyManager.java:165)
  <openjpa-1.1.0-r422266:657916 nonfatal store error> kodo.jdo.ObjectNotFoundException: The instance "netscape.ldap.LDAPException: error result (32)" does not exist in the data store.
  FailedObject: netscape.ldap.LDAPException: error result (32)
       at com.bea.common.ldap.LDAPStoreManager.flush(LDAPStoreManager.java:370)
       at org.apache.openjpa.abstractstore.AbstractStoreManager.flush(AbstractStoreManager.java:277)
       at org.apache.openjpa.kernel.DelegatingStoreManager.flush(DelegatingStoreManager.java:130)
       at org.apache.openjpa.datacache.DataCacheStoreManager.flush(DataCacheStoreManager.java:554)
       at org.apache.openjpa.kernel.DelegatingStoreManager.flush(DelegatingStoreManager.java:130)
       at org.apache.openjpa.kernel.BrokerImpl.flush(BrokerImpl.java:2007)
  ....>
  My workaround:
  Delete the <domain>\servers\s40beaportacc1p9106\data\ldap directory on the managed servers and restart
  Does anyone knows what causes the error and how to solve it?
  The goal is to be able to deploy our application by automation.

  You must use not the original bean that you coded. You must use the bean generated by axis-wsdl2java.
  The bean generated by axis-wsdl2java is:
  - in the first beanMapping: MSPCSService.SMSMO
  - in the second beanMapping: MSPCSService.SMSMOResponse
  As you can see, the bean the axis-wsdl2java will generate is build with the namespace + "." + qname. If you use an domain like java.sun.com in namespace, then the package name you will use is inverted (in the sample, com.sun.java). Look at the code generated.
  You client must use this beans, not the original coded by you.
  This must work, worked for me :)

• Problem with LDAP in BEA Portal

  Problem with LDAP in BEA Portal
  I have a list of 50 user which should be cerated in portal staging(devlopment) machine and should be transfered to
  production machine using LDAP
  Steps which i followed to create Users
  1.Create User Profile with 2 parameters branch and Role
  2.I have list user in the Xls file with Username,password ,branch and Role
  3.Write a java File which will read the Xls File
  4.The users are created in the staging machine for the portal
  Steps which i followed in LDAP to tranfer the created User form Devlopment to Production
  1.Export the created user from Devlopment (which was moved as .DAT in my local directory)
  2.import the user from local direcory to production machine
  The Users are imported in the production machine with username and password but the role and branch values are empty
  We need a solution for importing the user with role and branch corresponding to each user.
  Thanks in Adv
  Suresh

  In Portal 8.1, user name and password in stored in LDAP where as user profile values are stored in database. That is the reason you are not able to see the user profile values.
  Check once again whether you can see these values through admin tool. In case,it is not(after confirmation again),you might have to use APIs to do this for you incase you dont want to manage through Admin Tool.
  Thanks,
  Prashanth Bhat.

• Microsoft Intune was unable to set the desired mobile device policy for one or more users due to the following error: A2CE0100

  Hi!
  We have fatal or critical error message on Microsoft Intune Portal but all agents are working just fine. Before opening support ticket we would like to hear comments from the experts on this forum. We would also like to fix this error before starting to
  manage mobile devices with Intune.
  Error message on Intune Portal:
  "Microsoft Intune was unable to set the desired mobile device policy for one or more users due to the following error: A2CE0100"
  Repeated: 19 times.
  Class: (System) Policy
  Random Fatal error message on C:\Program Files\Microsoft\OnlineManagement\Logs\PolicyAgent.log found from one Windows 8.1 client:
  2015-02-21 08:49:20:704 2852 1ab0 FATAL: DocumentProvider::IndicateToConsumer/pp->ProcessPolicies(NULL, NULL, NULL, NULL) failed with error 0x800704d5.
  That said, we are not facing any specific problem but we would like to find symptom of this repeating error message on Intune Portal . We would appreciate to get any thoughts about this case.
  Br.
  Jukka

  Hi Jukka,
  Mobile policy doesn't apply to clients using the Full Client download.  Please open a support case so the team can assist in further troubleshooting.
  Thanks,
  Jon L. - MSFT - This posting is provided "AS IS" with no warranties and confers no rights.

• Abap+java stack for Portal 7.0 and MI - User Data Source

  The SAP pre-requisites for Portal and MI (Mobile Infrastructure) 7.0 is an ABAP and Java Stack. If you install an AS ABAP + Java, the UME is automatically set up to use the ABAP user management of the same AS installation. What does this mean? The user store will be created in ABAP, for both the Portal and MI.
  The impact of this is portal users management is in ABAP. This configuration by design cannot be connected to LDAP Active directory for user authentication.
  Please let me know , if some body had already face similar issue and come up with the solution.  Thanks in advance.

  Hi Surya ,
  When you install portal or any NW component with ABAP stack , ABAP stack hold precidence over the JAVA Stack , refer to this link to have more idea on this .
  http://help.sap.com/saphelp_nw2004s/helpdata/en/2b/306bb5bc98f24f8a85d489449af456/frameset.htm--
  http://help.sap.com/saphelp_nw04s/helpdata/en/12/7678123c96814bada2c8632d825443/frameset.htm
  Thanx
  Pankaj

• How to connect LDAP to Enterprise Portal

  Hi Guru,
              I need complete steps to connect LDAP into enterprise portal as LDAP is microsoft AD existing one.            
          I am confuse about the user mapping and authenticatation, compareing and Single sign one.  Does we are calling Log on ticket to the first screen of enterprise portal where we enter user ID and password or ?.
               One situation is that one SAP Enterprise portal acts as comparing user id against AD(LDAP) and issue logon ticket. Other system who is accepting the logon ticket is also SAP Netweaver and has its own portal. It has it own login module.
            My first question is " How to establish connection to AD in to on SAP Enterprise Portal
  Second is  " How to establish connection to that SAP enterprise portal to SAP Netweaver own portal".
  Third is " If we are trying to access to SAP Netweaver application through SAP Enterprise portal , how we can able to access, do we need to accesss through ivew of SAP Enterprise portal only or can we access the SAP Netweaver application as soon as we enter userid/passwd on first screen of Enterprise portal directly to SAP Netweaver application, without user the ivew of Enterprise portal
          If you guys understood this situation let me as soon as possible, cuz my boss is on my head. of send me your contack info to my email: [email protected]
  Thanks
  Happy

  Hi Ben,
            Here is my situation is little bit different, we have application server which is SAP Netweaver and HR application is running on this server. we are trying to login into this system through its portal and it has attached with LDAP Microsoft AD.
           We set all LDAP setting and this application having its own login module and it added and I hav seen in Security policy of Visual administrator.
            Now tell me how to configure or adjust login modules with its own login module. How to set login modules stacks such that user ID is match with AD and issue login ticket or can login.
             We tested using user ID which contains in AD as well as Application server's database. we it is not able to login.
             If you see this message please send me your contact info to this email I will explain you more on my situation. Please it is so urgent that my boss is on my head
  thanks
  happyman
  [email protected]

• Iplanet LDAP Configuration in Portal

  Hi All,
  I was trying to configure my UME with LDAP - iplanet. (Sun one Directory Server) in SAP Netweaver CE. I downloaded the xml file using config tool.
  1. dataSourceConfiguration_iplanet_readonly_db
  2. dataSourceConfiguration_iplanet_not_readonly_db
  3. dataSourceConfiguration_iplanet_deep_readonly_db
  while one should i use? How do i know whether iplanet uses a deep or Flat Hierarchy?  When i try to use the
  dataSourceConfiguration_iplanet_not_readonly_db. on click of save changes, it gives me some "Technical error". But Validate connection in LDAP Server Properties is working fine.
  "Test Connection successful".
  But server not starting after restart.   How else do i change the UME Configurationfrom Database to LDAP? What is the xml file to use? Is there some other configurations to be done?
  Thanks,
  Divya
  Edited by: Divya V on Nov 19, 2010 10:23 AM

  Hi Divya,
  Try to contact the systems team who is responsible for maintaining the LDAP in your company. Then call tell you if you use deep or flat hierarchy.
  The you need to decide if you want to connect to LDAP only for read only purposes or if you want to update any thing on the LDAP from the portal and have write access.
  1. dataSourceConfiguration_iplanet_readonly_db - FOR READ ONLY ACCESS TO LDAP WITH FLAT HIERARCHY
  2. dataSourceConfiguration_iplanet_not_readonly_db - FOR WRITEABLE ACCESS TO LDAP
  3. dataSourceConfiguration_iplanet_deep_readonly_db - FOR READ ONLY ACCESS TO LDAP WITH DEEP HIERARCHY
  You are getting the error when using dataSourceConfiguration_iplanet_not_readonly_db.xmL most likely because the system user that is used to connect to your LDAP might not have write access on the LDAP.
  Also, please note that some LDAPs will require an SSL connection between portal and LDAP for writing any thing to the LDAP.
  In that case, you will have to setup SSL between EP and LDAP.
  Read the documentation for further help:
  http://help.sap.com/saphelp_nw70ehp1/helpdata/en/48/d1d13f7fb44c21e10000000a1550b0/frameset.htm
  Hope that helps !!
  Thanks,
  Shanti Mupkala

• CUA as data source for portal UME

  Hi all
  We want to use the CUA system as the data source for our EP6's UME.
  Obviously our end users do not login to the CUA system and therefore have no password to this system. It doesn't seem rational to provide them a password to this system, but then again which password will they use?
  I'm guessing that this is the case for most of the SAP customers.
  Does this mean that we can't use the CUA as the UME data source?
  If any of you use the CUA as the UME, we'd be very glad to hear your solution to this situation (we can't use one of the child systems as the UME).
  Thanks,
  Yeti

  Hi Yeti,
  My remarks below will not answer your question but it will help you with some decision on your UME data source.
  As far as I know, most Portal use LDAP as their main UME datasource. This is largely due to the fact that LDAP contains ALL the users that are "employee" of the company. As for CUA, it does not contain ALL your users which could pose a problem for you when you want to execute certain Portal functions (or management approval flows) which require users who does not exist in your CUA (but exist in LDAP).
  3 presentations which I think its good to have a look and share with....
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d5f57332-0a01-0010-12ab-dd472e87b8e6
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/c477de90-0201-0010-35ab-ddac4448ba9f
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/706065c4-3564-2a10-2382-a52fcbd7eefb
  But there are also setup that uses CUA as their UME. I have linked some of the past threads who use CUA as their UME. I hope they can shine some light to your question. You can do a search here in the forum with "CUA UME portal" and you will also find posts that can help answer your question.
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/706d054d-da24-2b10-f18a-fc82faf6468e
  Solution Manager as a  source for Portal UME
  Multiple SAP Systems as UME
  EP
  Something to think about if you consider SSO with CUA as UME.
  how to sso between portal and abap
  Something more interesting to read about:
  LDAP connection from ABAP to Portal
  The above are base on my experience and the Portal setup which I have done for the company. But maybe there are better suggestions from other Portal guys,Experts,Gurus out here who will contribute to answer your question. 
  Hope that helps.
  Ray

• Access Enforcer LDAP mappings

  Hello everyboby,
  I have Access Enforcer 5.1 VP1 and I would like to know how use the LDAP mappings.
  For example, I want recover the manager's name into LDAP automatically on Access Enforcer during an user request.
  Thank you very much for your assistance.
  David Heang

  Hi,
  First you need to connect the Connector for the LDAP when the Connector is working, You need to define the LDAP Mappings.
  For Recovering the Manager Name in to Access Enforcer from LDAP (Active Directory) you need to Map the  LDAP Entry classs object "<b>manager</b>" to the Access Enforcer "LDAP Mappings"
  Now the Manager for the User will be picked up if the Relationsip is defiend in the LDAP Directory.
  LDAP Objects are different for the Different LDAP Types.
  Hope it Helps,
  Vikas

• GRC AE User provisioning for Portal giving error

  Hi,
  We are having GRC AC 5.3- SP9.
  While doing user provisioning for Portal, we are getting the following error:  DBCacheVerifier.java@58:isExpired(). Detailed error log is attached herewith. The back end system (EP Dev) is installed with GRC RTA. Connectors are testing OK. The CPIC user id in backend system EPDev is ED1GRC and has SUPER ADMIN Authorizations, with SPML read/write actions attached to the Role. EP Dev system is having UME as data source, not LDAP. The issue was existing even before the SP9 upgrade. We have restarted the Server several times lately. Pls help me in this.
  Thanks & Regards,
  Jagadish H S
  BASIS Team, BPCL, Mumbai.

  Jagadish,
  This type of error would normally be a data setup issue. Have you imported all of the initial data files (XML ones)?
  Otherwise, if it is just a cache issue, then restarting the server would normally solve the proplem. I would also check the Java Netweaver Admin console to ensure that the memory settings are sufficiently configured to match the hardware that is deployed.
  Simon