Error in user admin  applet

Similar Messages

• Unable to edit user information from User Admin applet

  Hi
  I'm unable to  update user  information from user admin applet. After selecting a particular user, i'm updating his full name and trying to save the details. When i click on save i'm getting below error
  "Unable to execute service EDIT_USER and function addUserAttributes",(System Error: Unable to execute query 'uUsersClassifiedMarkings(UPDATE Users SET uClassifiedMarkings='No Markings'WHERE(uClassifiedMarkings is  null OR uClassifiedMarkings="))'.ORA-00904:"UCLASSIFIEDMARKINGS":invalid Identifier java.sql.SQLSyntaxException: ORA-00904:"UCLASSIFIEDMARKINGS": invalid identifier)
  Kindly let know what is issue or how to resolve this error

  Ok,lets give it a shot. Can you please check if you have any Security Classifications added by navigating to Records->Configure->Security->Security Classification
  If you do not see any entries here, then use the Add button to add the following
  - No Markings
  - Secret
  - Top Secret
  - Confidential
  Now try to update the user info using the admin applet. In the edit window assign Security Classification to "No Markings" and try submitting the update. Let us know what is the outcome.
  I completely agree with William on his analysis. Please try these steps if you are working on a Dev/POC instance.
  Regards,
  - Anand

• Error in Accessing Admin Applets Utilities

  Hello,
  I am getting the below popup message when i click on any of the Admin Applets Utilities.
  *"apUnableToStartApplication apFailedToInitialize syLoginSessionAccessControlException"*
  Please Suggest.
  Thanks & Regards,
  Richa

  If its a fresh installation you should change sysadmin user password using sql query. (Table name is USERS)
  Also check if you have database connection setup by launching System Properties application (<CS Install DIR>/middleware/user_projects/domains/ucm_domain/ucm/cs/bin). check the database connection string ,user name & password. (Database connection is required for applet to connect databse for user authentication)
  Regards,
  Amol Gavali.

• Password for user admin

  Hello,
  I have to change the PW for user admin and tried to do this in the ERP/SU01 on every client.
  The connection to XI was lost. The error 'can not read exchange profile' occurred.
  I reset the password of user admin in all clients to default and entered the user admin and password in the http://<xi-host>:<j2ee-port>/exchangeProfile.
  This worked fine.
  But now I get the periodic error that user admin on client 200 is locked due to wrong logon and XI does not work. Error as described above
  Okay. I can unlock user admin, but the error occurs periodically.
  Is there a description how to change the PW for user admin and get rid of this error. I found a SAP Note (936093), is this the way to do it?
  I assume user admin is locked every time the portal fails to contact XI, but I am not sure.
  Best Regards
  Maximilian

  Try reflashing the firmware and see if that alleviates the issue.  If not call into 866-606-1866 for further troubleshooting.

• Getting Active Directory Users in UCM User Admin - Users Tab

  Hello All
  We have integrated WLS with our Active Directory. And we are getting all the active directory users under Security Realms >myrealm >Users and Groups tab in WLS Console.
  We are also able to login to webcenter spaces and Content server using those userid and credentials. But our problem is in UCM under Admin Applets - User Admin - Users tab all the active directory users are not listed. So we are not able to assign particular roles to the users.
  When a particular Active Directory user logins in UCM (First Time) after that the admisistrator (weblogic) is able to get that user under Admin Applets - User Admin - Users tab. And also it comes as an External user so we are not able to assign role.
  So basically UCM requires a login to get all the users listed in users tab.
  Our requirement is we want all the Active Directory users to get listed in UCM without the condition that the users has to login in content server once.
  Thanks

  Hi Navin ,
  First and foremost the requirement that you have posted is not possible and the reason for that is :
  Users are created on AD which is outside the realm of UCM hence there is no way that the users created on AD will be shown up under Users tab without they login atleast once . UCM does not know which all users are part of the realm until and unless the AD users login in atleast once .
  Secondly external users cannot be assigned roles from UCM because when the Auth type is set to External UCM sees it as external entity hence not giving it any way to relate roles / groups from UCM . As a workaround you can change the AuthType for the External users to Global from User Admin applet after the users login for the first time . This will enable you to assign roles / groups for the AD users .
  Hope this helps .
  Thanks
  Srinath

• The user admin is not authorized to make the Create Order request

  Hi,
  I have deployed the PiP and trying to create the order. But i am getting the below error
  The user admin is not authorized to make the Create Order request>
  Please note :--
  I have assigned roles in administrator
  I have assigned permissions in Weblogic.
  Thanks

  Hi,
  Click on the user admin under user and groups , go to the tab Passwords. Give the password for the admin user and save it. Restart the server and try to login.
  Regards
  Marg

• Error in the ISA User Admin to create users

  Hi all
  i am not able to create the users thru the ISA user admin. while creating the user for new contact persons we are getting the error as " User Does not Exist" and also while creating the user for existing contact persons we are getting error as " User already Exists". in our project landscape CUA also part along with CRM and Portal. i am not able to find out from where exactly we are getting the error either from CRM side or else from CUA side.
  Regards
  suresh babu

  Hi,
  You can open any process in an iview which is assigned to a page and to a role. Once you click on this role, the process will get initiated and the webdynpro application will be displayed.
  If you open the instantiating url, it will ask for the input parameters that are to be passed to the application and initiates the application. It does not display your webdynpro page.
  For the iview you have created, Assign this iview to a page, and then assign it to a role. Assign the role to your user id and then open the role. Also mention in the iview parameters if any role based information has to be passed.
  Award points if helpful.
  Regards,
  Sujana

• Essbase Error 1051440 - Authentication fails for user admin

  We are facing a very unique problem...
  The application is up & running.. even I can login into the application, can perform member addition, editing & mamage database from planning.... but I get this error while retreiving from excel addin or running scripts.
  What I analysed is that this problem is Actually coming when a particular set of members are called anywhere either in scripts or during retreival thru Addin.
  Recently we had added one dimension in one of the database of our application. After that that this problem started.
  There were fewer Xref functions used to pull data from other cubes.... The problem is cominng with only those set of members where this Xref function has been used.
  Even I had changed the formulas & incorporated member of new dimension in the formulas to point to target members....
  Can you guys ever had faced such kind of issue....
  Please help in resolving....
  Complete Error is: msg fromremote site[date n time] Local////Error(1051440) Essbase user[admin] Authentication fails against shared services serverwith Error[30:1005:Authentication failed for user admin. Enter valid credentials.]]

  Hi,
  are you sure that user "admin" has all necessary rights to run your scripts? I have to ask because we sometimes had problems with our admin user... There is an "native essbase server admin" and the admin user in shared services.
  We dont had any idea how this could happen but sometimes our admin user changed to the mentioned "native essbase server admin" - you can see it if you are connected as "admin (internal)".
  If you are logged in as "admin (internal)" you have to "externalize" this user.
  Hope this helps and my bad english is not so much confusing... :-)
  Kind regards
  André

• User admin error

  Hi Experts,
  I am using SAP portal 7.0, facing an error in user administration->identity management. Below is the error
  "A required service for the identity management user interface is not available. Contact your system administrator"

  Dear rajesh,
  Hope you are doing good.
  As mentioned go through note: 869852 which deals with the same issue. Also:
  1. Open Visual Administrator->Cluster->Server<xx>->Services ->Security Provider-sap.com/com.sap.security.core.admin*useradmin ->Security Roles->admin clear run-as identity
      Then restart com.sap.security.core.admin in 'Deploy'. ->check if it will help to solve issue
  2. If above settings could not help, please so as below:
      ->Security Provider->sap.com/com.sap.security.core.admin*useradmin
      ->Security Roles->admin
      change "role reference" to "security role", then add user  'administrator' and group 'administrators'. Then set run-as identit
      as 'administrator'.  Then restart com.sap.security.core.admin in 'Deploy'.
  Thank you and have a nice day :).
  Kind Regards,
  Hemanth
  SAP AGS

• Urjent:Partition error:Logging out user [Admin], active for 0 minutes

  Hi all,
  Iam using 11
  Wen iam creating Transaparent partition its validating successfully , but wen iam saving it its giving error , partition creation failed
  Error: 1051037: Logging out user [Admin], active for 0 minutes
  and it s giving error reading ddb file
  i tried with maxl also but it continiously running for 30 mints , its horrible , actually it takes 2 mints
  how can i resolve this issue, any help would be appriciated
  thanks
  Edited by: user8815661 on 26 avr. 2010 05:18
  Edited by: user8815661 on 27 avr. 2010 04:00
  Edited by: user8815661 on 3 mai 2010 04:18

  Sounds like there is some sort of ddb file corruption. There are many causes, but the quickest fix I have found is usually a file-based deletion of the ddb file on both the source and target side of this partition. The attempt to create a partition on this database will cause a new ddb file to be created. Of course, this is dangerous. You can't have any other partitions on either the source or target side...or they will be deleted by this step. But the only purpose of the ddb file is for partition definitions, and it exists on both source and target.
  I've found this happens if one side of a partition (one of the ddbs from source or target) gets the file deleted, or communication is down between the source database server and target database server.

• OBIEE 11g Active Directory Presentation Service Error retrieving user

  Hi Team,
  It was a great help from all of you on our OBIEE learnings.
  I recently configured Microsoft AD on Weblogic rather than RPD. But felt like I am in a desert of helplessness due to the complicated and lengthy documents and settings :(
  Still when I configured everything and logged in to presentation services using AD Credentials, observed following error!
  Error retrieving user/group data from Oracle BI Server's User Population API.
  Error Details
  Error Codes: GDU6UYHS:OPR4ONWY:U9IM8TAC:OI2DL65P:SDKE4UTF
  Odbc driver returned an error (SQLExecDirectW).
  State: HY000. Code: 10058. [NQODBC] [SQL_STATE: HY000] [nQSError: 10058] A general error has occurred. [nQSError: 43113] Message returned from OBIS. [nQSError: 13049] User 'gp06108' with 'oracle.bi.publisher.scheduleReport;AtAGlance;oracle.bi.publisher.accessReportOutput;_all_;oracle.bi.publisher.accessExcelReportAnalyzer;_all_;oracle.epm.financialreporting.accessReporting;Explore;oracle.bi.publisher.accessOnlineReportAnalyzer;EPM_Essbase_Filter;oracle.bi.publisher.runReportOnline;oracle.as.scheduler.security.MetadataPermission' permission can not query user population.Please have your System Administrator look at the log for more details on this error. (HY000)
  Please have your System Administrator look at the log for more details on this error.
  Expression: privileges['Admin: Catalog']['Change Permissions']
  Total blockout! Anyone faced this issue earlier

  You need a user to be present in your Active Directory Base DN that will be used as the BISystemUser. You will either have to create this user in AD or use an existing AD user and then specify its credentials in Enterprise Manager (expand Weblogic Domain > bifoundation_domain (right click) > Security > Credentials). You will need to set system.user credential under oracle.bi.system map. Make sure your AD user's password never expires or you will run into problems in a few weeks time!
  Paul

• Vista problem and error createding users.

  Hi All. About 4 weeks back I took on a task to install Leopard server in a small office. 5 macs all running leopard and one dell running Vista home basic.
  The server is a brand new Mini with 4 Gigs of Ram and the 320 Gig HD. Storage is on a 2T external box.
  Installation was a nightmare. I had to install via Target disk as the Mini was too new to boot from the Leopard DVD (10.5.4) then apply the updates while running the server on the host mac using the mini's HD as the startup drive. It took about 4 goes to get it all up and running.
  I set up the users and all's well - except for the dell. It can access the shares and read but cannot write, despite having the same priviledges as the rest of the group. What puzzles me (I know too little about windows and even less about vista) is that while the macs all presented a log-in/password box when they first connected, the dell just went straight to the shares. I cannot find a way of making the dell authenticate. Have I done something wrong or is it Vista home Basic that is the culprit.
  Next issue, I cannot get a shared iCal to work (but the wiki calendar works brilliantly) as I keep getting told (this is me the admin) that I don't have permission!
  Third issue (and this is worrying me), while testing with the dell I created another user with a new name just to see if it was the original settings that were at fault - but - I couldn't. Everytime I tried to create a new user I get an error message -
  "User creation failed. The server reported the error '-14120' while trying to create the user"
  It doesn't matter what I do I cannot create another user.
  I'd really appreciate some help here.
  Finally, (it's not a problem - yet) I have to set it up so that all the users can log in from home to access the shares - and that includes the dell.

  Hi David, I'm back again.
  The problem I'm having with the new user error may be hidden in this short section from the log:
  Also, one of the users (who has been perfectly OK) is now getting a Kerberos log-in error and can no longer write to the shares.
  LOG:
  Sep 28 13:33:57 MuseMini imap[81400]: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No principal in keytab matches desired name)
  Sep 28 13:33:57 MuseMini imap[81400]: badlogin: [172.16.1.36] GSSAPI [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No principal in keytab matches desired name)]
  Sep 28 13:36:06 MuseMini ctl_cyrusdb[81445]: checkpointing cyrus databases
  Sep 28 13:36:06 MuseMini ctl_cyrusdb[81445]: done checkpointing cyrus databases
  Sep 28 13:36:22 MuseMini servermgrd[61]: servermgr_accounts: got error -14098 trying to log to local LDAP node
  Sep 28 13:36:22 MuseMini servermgrd[61]: servermgr_accounts: got error -14120 trying to write config record
  Sep 28 13:38:43 MuseMini servermgrd[61]: DirectoryService crash detected, reauthorizing node
  Sep 28 13:38:43 MuseMini servermgrd[61]: servermgr_accounts: got error -14098 trying to log to local LDAP node
  Sep 28 13:38:43 MuseMini servermgrd[61]: DirectoryService crash detected, reauthorizing node
  Sep 28 13:38:43 MuseMini servermgrd[61]: servermgr_accounts: got error -14098 trying to log to local LDAP node
  Sep 28 13:38:43 MuseMini servermgrd[61]: DirectoryService crash detected, reauthorizing node
  Sep 28 13:38:43 MuseMini servermgrd[61]: servermgr_accounts: got error -14098 trying to log to local LDAP node
  Sep 28 13:38:43 MuseMini servermgrd[61]: DirectoryService crash detected, reauthorizing node
  Sep 28 13:38:43 MuseMini servermgrd[61]: servermgr_accounts: got error -14098 trying to log to local LDAP node
  Sep 28 13:38:43 MuseMini servermgrd[61]: DirectoryService crash detected, reauthorizing node
  Sep 28 13:38:43 MuseMini Server Preferences[80311]: XSAdminQueueController: gotServerError: -14120 forTransaction: <XSAdminTransaction: 0x1711f980>
  Sep 28 13:38:43 MuseMini servermgrd[61]: servermgr_accounts: got error -14098 trying to log to local LDAP node
  Sep 28 13:38:43 MuseMini Server Preferences[80311]: Error creating user: {\n command = createUser;\n error = "-14120";\n}
  Sep 28 13:38:57 MuseMini imap[81506]: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No principal in keytab matches desired name)
  Sep 28 13:38:57 MuseMini imap[81506]: badlogin: [172.16.1.36] GSSAPI [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No principal in keytab matches desired name)]
  Sep 28 13:38:57 MuseMini imap[81509]: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No principal in keytab matches desired name)
  Sep 28 13:38:57 MuseMini imap[81509]: badlogin: [172.16.1.36] GSSAPI [SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No principal in keytab matches desired
  It looks to me as though I may have to go through the entire install again - and I really don't want to do that.
  Help!

• Error in User Management Link CRM 7.0

  Hi
  As per CRM 7.0 standard functionality (with ECC as a back end), USER MANAGEMENT Link is available to maintain WEBSHOP Logon users.
  We are getting the below error when we try to maintain the USERS through that link
  "SERIAL NUMBER MISSING u2013 ENTRIES IGNORED INT"
  Due to this we are not able to create users through USER ADMIN Link.
  Please advice on the above error.
  Thanks and Regards
  DJ

  Thanks

• OID - LDAP:error code 19 -Admin domain

  Exception creating Entry : javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 - Admin domain does not contain schema information for objectclass person.]; remaining name 'cn=oriondes,ou=servidoresmiembro,ou=internos,cn=users,dc=superfinanciera,dc=gov,dc=co'
  [LDAP: error code 19 - Admin domain does not contain schema information for objectclass person.]
  javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 - Admin domain does not contain schema information for objectclass person.]; remaining name 'cn=oriondes,ou=servidoresmiembro,ou=internos,cn=users,dc=superfinanciera,dc=gov,dc=co'
  at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3001)
  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
  at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:777)
  at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:319)
  at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:248)
  at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:236)
  at javax.naming.directory.InitialDirContext.createSubcontext(InitialDirContext.java:176)
  at oracle.ldap.odip.gsi.LDAPWriter.createEntry(LDAPWriter.java:1056)
  at oracle.ldap.odip.gsi.LDAPWriter.insert(LDAPWriter.java:409)
  at oracle.ldap.odip.gsi.LDAPWriter.modifyRadd(LDAPWriter.java:748)
  at oracle.ldap.odip.gsi.LDAPWriter.writeChanges(LDAPWriter.java:335)
  at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:581)
  at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
  at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
  DIP_LDAPWRITER_ERROR_CREATE
  DIP_LDAPWRITER_ERROR_CREATE
  at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:722)
  at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
  at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
  DIP_LDAPWRITER_ERROR_CREATE
  ActiveChgImp:Error in Mapping EngineDIP_LDAPWRITER_ERROR_CREATE
  DIP_LDAPWRITER_ERROR_CREATE
  at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:741)
  at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
  at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
  ActiveChgImp:about to Update exec status
  Updated Attributes
  orclodipLastExecutionTime: 20100906150632
  orclodipConDirLastAppliedChgNum: 34086144
  orclOdipSynchronizationStatus: Mapping Failure, Agent Execution Not Attempted

  Hi,
  Please let me know if this has been resolved. Also, please post the solution if you find any.
  -Mahendra.

• Can we lock down user admin functionality to allow password changes only?

  Hi,
  Is it possible to lock down the user admin functionality so a specific role can only change passwords?
  We have a large user base of >10K infrequent users that are forced to change their passwords every 30 days. We suspect a lot will require password changes and we are keen to not have the tech team spending most of their time dealing with such requests. We would like to pass this task onto data management but not allow them the system administrator functionality.
  We know we can create a responsibility with a limited menu available so the operator can see only the security/user/define menu. But this will still allow the person to add responsibilities to existing user accounts and create new user accounts, both of which are deemed unacceptable security risks. Is it possible to lock down the form as well as the menu? Allowing operators to only change the password of existing users? Or can we use the custom.pll to error when a user tries to do anything except edit the password field when in this role?
  Thanks
  Matt

  You should be able to do that. You would create a new privilege level (ie 7), assign all commands to that level except (this is my guess) the command vpn-sessiondb, you would put that at a lower privilege level (ie 6). Here's a write-up that may help getting you in the right direction.
  http://www.packetpros.com/2012/08/read-only-asdm.html