Not authorized to create users

Similar Messages

• You are not authorized to create users in group

  HI all,when I want to creat user or change a user information in EP7.0,I get the message:
  An error occurred in the persistence. The original and possible not translatet message was: "BAPI_USER_CREATE1@BI7CLNT001: ID=01, NUMBER=491, MESSAGE=You are not authorized to create users in group". Contact your system administrator.
  How I can do?

  You have no proper authorizations to do this. please follow this document for more details.
  <a href="https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/668e6629-0701-0010-7ca0-994cb7dec5a3">SAP Identity Management APIs</a>
  REgards,
  NItin

• OIM 9.1.0.2 patch: not able to create user.

  Hi,
  After the 9.1.0.2 patch installation I am not able to create users. The following exception is thrown:
  DOBJ.THROWABLE_IN_SAVE
  Unhandled throwable java.lang.IllegalAccessError in com.thortech.xl.dataobj.tcUSR's save.
  help required..

  Hi,
  I am getting the same error and i have entity adapters on my USER's form.
  Please help.
  Thanks

• "You are not authorized to change users in user group XY"

  Hello,
  I ran a report. Within that report, a BAPI is called. It's name is user_change.
  That BAPI enables you to change user details like passwords and so on...
  When I tried to change the user's password, an error message occured.
  "You are not authorized to change users in user group XY"
  The user belongs to the group XY.
  After an unsuccessful pwd change, there is no SU53 file!
  So how could I solve that?
  Could I explicitly define for which user groups, passwords can be changed?
  Any other ideas?
  Thanks a lot in advance,
  holger

  Hi Holger,
  May be they might have restricted to change password. See <a href="http://www.sap-basis-abap.com/bc/restrict-role-to-unlock-lock-change-password.htm">this</a> for more details.

• Not able to create users in identity system -OAM

  Hi all,
  I am new to OAM and trying to create users from identity system -OAM.
  I have logged in as 'orcladmin', who is my 'Master Administrator' and 'Master identity Administrator'.
  To create the user, I click on 'User Manager' tab and then 'Create user identity' tab but I get a message saying
  "*You do not have sufficient access rights*."
  Same message comes up when I try to create groups also.
  Please guide me on how I can give these rights to 'orcladmin'.
  It will be helpfull if you can specify some links where I can learn the basic consepts of OAM(identity system and access system).
  Thanks in advance
  Roopa

  Hi,
  Before you attempt to create a user, you would need to create a workflow in OAM Identity System.
  Below is the link which will get you started -
  http://download.oracle.com/docs/cd/E15217_01/doc.1014/e12489/workflow.htm#BABEFGAA
  -- Pramod Aravind

• Not able to create users in portal.

  Hi all,
  Iam trying to create users in portal through User administration but the system says:
  "Current user has user creation permissions in the UME, but cannot create users in the back-end system (data source). The original and possibly untranslated message was: "No active writeable datasource found for user creation, check your Persistence Configuration.".
  I have tried creating in backend system and use in the portal , but the same user does not work there , it says Authentication failed.
  Iam using the admin user j2ee_admin having all the admin rights , i have done all the confuguration settings through this user id only.
  Please help.
  Regards,
  Akash

  Hi Akash,
  check if your data source configuration file is read-only in your ume properties. If it's read/write you may check in the ABAP backend if your communication user (per standard SAPJSF) has write-permissions.  He needs to have role SAP_BC_JSF_COMMUNICATION not SAP_BC_JSF_COMMUNICATION_RO
  see also note 905188
  Cheers,
  Anja

• Not able to create user defined field

  hi experts
  i am not able to create a user defined field through, 'user defined field management ' window,
  when i am selecting this window SAP B1 is hanging ,later i need to close the application .what should be the problem ,
  please help me to solve this issue
  thanks in advance
  ajith

  hi
  thanks for reply
  following is the my sap b1 version and PL
  SAP Business One 2007 B (8.60.035)  SP: 00  PL: 08  2007B_CORE_080709_0214
  yes i created user defined fields in employee  master records
  kind regards
  ajith

• Not able to create users in OID through OIM

  HI,
  I am creating users in OIM and provisioning them to OID. The create user is working fine but provisioning is not working.
  The create user task is getting rejected with error message as :
  Response: Target Unavailable Error
  Response Description: Target server not available
  In the weblogic console its showing error as:
  INFO,24 Feb 2010 18:42:13,140,[XL_INTG.OID], Parameter Variables passed into co
  m.thortech.xl.integration.OID.tcUtilOIDUserOperations:createUser(S,S,S,S,S): are
  sContainerDN = ou=AGI(ENI UK Ltd),o=Shippers,dc=xoserve-apps,dc=com, sFirstName
  = testuser17, sLastName = testuser17, sUserDNParam = TESTUSER17,
  INFO,24 Feb 2010 18:42:13,156,[XL_INTG.OID],com.thortech.xl.integration.OID.uti
  l.tcUtilLDAPOperations : connectToAvailableOID() : SSL option is not selected in
  ITResource
  ERROR,24 Feb 2010 18:42:16,156,[XL_INTG.OID],===================================
  =================
  ERROR,24 Feb 2010 18:42:16,156,[XL_INTG.OID], ERROR in OID:connectToAvailableOID
  () CommunicationExceptionUnable to create Initial LDAP Context
  ERROR,24 Feb 2010 18:42:16,156,[XL_INTG.OID],===================================
  =================
  ERROR,24 Feb 2010 18:42:16,156,[XL_INTG.OID],===================================
  =================
  ERROR,24 Feb 2010 18:42:16,156,[XL_INTG.OID],10.224.29.51:389
  ERROR,24 Feb 2010 18:42:16,156,[XL_INTG.OID],===================================
  ERROR,24 Feb 2010 18:42:16,171,[XL_INTG.OID],com.thortech.xl.integration.OID.uti
  l.tcUtilLDAPOperations : disconnectFromLDAP() : : Unable to close LDAP Context.
  The context was probably not created, since it is null
  ERROR,24 Feb 2010 18:42:16,171,[XL_INTG.OID],===================================
  =================
  ERROR,24 Feb 2010 18:42:16,171,[XL_INTG.OID],===================================
  =================
  ERROR,24 Feb 2010 18:42:16,171,[XL_INTG.OID], ERROR in com.thortech.xl.integrati
  on.OID.tcUtilOIDUserOperations:createUser(S,S,S,S,S) NoInitialContextExceptionEr
  ror while connecting to target
  ERROR,24 Feb 2010 18:42:16,171,[XL_INTG.OID],===================================
  =================
  ERROR,24 Feb 2010 18:42:16,171,[XL_INTG.OID],===================================
  =================
  ERROR,24 Feb 2010 18:42:16,171,[XL_INTG.OID],com.thortech.xl.integration.OID.uti
  l.tcUtilLDAPOperations: Unable to close LDAP Context. The context was probably n
  ot created, since it is null
  ERROR,24 Feb 2010 18:42:16,171,[XL_INTG.OID],===================================
  =================
  Please help.
  Thanks in advance.

  Thank a zillion to both of you...
  It was connection problem. Somebody changed my OID's IP address.
  Now my users are getting provisioned.
  One more doubt how to give points to both of you. I dont know how to give points in this forum.

• "create user" not same as creating user from Administration?

  I have created users both from scripts and from the Administration pages and am getting different results.
  I created a user from a command line script (e.g., "create user <name> identified by <password>"), and then later granted the user all the privileges from the Administration -> Database users -> Manage Users page.
  I created a second user from within the Admin pages - this user has all the privileges and works fine.
  The user I created from the command line and then granted all privileges (including "DBA" and all explicit privileges) is NOT working correctly.
  Specifically:
  1. "select ... from ALL_OBJECTS" returns no records. (ALL_TABLES, ALL_INDEXES, and everything else that I try seem to work ok, but in order to see "ALL_OBJECTS", I have to explicitly qualify it with "SYS.ALL_OBJECTS".)
  2. When compiling PL/SQL procedures, etc. in that user schema, the built-in packages are not visible unless I explicitly GRANT EXECUTE on each package to the user (from a system account). At that point, they are accessible.
  I tried searching the forums for similar topics and didn't find any. I apologize if this is a redundant post, but it is driving me crazy.
  Can someone tell me how to make sure the script-created users get all the appropriate rights, and why when they are granted rights from the Admin screens, they still don't appear to have all the rights?
  I would strongly prefer not to drop the user account and rebuild it, as there are already 2200 existing objects (tables, procedures, indexes, etc.) in the user account.

  Please disregard this post. While investigating another issue, I discovered that the user account from which I had migrated 600+ tables had (for some unknown reason) empty copies of ALL_OBJECTS, USER_INDEXES, and USER_IND_COLUMNS in the user tablespace, so these got copied over with the other valid tables. Having "local" (and empty) copies was causing most of the issues.

• Not able to create user in NW UME

  Hi Experts, I'm having NW 7.1 CE EHP1 SP05 AS JAVA Engine and SAP MII 12.1 is running on NW. I'm having the Super Admin Role and trying to create the new user in UME,but I'm getting the error while doing so. The complete error trace is as below: "Error Creating the User". The complete log detail is as below: Error creating user [EXCEPTION] com.sap.security.core.wd.exception.UmeUiException: at com.sap.security.core.wd.umeuifactory.UmeUiFactoryCompInterface.handleThrowable(UmeUiFactoryCompInterface.java:3072) at com.sap.security.core.wd.umeuifactory.UmeUiFactoryCompInterface.createEntity(UmeUiFactoryCompInterface.java:349) at com.sap.security.core.wd.umeuifactory.wdp.InternalUmeUiFactoryCompInterface.wdInvokeMethod(InternalUmeUiFactoryCompInterface.java:937) at com.sap.tc.webdynpro.progmodel.generation.ExternalControllerPI$ExternalInterfaceInvocationHandler.invoke(ExternalControllerPI.java:339) at $Proxy2071.createEntity(Unknown Source) at com.sap.security.core.wd.maintainuser.MaintainUserComp.saveModifications(MaintainUserComp.java:952) at com.sap.security.core.wd.maintainuser.wdp.InternalMaintainUserComp.saveModifications(InternalMaintainUserComp.java:689) at com.sap.security.core.wd.maintainuser.ModifyUserView.onActionSave(ModifyUserView.java:569) at com.sap.security.core.wd.maintainuser.wdp.InternalModifyUserView.wdInvokeEventHandler(InternalModifyUserView.java:550) at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.invokeEventHandler(DelegatingView.java:131) at com.sap.tc.webdynpro.progmodel.controller.Action.fire(Action.java:72) at com.sap.tc.webdynpro.clientserver.phases.ProcessingEventPhase.doHandleActionEvent(ProcessingEventPhase.java:156) at com.sap.tc.webdynpro.clientserver.phases.ProcessingEventPhase.execute(ProcessingEventPhase.java:91) at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequestPartly(WindowPhaseModel.java:162) at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doProcessRequest(WindowPhaseModel.java:110) at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:97) at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:514) at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:52) at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.doExecute(ClientApplication.java:1547) at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.doProcessing(ClientApplication.java:1361) at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.delegateToApplicationDoProcessing(AbstractExecutionContextDispatcher.java:154) at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.DispatchHandlerForAppProcessing.doService(DispatchHandlerForAppProcessing.java:35) at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.AbstractDispatchHandler.service(AbstractDispatchHandler.java:127) at com.sap.engine.services.servlets_jsp.server.deploy.impl.module.IRequestDispatcherImpl.dispatch(IRequestDispatcherImpl.java:95) at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.ExecutionContextDispatcher.dispatchToApplicationDoProcessing(ExecutionContextDispatcher.java:114) at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.dispatch(AbstractExecutionContextDispatcher.java:80) at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.dispatch(ApplicationSession.java:571) at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.dispatch(ApplicationSession.java:602) at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doApplicationProcessingStandalone(ApplicationSession.java:523) at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:270) at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:729) at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:256) at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:258) at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.delegateToRequestManager(AbstractExecutionContextDispatcher.java:202) at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.DispatchHandlerForRequestManager.doService(DispatchHandlerForRequestManager.java:38) at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.AbstractDispatchHandler.service(AbstractDispatchHandler.java:127) at com.sap.engine.services.servlets_jsp.server.deploy.impl.module.IRequestDispatcherImpl.dispatch(IRequestDispatcherImpl.java:95) at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.ExecutionContextDispatcher.dispatchToRequestManager(ExecutionContextDispatcher.java:140) at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.dispatch(AbstractExecutionContextDispatcher.java:92) at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.dispatch(AbstractExecutionContextDispatcher.java:104) at com.sap.tc.webdynpro.serverimpl.core.AbstractDispatcherServlet.doContent(AbstractDispatcherServlet.java:87) at com.sap.tc.webdynpro.serverimpl.core.AbstractDispatcherServlet.doPost(AbstractDispatcherServlet.java:61) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:140) at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:37) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:466) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:291) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:396) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:385) at com.sap.engine.services.servlets_jsp.filters.DSRWebContainerFilter.process(DSRWebContainerFilter.java:48) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:76) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:240) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:78) at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60) at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27) at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29) at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.MemoryStatisticFilter.process(MemoryStatisticFilter.java:43) at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.filters.DSRHttpFilter.process(DSRHttpFilter.java:42) at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12) at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78) at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:425) at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.process(Processor.java:250) at com.sap.engine.services.httpserver.server.rcm.RequestProcessorThread.run(RequestProcessorThread.java:45) at com.sap.engine.core.thread.execution.Executable.run(Executable.java:109) at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:314) Caused by: java.lang.NoSuchMethodError: com.sap.security.api.logon.ISecurityPolicyFactory.getSecurityPolicyByUniqueName(Ljava/lang/String;)Lcom/sap/security/api/ISecurityPolicy; at com.sap.security.core.jmx.impl.JmxModificationHelper.getSecurityPolicyFromAttributes(JmxModificationHelper.java:2531) at com.sap.security.core.jmx.impl.JmxModificationHelper.createEntity(JmxModificationHelper.java:1588) at com.sap.security.core.jmx.impl.JmxServer.createEntity(JmxServer.java:226) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414) at javax.management.StandardMBean.invoke(StandardMBean.java:323) at com.sap.pj.jmx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:944) at com.sap.pj.jmx.server.interceptor.MBeanServerWrapperInterceptor.invoke(MBeanServerWrapperInterceptor.java:288) at com.sap.engine.services.jmx.CompletionInterceptor.invoke(CompletionInterceptor.java:400) at com.sap.pj.jmx.server.interceptor.BasicMBeanServerInterceptor.invoke(BasicMBeanServerInterceptor.java:277) at com.sap.jmx.provider.ProviderInterceptor.invoke(ProviderInterceptor.java:340) at com.sap.engine.services.jmx.RedirectInterceptor.invoke(RedirectInterceptor.java:340) at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330) at com.sap.engine.services.jmx.MBeanServerSecurityWrapper.invoke(MBeanServerSecurityWrapper.java:288) at com.sap.engine.services.jmx.ClusterInterceptor.invoke(ClusterInterceptor.java:813) at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330) at com.sap.security.core.jmx._gen.IJmxServer$Impl.createEntity(IJmxServer.java:534) at com.sap.security.core.wd.jmxmodel.JmxModelCompInterface.createEntity(JmxModelCompInterface.java:249) at com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface.wdInvokeMethod(InternalJmxModelCompInterface.java:788) at com.sap.tc.webdynpro.progmodel.generation.ExternalControllerPI$ExternalInterfaceInvocationHandler.invoke(ExternalControllerPI.java:339) at $Proxy2070.createEntity(Unknown Source) at com.sap.security.core.wd.umeuifactory.UmeUiFactoryCompInterface.createEntity(UmeUiFactoryCompInterface.java:347) ... 77 more
  Thanks in Advance Suresh

  Dear all,
  I was searching the community because I had this same error and there was no answer of how it was fixed. So I'm sending how I fixed today in a customer environment.
  1. Go to portal  http://<portal>/webdynpro/dispatcher/sap.com/tcsecumewdumeadmin/UmeAdminApp
  - select configuration
  - folder "sap system based in abap"
  - do the conection test
  If the test fails, log on in client 001 and change user SAPJSF:
  - assign role SAP_BC_JSF_COMMUNICATION (only this one) and one profile that has permission to RFC logon
  - you can change the password too
  STOP/START ABAP+JAVA
  Go again to the portal above and test connection again. The tests should now be OK.
  2. Go to portal  http://<portal>/irj
  - Log on with administrator user
  Now you should be able to create an user.

• Install SAP ERP 6.0 - Domain does not exist. Create user failed.

  Hi experts,
  I have encounter a problem while installing the the SAP ERP 6.0 by IDES Installation Master.
  I got no idea about whats wrong here. Please help me out.
  Thanks.
  Warning: Unable to get the name of the domain.
  INFO[E] 2009-08-07 14:28:46.439
  FSL-01027  Account user="PHOENIX\SAPServiceEC6" does not exist.
  WARNING 2009-08-07 14:28:46.439
  Unable to get the name of a domain controller for domain .
  WARNING[E] 2009-08-07 14:28:46.455
  FSL-01002  Unable to create account PHOENIX\SAPServiceEC6. HRESULT=0x80005009
  WARNING[E] 2009-08-07 14:28:46.455
  MUT-03025  Caught ESyException in Modulecall: ESAPinstException: error text undefined.
  ERROR 2009-08-07 14:28:46.455
  FCO-00011  The step createAccounts with step key |NW_ABAP_OneHost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|1|0|NW_Users_Create_Do|ind|ind|ind|ind|5|0|createAccounts was executed with status ERROR .
  Kind Regards,
  George.

  > I choosed typical setting, the system didnt prompt me to choose anything regarding about domain.
  Ok - then the system chooses a domain installation - which is the default.
  I suggest you stop the installation, run the uninstaller, boot the machine and start over using "Custom" if you want to do a local installation.
  Markus

• You are not authorized to schedule user SM_EFWK in sm21

  Hello All,
  We have solman 7.1 system.
  CCMS_CPH_RAW_DATA_UPDATE BG job has been triggered in every one hour once and it is finished successfully.
  But in SM21 we are receiving the message like that, It is in green color anyway we need to fix it.
  I have searched in SMP and http://scn.sap.com/thread/90664 as well I’m not getting anything. Kindly give a suggestion to fix this.
  Thanks,
  'Priyanga G

  Hi Karthik,
  I have checked the SM_EXTERN_WS user role.
  The two roles are in the security document: 
  1)      SAP_SM_EXTERN_WS
  2)      SAP_J2EE_ADMIN
  These two roles are present in the user SM_EXTERN_WS with the name
  ZSAP_SM_EXTERN_WS
  SAP_J2EE_ADMIN
  Weather ZSAP_SM_EXTERN_WS role is there instead of SAP_SM_EXTERN_WS .
  Is it creates a problem?
  In solman_setup TC where do I need to check the user details in step1?
  Thanks,
  Priyanga G

• Problem with Trusted Reconcilation, Not able to create USERS in Database

  .log file
  ERROR ExecuteThread: '11' for queue: 'weblogic.kernel.Default' XELLERATE.SERVER - Class/Method: tcRCE/createUserRecord encounter some problems: {1}
  java.lang.NullPointerException
       at com.thortech.xl.dataobj.util.tcAttributeSource.getAttrColumnName(Unknown Source)
       at com.thortech.xl.dataobj.tcRCE.createUserRecord(Unknown Source)
       at com.thortech.xl.dataobj.tcRCE.applyActionRules(Unknown Source)
       at com.thortech.xl.dataobj.tcRCE.checkDataSorted(Unknown Source)
       at com.thortech.xl.dataobj.tcRCE.eventPostUpdate(Unknown Source)
       at com.thortech.xl.dataobj.tcDataObj.update(Unknown Source)
       at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
       at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
       at com.thortech.xl.dataobj.tcRCE.finishDataReceived(Unknown Source)
       at com.thortech.xl.schedule.jms.reconOffline.ProcessOfflineReconMessages.finishReconciliationEvent(Unknown Source)
       at com.thortech.xl.schedule.jms.reconOffline.ProcessOfflineReconMessages.execute(Unknown Source)
       at com.thortech.xl.schedule.jms.messagehandler.MessageHandlerMDB.onMessage(Unknown Source)
       at weblogic.ejb20.internal.MDListener.execute(MDListener.java:400)
       at weblogic.ejb20.internal.MDListener.transactionalOnMessage(MDListener.java:333)
       at weblogic.ejb20.internal.MDListener.onMessage(MDListener.java:298)
       at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:2698)
       at weblogic.jms.client.JMSSession.execute(JMSSession.java:2610)
       at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
       at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
  XELLERATE.DATABASE - Class/Method: tcDataBase/rollbackTransaction encounter some problems: Rollback Executed From
  java.lang.Exception: Rollback Executed From
       at com.thortech.xl.dataaccess.tcDataBase.rollbackTransaction(Unknown Source)
       at com.thortech.xl.dataobj.tcDataObj.rollback(Unknown Source)
       at com.thortech.xl.dataobj.tcDataObj.doRollback(Unknown Source)
       at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
       at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
       at com.thortech.xl.dataobj.tcRCE.finishDataReceived(Unknown Source)
       at com.thortech.xl.schedule.jms.reconOffline.ProcessOfflineReconMessages.finishReconciliationEvent(Unknown Source)
       at com.thortech.xl.schedule.jms.reconOffline.ProcessOfflineReconMessages.execute(Unknown Source)
       at com.thortech.xl.schedule.jms.messagehandler.MessageHandlerMDB.onMessage(Unknown Source)
       at weblogic.ejb20.internal.MDListener.execute(MDListener.java:400)
       at weblogic.ejb20.internal.MDListener.transactionalOnMessage(MDListener.java:333)
       at weblogic.ejb20.internal.MDListener.onMessage(MDListener.java:298)
       at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:2698)
       at weblogic.jms.client.JMSSession.execute(JMSSession.java:2610)
       at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
       at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
  My Recon Schedule task settings:
  OrganizationUnitName     vcdsOrganization
  TrustedSource     true
  Password     Dummy123
  Role     Consultant
  ITResourceName     vCDSLDAP User
  ResourceObjectName     vCDSLDAP User
  XLDeleteUsersAllowed     false
  UserContainer     o=VFUS,dc=people_test,dc=vodafone,dc=com
  Xellerate Type     End-User Administrator
  Organization     Xellerate Users
  IsIPlanetTarget     false
  Please, help me, i am in need for ur kind help.
  Thanks in Advance.

  Hi,
  the mostly probable right answer is part of Sandeep's post
  to be more precise, SAPJSF user has to have the SAP_BC_JSF_COMMUNICATION role only, as the role SAP_BC_JSF_COMMUNICATION_RO stands for Read Only (avoiding you to modify anoything in the Java UME onto the portal).
  But this is a security policy, do not change it without contacting your BC.
  Fabien.

• Not able to create user.

  I am trying to create a user using wlst. I am getting the below exceptions.
  wlst Snippet :-
  cd('/')
  cd('SecurityConfiguration')
  cd( WLS_DOMAIN_NAME )
  print 'IN DOMAIN'
  cd('weblogic.security.providers.authentication.DefaultAuthenticator')
  print 'IN AFTER'
  cd('Security:Name=myrealmDefaultAuthenticator')
  if cmo.userExists('admin')==1:
  I am getting the below exception while running the above script. Your help is highly appreciated.
  javax.management.AttributeNotFoundException: com.bea:Name=vjrdomain,Type=SecurityConfiguration:weblogic.security.providers.authentication.DefaultAuthenticator
  at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
  at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:223)
  at javax.management.remote.rmi.RMIConnectionImpl_1033_WLStub.getAttribute(Unknown Source)
  at weblogic.management.remote.common.RMIConnectionWrapper$12.run(ClientProviderBase.java:726)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
  at weblogic.security.Security.runAs(Security.java:61)
  at weblogic.management.remote.common.RMIConnectionWrapper.getAttribute(ClientProviderBase.java:724)
  at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.getAttribute(RMIConnector.java:878)
  at weblogic.management.scripting.BrowseHandler.regularPush(BrowseHandler.java:429)
  at weblogic.management.scripting.BrowseHandler.splitPush(BrowseHandler.java:149)
  at weblogic.management.scripting.BrowseHandler.cd(BrowseHandler.java:684)
  at weblogic.management.scripting.WLScriptContext.cd(WLScriptContext.java:196)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at org.python.core.PyReflectedFunction.__call__(Unknown Source)
  at org.python.core.PyMethod.__call__(Unknown Source)
  at org.python.core.PyObject.__call__(Unknown Source)
  at org.python.core.PyObject.invoke(Unknown Source)
  at org.python.pycode._pyx16.cd$5(<iostream>:173)
  at org.python.pycode._pyx16.call_function(<iostream>)
  at org.python.core.PyTableCode.call(Unknown Source)
  at org.python.core.PyTableCode.call(Unknown Source)
  at org.python.core.PyFunction.__call__(Unknown Source)
  at org.python.pycode._pyx15.f$0(D:\vjrdomain\bin\Deploy81.py:46)
  at org.python.pycode._pyx15.call_function(D:\vjrdomain\bin\Deploy81.py)
  at org.python.core.PyTableCode.call(Unknown Source)
  at org.python.core.PyCode.call(Unknown Source)
  at org.python.core.Py.runCode(Unknown Source)
  at org.python.util.PythonInterpreter.execfile(Unknown Source)
  at weblogic.management.scripting.WLST.main(WLST.java:131)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at weblogic.WLST.main(WLST.java:29)
  Caused by: javax.management.AttributeNotFoundException: com.bea:Name=vjrdomain,Type=SecurityConfiguration:weblogic.security.providers.authentication.DefaultAuthenticator
  at weblogic.management.jmx.modelmbean.WLSModelMBean.getPropertyDescriptorForAttribute(WLSModelMBean.java:1415)
  at weblogic.management.mbeanservers.internal.SecurityInterceptor.getPropertyDescriptor(SecurityInterceptor.java:886)
  at weblogic.management.mbeanservers.internal.SecurityInterceptor.checkGetSecurity(SecurityInterceptor.java:575)
  at weblogic.management.mbeanservers.internal.SecurityInterceptor.getAttribute(SecurityInterceptor.java:298)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServer.getAttribute(WLSMBeanServer.java:279)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5$1.run(JMXConnectorSubjectForwarder.java:326)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5.run(JMXConnectorSubjectForwarder.java:324)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.getAttribute(JMXConnectorSubjectForwarder.java:319)
  at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1403)
  at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
  at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1264)
  at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1366)

  This looks like online WLST.
  I don't believe this line is correct. cd('weblogic.security.providers.authentication.DefaultAuthenticator')
  When using online, perform a ls() to see what elements are available at each level. I believe there is a Realms and AuthenticationProviders layer between SecurityConfiguration and the default authenticator.

• UME Create user not  possible

  Portal 7.0 sp10 2004s
  ECC 6.0 sp 10  ERP 2005
  Portal is connected to ABAP backend for user authenticity,
  Data source configuration file is dataSourceConfiguration_abap.xml which should allow users created in the portal to be in the UME database only.
  Problem, When creating users on the Portal they are automatically being created with a datasource of ABAP and are created in the ECC abap backend.
  I have tried creating the users using the Visual Admin tool and it also created the users in the ECC abap backend
  I have in the past been able to create users in the UME only in fact I could not create Backend ABAP users from the POrtal
  Any help would be appreciated.
  Thanks
  sarah

  Haydn
  Thanks for your suggestion, I am still having problems
  I changed the SAPJSF user that communicates from the portal to the abap backend to read only. I got an error, it is still trying to create an ABAP backend user
  An error occurred in the persistence. The original message (possibly not translated) was: "BAPI_USER_CREATE1@RS2CLNT100: ID=01, NUMBER=491, MESSAGE=You are not authorized to create users in group". Contact your system administrator
  From the SAP Note 718383 it states the following:
  Supported changes to the data source configuration
  The allowed change options depend on the currently active data source configuration. You can determine the current data source configuration with the J2EE ConfigTool.
  In "cluster-data -> Global server configuration -> services -> com.sap.security.core.ume.service" check the property "ume.persistence.data_source_configuration".
  Depending on the data source configuration file you use, the following changes are possible:
  dataSourceConfiguration_abap.xml
  No change is possible.
  This configuration supports all usages (especially SAP Exchange Infrastructure and SAP Enterprise Portal) by making ABAP users and ABAP roles available as users and groups in the UME, and supports the creation of new groups in the UME (which are then stored in the local database) as well.
  Any other suggestions would be appreciated,
  Thanks
  Sarah