Sm59 SAPXPG_DBDEST_ sid failed
Hi expert:
I meet a problem that the DB13 database job can not excute successfully.Our central instance and DB installed on two seperate server.I have searched some subject about this,and found the rfc connection SAPXPG_DBDEST_<SID> is related ,but when I test the connection ,it show this error
Logon Connection Error
Error Details Error when opening an RFC connection
Error Details ERROR: timeout during allocate
Error Details LOCATION: SAP-Gateway on host chxsci / sapgw07
Error Details DETAIL: no connect of TP sapxpg from host prddbsvc after 20 sec
Error Details COMPONENT: SAP-Gateway
Error Details COUNTER: 190375
Error Details MODULE: gwr3cpic.c
Error Details LINE: 1973
Error Details RETURN CODE: 242
Error Details SUBRC: 0
Error Details RELEASE: 700
Error Details TIME: Tue Apr 28 17:26:45 2009
Error Details VERSION: 2
Could anyone can give me some help?
below is db job log
2009.04.25 19:00:03 Job started
2009.04.25 19:00:03 Step 001 started (program RSDBAJOB, variant &0000000000019, user ID YUANWEI)
2009.04.25 19:00:03 No application server found on database host - rsh/gateway will be used
2009.04.25 19:00:03 Execute logical command BRCONNECT On host prddbsvc
2009.04.25 19:00:03 Parameters: -u / -jid STATS20090321190000 -c -f stats -t ALL
2009.04.25 19:00:24 SXPG_COMMAND_EXECUTE failed for BRCONNECT - Reason: x_error
2009.04.25 19:00:24 Job cancelled after system exception ERROR_MESSAGE
Edited by: wei yuan on Apr 28, 2009 11:39 AM
If I connect to the DB server to use brtools to run the database job,it run well,but when I logon the CI server to use brtools,it failed like the message said
Edited by: wei yuan on Apr 28, 2009 11:43 AM
Hi Michael:
you said"In the db file put in the CI host name sidadm ie wsaptst03 rq1adm in the ci rhost file put in the opposite ci host name then sidadm."
You mean that's I have to add an entry to the file /home/<sid>adm/.rhosts as "CIhostname <sid>adm" on DB host?and do the same on CI?But I already tvied this,it couldn't resolve my issue.Below are the coversation in the message
Dear support:
Refer to Note 446172 ,34219 and 10403 ,I test the command on app
server
rsh prddbsvc -l dhpadm sapxpg
rshd: 0826-813 Permission is denied.
But I have modified the .rhosts file in the home directory of
<sid>adm,and it includ the * <sid>adm entry.
I can execute the rsh prddbsvc date,it can execute successfully.
So Could you give me some help?
Hi, Dear Customer
Thanks for your additional information. I checked with this issue with
our next level support again.
We want to know have you checked the permissions on the sapxpg program?
On the DB host, it must be executable for <sid>adm.
Best Regards
Cherry,Tian
SAP Global Support
Dear Cherry:
below is the auth of sapxpg on our DB server
pwd
/usr/sap/DHP/SYS/exe/run
ls -ltr sapxpg
-rwxr-xr-x 1 dhpadm sapsys 6411808 Apr 28 16:59 sapxpg
How can I test if the sapxpg can execute uuder <sid>adm?
Best Regards
Yuanwei
So this is what I meet now.I havn't get response till now
Could you pls give some more prompt to me?
Similar Messages
-
RFC SAPXPG_DBDEST_ SAPDBHOST fails
Hi,
In my system RFC SAPXPG_DBDEST_<SAPDBHOST> is getting failed. I have maintained all the entries correctly in sm59, still it is getting failed. When I checked dev_rd file I am getting error like "remshd: Account is disabled - see Account Administrator". Can any one tell me is this error related to my RFC fail?Dear Juan,
Thanks!!!
Here are the setting of RFC in SM59:-
Activation Type:
Start on Explicit host
Start On Explicit Host:
Program: sapxpg
Target Host: <Application Server>
Save to Datbase as:
IP: <IP of Database server>
Start Type of External Program:
Default Gateway Value
CPI-C Timeout:
Specify: 20 seconds
Gateway Options: Here I didn't give any value
Any clue please. . . . .
rgds -
SM59 test GFW_ITS_RFC_DEST fails on application servers
I can test my IGS connection on SM59 for GFW_ITS_RFC_DEST on the central instance and 1 of my application servers succesfully. But my other 2 applications server failed on the test. What can I check whats the issue and resolved it
Regards
Naziem MahomedHi,
for finding out the IGS patch level refer to SAP note <a href="http://service.sap.com/sap/support/notes/931900">931900</a>. Note <a href="http://service.sap.com/sap/support/notes/896400">896400</a> describes how to upgrade an IGS 7.x.
See also the <a href="http://help.sap.com/saphelp_nw70/helpdata/en/0b/79553b066d9414e10000000a114084/frameset.htm">IGS 7.00 Documentation</a>.
Regards
Matthias -
SChannel Fails Authentication on Windows Server 2008 R2 Using TLS1
I am trying to use SChannel to secure a socket connection. I modified the example at
https://msdn.microsoft.com/en-us/library/windows/desktop/aa380537(v=vs.85).aspx, converting it from Negotiate to SChannel. Following the specs for the SSPI APIs I was able the get a Client & Server connection authenticated on Windows 7.
However, when I try running the same programs on Windows Server 2008 R2, either the Client side or Server side fails, depending on how I select the security protocol.
Here is the modified example code, details about my results follow the code.
Client.cpp
// Client-side program to establish an SSPI socket connection
// with a server and exchange messages.
// Define macros and constants.
#include "StdAfx.h"
#include <windows.h>
#include <winsock.h>
#include <stdio.h>
#include <stdlib.h>
#include "SspiExample.h"
#include <string>
#include <iostream>
CredHandle g_hCred;
SecHandle g_hCtext;
#define SSPI_CLIENT "SChannelClient:" __FUNCTION__
void main(int argc, char * argv[])
SOCKET Client_Socket;
BYTE Data[BIG_BUFF];
PCHAR pMessage;
WSADATA wsaData;
SECURITY_STATUS ss;
DWORD cbRead;
ULONG cbHeader;
ULONG cbMaxMessage;
ULONG cbTrailer;
SecPkgContext_StreamSizes SecPkgSizes;
SecPkgContext_PackageInfo SecPkgPkgInfo;
SecPkgContext_ConnectionInfo ConnectionInfo;
BOOL DoAuthentication (SOCKET s, WCHAR * pCertName);
char Server[512] = {0};
WCHAR CertName[512] = {0};
// Validate cmd line parameters
if ( argc != 3 )
LOGA ( ( __log_buf, SSPI_CLIENT " required parameters ServerName & CertName not entered.\n"));
LOGA( ( __log_buf, SSPI_CLIENT " Abort and start over with required parameters.\n") );
std::cin.get();
else
// argv[1] - ServerName - the name of the computer running the server sample.
// argv[2] - TargetName the common name of the certificate provided
// by the target server program.
memcpy(Server, argv[1], strlen(argv[1]));
size_t sizCN;
mbstowcs_s(&sizCN, CertName, strlen(argv[2])+1, argv[2], _TRUNCATE);
LOGA ( ( __log_buf, SSPI_CLIENT " input parameters - ServerName %s CertName %ls.\n", Server, CertName ));
// Initialize the socket and the SSP security package.
if(WSAStartup (0x0101, &wsaData))
MyHandleError( __FUNCTION__ " Could not initialize winsock ");
// Connect to a server.
SecInvalidateHandle( &g_hCtext );
if (!ConnectAuthSocket (
&Client_Socket,
&g_hCred,
&g_hCtext,
Server,
CertName))
MyHandleError( __FUNCTION__ " Authenticated server connection ");
LOGA ( ( __log_buf, SSPI_CLIENT " connection authenticated.\n"));
// An authenticated session with a server has been established.
// Receive and manage a message from the server.
// First, find and display the name of the SSP,
// the transport protocol supported by the SSP,
// and the size of the header, maximum message, and
// trailer blocks for this SSP.
ss = QueryContextAttributes(
&g_hCtext,
SECPKG_ATTR_PACKAGE_INFO,
&SecPkgPkgInfo );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT "QueryContextAttributes failed: 0x%08x\n", ss));
MyHandleError( __FUNCTION__ " QueryContextAttributes failed.\n");
else
LOGA ( ( __log_buf, SSPI_CLIENT " Package Name: %ls\n", SecPkgPkgInfo.PackageInfo->Name));
// Free the allocated buffer.
FreeContextBuffer(SecPkgPkgInfo.PackageInfo);
ss = QueryContextAttributes(
&g_hCtext,
SECPKG_ATTR_STREAM_SIZES,
&SecPkgSizes );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " QueryContextAttributes failed: 0x%08x\n", ss));
MyHandleError( __FUNCTION__ " Query context ");
cbHeader = SecPkgSizes.cbHeader;
cbMaxMessage = SecPkgSizes.cbMaximumMessage;
cbTrailer = SecPkgSizes.cbTrailer;
LOGA ( ( __log_buf, SSPI_CLIENT " cbHeader %u, cbMaxMessage %u, cbTrailer %u\n", cbHeader, cbMaxMessage, cbTrailer ));
ss = QueryContextAttributes(
&g_hCtext,
SECPKG_ATTR_CONNECTION_INFO,
&ConnectionInfo );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " QueryContextAttributes failed: 0x%08x\n", ss));
MyHandleError( __FUNCTION__ " Query context ");
switch(ConnectionInfo.dwProtocol)
case SP_PROT_TLS1_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: TLS1\n"));
break;
case SP_PROT_SSL3_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: SSL3\n"));
break;
case SP_PROT_PCT1_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: PCT\n"));
break;
case SP_PROT_SSL2_CLIENT:
LOGA ( ( __log_buf, SSPI_CLIENT " Protocol: SSL2\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Protocol: 0x%x\n", ConnectionInfo.dwProtocol));
switch(ConnectionInfo.aiCipher)
case CALG_RC4:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: RC4\n");)
break;
case CALG_3DES:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: Triple DES\n"));
break;
case CALG_RC2:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: RC2\n"));
break;
case CALG_DES:
case CALG_CYLINK_MEK:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: DES\n"));
break;
case CALG_SKIPJACK:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: Skipjack\n"));
break;
case CALG_AES_256:
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher: AES 256\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Cipher: 0x%x\n", ConnectionInfo.aiCipher));
LOGA ( ( __log_buf, SSPI_CLIENT " Cipher strength: %d\n", ConnectionInfo.dwCipherStrength));
switch(ConnectionInfo.aiHash)
case CALG_MD5:
LOGA ( ( __log_buf, SSPI_CLIENT " Hash: MD5\n"));
break;
case CALG_SHA:
LOGA ( ( __log_buf, SSPI_CLIENT " Hash: SHA\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Hash: 0x%x\n", ConnectionInfo.aiHash));
LOGA ( ( __log_buf, SSPI_CLIENT " Hash strength: %d\n", ConnectionInfo.dwHashStrength));
switch(ConnectionInfo.aiExch)
case CALG_RSA_KEYX:
case CALG_RSA_SIGN:
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange: RSA\n"));
break;
case CALG_KEA_KEYX:
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange: KEA\n"));
break;
case CALG_DH_EPHEM:
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange: DH Ephemeral\n"));
break;
default:
LOGA ( ( __log_buf, SSPI_CLIENT " Unknown Key exchange: 0x%x\n", ConnectionInfo.aiExch));
LOGA ( ( __log_buf, SSPI_CLIENT " Key exchange strength: %d\n", ConnectionInfo.dwExchStrength));
// Decrypt and display the message from the server.
if (!ReceiveBytes(
Client_Socket,
Data,
BIG_BUFF,
&cbRead))
MyHandleError( __FUNCTION__ " No response from server\n");
if (0 == cbRead)
MyHandleError(__FUNCTION__ " Zero bytes received.\n");
pMessage = (PCHAR) DecryptThis(
Data,
&cbRead,
&g_hCtext);
// Skip the header to get the decrypted message
pMessage += cbHeader;
ULONG cbMessage = cbRead-cbHeader-cbTrailer;
if ((cbMessage == strlen(TEST_MSG)) &&
!strncmp(pMessage, TEST_MSG, strlen(TEST_MSG)) )
LOGA ( ( __log_buf, SSPI_CLIENT " SUCCESS!! The message from the server is \n -> %.*s \n",
cbMessage, pMessage ))
else
LOGA ( ( __log_buf, SSPI_CLIENT " UNEXPECTED message from the server: \n -> %.*s \n",
cbMessage, pMessage ));
LOGA ( ( __log_buf, SSPI_CLIENT " rcvd msg size %u, exp size %u\n", cbMessage, strlen(TEST_MSG) ));
// Terminate socket and security package.
DeleteSecurityContext (&g_hCtext);
FreeCredentialHandle (&g_hCred);
shutdown (Client_Socket, 2);
closesocket (Client_Socket);
if (SOCKET_ERROR == WSACleanup ())
MyHandleError( __FUNCTION__ " Problem with socket cleanup ");
exit (EXIT_SUCCESS);
} // end main
// ConnectAuthSocket establishes an authenticated socket connection
// with a server and initializes needed security package resources.
BOOL ConnectAuthSocket (
SOCKET *s,
CredHandle *g_hCred,
PSecHandle phCtext,
char * pServer,
WCHAR * pCertName)
unsigned long ulAddress;
struct hostent *pHost;
SOCKADDR_IN sin;
// Lookup the server's address.
LOGA ( ( __log_buf, SSPI_CLIENT " entry.\n"));
ulAddress = inet_addr (pServer);
if (INADDR_NONE == ulAddress)
LOGA ( ( __log_buf, SSPI_CLIENT " calling gethostbyname with %s.\n", pServer ));
pHost = gethostbyname (pServer);
if (NULL == pHost)
MyHandleError(__FUNCTION__ " Unable to resolve host name ");
memcpy((char FAR *)&ulAddress, pHost->h_addr, pHost->h_length);
std::string ipAddrStr;
ipAddrStr = inet_ntoa( *(struct in_addr*)*pHost->h_addr_list);
LOGA ( ( __log_buf, __FUNCTION__ " gethostbyname - ipAddress %s, name %s.\n", ipAddrStr.c_str(), pHost->h_name ) );
// Create the socket.
*s = socket (
PF_INET,
SOCK_STREAM,
0);
if (INVALID_SOCKET == *s)
MyHandleError(__FUNCTION__ " Unable to create socket");
else
LOGA ( ( __log_buf, SSPI_CLIENT " Socket created.\n"));
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = ulAddress;
sin.sin_port = htons (g_usPort);
// Connect to the server.
if (connect (*s, (LPSOCKADDR) &sin, sizeof (sin)))
closesocket (*s);
MyHandleError( __FUNCTION__ " Connect failed ");
LOGA ( ( __log_buf, SSPI_CLIENT " Connection established.\n"));
// Authenticate the connection.
if (!DoAuthentication (*s, pCertName))
closesocket (*s);
MyHandleError( __FUNCTION__ " Authentication ");
LOGA ( ( __log_buf, SSPI_CLIENT " success.\n"));
return(TRUE);
} // end ConnectAuthSocket
BOOL DoAuthentication (SOCKET s, WCHAR * pCertName)
BOOL fDone = FALSE;
DWORD cbOut = 0;
DWORD cbIn = 0;
PBYTE pInBuf;
PBYTE pOutBuf;
if(!(pInBuf = (PBYTE) malloc(MAXMESSAGE)))
MyHandleError( __FUNCTION__ " Memory allocation ");
if(!(pOutBuf = (PBYTE) malloc(MAXMESSAGE)))
MyHandleError( __FUNCTION__ " Memory allocation ");
cbOut = MAXMESSAGE;
LOGA ( ( __log_buf, SSPI_CLIENT " 1st message.\n"));
if (!GenClientContext (
NULL,
0,
pOutBuf,
&cbOut,
&fDone,
pCertName,
&g_hCred,
&g_hCtext
LOGA ( ( __log_buf, SSPI_CLIENT " GenClientContext failed\n"));
return(FALSE);
if (!SendMsg (s, pOutBuf, cbOut ))
MyHandleError(__FUNCTION__ " Send message failed ");
while (!fDone)
if (!ReceiveMsg (
s,
pInBuf,
MAXMESSAGE,
&cbIn))
MyHandleError( __FUNCTION__ " Receive message failed ");
cbOut = MAXMESSAGE;
LOGA ( ( __log_buf, SSPI_CLIENT " Message loop.\n"));
if (!GenClientContext (
pInBuf,
cbIn,
pOutBuf,
&cbOut,
&fDone,
pCertName,
&g_hCred,
&g_hCtext))
MyHandleError( __FUNCTION__ " GenClientContext failed");
if (!SendMsg (
s,
pOutBuf,
cbOut))
MyHandleError( __FUNCTION__ " Send message failed");
LOGA ( ( __log_buf, SSPI_CLIENT " fDone %s.\n", fDone ? "Yes" : "No" ));
if (NULL != pInBuf)
free(pInBuf);
pInBuf = NULL;
if (NULL != pOutBuf)
free(pOutBuf);
pOutBuf = NULL;
LOGA ( ( __log_buf, SSPI_CLIENT " exit.\n"));
return(TRUE);
BOOL GenClientContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
WCHAR *pCertName,
CredHandle *g_hCred,
struct _SecHandle *g_hCtext)
SECURITY_STATUS ss;
TimeStamp Lifetime;
SecBufferDesc OutBuffDesc;
SecBuffer OutSecBuff;
SecBufferDesc InBuffDesc;
SecBuffer InSecBuff[2];
ULONG ContextAttributes;
static TCHAR lpPackageName[1024];
if( NULL == pIn )
wcscpy_s(lpPackageName, 1024 * sizeof(TCHAR), UNISP_NAME );
ss = AcquireCredentialsHandle (
NULL,
lpPackageName,
SECPKG_CRED_OUTBOUND,
NULL,
NULL,
NULL,
NULL,
g_hCred,
&Lifetime);
if (!(SEC_SUCCESS (ss)))
MyHandleError( __FUNCTION__ " AcquireCreds failed ");
// Prepare the buffers.
OutBuffDesc.ulVersion = 0;
OutBuffDesc.cBuffers = 1;
OutBuffDesc.pBuffers = &OutSecBuff;
OutSecBuff.cbBuffer = *pcbOut;
OutSecBuff.BufferType = SECBUFFER_TOKEN;
OutSecBuff.pvBuffer = pOut;
// The input buffer is created only if a message has been received
// from the server.
if (pIn)
LOGA ( ( __log_buf, SSPI_CLIENT " Call InitializeSecurityContext with pIn supplied.\n"));
InBuffDesc.ulVersion = 0;
InBuffDesc.cBuffers = 1;
InBuffDesc.pBuffers = InSecBuff;
InSecBuff[0].cbBuffer = cbIn;
InSecBuff[0].BufferType = SECBUFFER_TOKEN;
InSecBuff[0].pvBuffer = pIn;
InSecBuff[1].pvBuffer = NULL;
InSecBuff[1].cbBuffer = 0;
InSecBuff[1].BufferType = SECBUFFER_EMPTY;
ss = InitializeSecurityContext (
g_hCred,
g_hCtext,
pCertName,
MessageAttribute,
0,
0,
&InBuffDesc,
0,
g_hCtext,
&OutBuffDesc,
&ContextAttributes,
&Lifetime);
else
LOGA ( ( __log_buf, SSPI_CLIENT " Call InitializeSecurityContext with NULL pIn.\n"));
ss = InitializeSecurityContext (
g_hCred,
NULL,
pCertName,
MessageAttribute,
0,
0,
NULL,
0,
g_hCtext,
&OutBuffDesc,
&ContextAttributes,
&Lifetime);
if (!SEC_SUCCESS (ss))
LOGA ( ( __log_buf, SSPI_CLIENT " InitializeSecurityContext failed with error 0x%08x\n", ss));
MyHandleError ( __FUNCTION__ " InitializeSecurityContext failed " );
LOGA ( ( __log_buf, SSPI_CLIENT " InitializeSecurityContext returned 0x%08x\n", ss));
// If necessary, complete the token.
if ((SEC_I_COMPLETE_NEEDED == ss)
|| (SEC_I_COMPLETE_AND_CONTINUE == ss))
ss = CompleteAuthToken (g_hCtext, &OutBuffDesc);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " complete failed: 0x%08x\n", ss));
return FALSE;
*pcbOut = OutSecBuff.cbBuffer;
*pfDone = !((SEC_I_CONTINUE_NEEDED == ss) ||
(SEC_I_COMPLETE_AND_CONTINUE == ss));
LOGA ( ( __log_buf, SSPI_CLIENT " Token buffer generated (%lu bytes):\n", OutSecBuff.cbBuffer));
PrintHexDump (OutSecBuff.cbBuffer, (PBYTE)OutSecBuff.pvBuffer);
return TRUE;
PBYTE DecryptThis(
PBYTE pBuffer,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt)
SECURITY_STATUS ss;
SecBufferDesc BuffDesc;
SecBuffer SecBuff[4];
ULONG ulQop = 0;
// By agreement, the server encrypted the message and set the size
// of the trailer block to be just what it needed. DecryptMessage
// needs the size of the trailer block.
// The size of the trailer is in the first DWORD of the
// message received.
LOGA ( ( __log_buf, SSPI_CLIENT " data before decryption including trailer (%lu bytes):\n",
*pcbMessage));
PrintHexDump (*pcbMessage, (PBYTE) pBuffer);
// Prepare the buffers to be passed to the DecryptMessage function.
BuffDesc.ulVersion = 0;
BuffDesc.cBuffers = 4;
BuffDesc.pBuffers = SecBuff;
SecBuff[0].cbBuffer = *pcbMessage;
SecBuff[0].BufferType = SECBUFFER_DATA;
SecBuff[0].pvBuffer = pBuffer;
SecBuff[1].cbBuffer = 0;
SecBuff[1].BufferType = SECBUFFER_EMPTY;
SecBuff[1].pvBuffer = NULL;
SecBuff[2].cbBuffer = 0;
SecBuff[2].BufferType = SECBUFFER_EMPTY;
SecBuff[2].pvBuffer = NULL;
SecBuff[3].cbBuffer = 0;
SecBuff[3].BufferType = SECBUFFER_EMPTY;
SecBuff[3].pvBuffer = NULL;
ss = DecryptMessage(
hCtxt,
&BuffDesc,
0,
&ulQop);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " DecryptMessage failed with error 0x%08x\n", ss))
else
LOGA ( ( __log_buf, SSPI_CLIENT " DecryptMessage success? Status: 0x%08x\n", ss));
// Return a pointer to the decrypted data. The trailer data
// is discarded.
return pBuffer;
PBYTE VerifyThis(
PBYTE pBuffer,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt,
ULONG cbMaxSignature)
SECURITY_STATUS ss;
SecBufferDesc BuffDesc;
SecBuffer SecBuff[2];
ULONG ulQop = 0;
PBYTE pSigBuffer;
PBYTE pDataBuffer;
// The global cbMaxSignature is the size of the signature
// in the message received.
LOGA ( ( __log_buf, SSPI_CLIENT " data before verifying (including signature):\n"));
PrintHexDump (*pcbMessage, pBuffer);
// By agreement with the server,
// the signature is at the beginning of the message received,
// and the data that was signed comes after the signature.
pSigBuffer = pBuffer;
pDataBuffer = pBuffer + cbMaxSignature;
// The size of the message is reset to the size of the data only.
*pcbMessage = *pcbMessage - (cbMaxSignature);
// Prepare the buffers to be passed to the signature verification
// function.
BuffDesc.ulVersion = 0;
BuffDesc.cBuffers = 2;
BuffDesc.pBuffers = SecBuff;
SecBuff[0].cbBuffer = cbMaxSignature;
SecBuff[0].BufferType = SECBUFFER_TOKEN;
SecBuff[0].pvBuffer = pSigBuffer;
SecBuff[1].cbBuffer = *pcbMessage;
SecBuff[1].BufferType = SECBUFFER_DATA;
SecBuff[1].pvBuffer = pDataBuffer;
ss = VerifySignature(
hCtxt,
&BuffDesc,
0,
&ulQop
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_CLIENT " VerifyMessage failed with error 0x%08x\n", ss));
else
LOGA ( ( __log_buf, SSPI_CLIENT " Message was properly signed.\n"));
return pDataBuffer;
} // end VerifyThis
void PrintHexDump(
DWORD length,
PBYTE buffer)
DWORD i,count,index;
CHAR rgbDigits[]="0123456789abcdef";
CHAR rgbLine[100];
char cbLine;
for(index = 0; length;
length -= count, buffer += count, index += count)
count = (length > 16) ? 16:length;
sprintf_s(rgbLine, 100, "%4.4x ",index);
cbLine = 6;
for(i=0;i<count;i++)
rgbLine[cbLine++] = rgbDigits[buffer[i] >> 4];
rgbLine[cbLine++] = rgbDigits[buffer[i] & 0x0f];
if(i == 7)
rgbLine[cbLine++] = ':';
else
rgbLine[cbLine++] = ' ';
for(; i < 16; i++)
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
for(i = 0; i < count; i++)
if(buffer[i] < 32 || buffer[i] > 126)
rgbLine[cbLine++] = '.';
else
rgbLine[cbLine++] = buffer[i];
rgbLine[cbLine++] = 0;
LOGA ( ( __log_buf, SSPI_CLIENT " %s\n", rgbLine));
BOOL SendMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
if (0 == cbBuf)
return(TRUE);
// Send the size of the message.
LOGA ( ( __log_buf, SSPI_CLIENT " %lu bytes\n", cbBuf ));
if (!SendBytes (s, (PBYTE)&cbBuf, sizeof (cbBuf)))
LOGA ( ( __log_buf, SSPI_CLIENT " size failed.\n" ) );
return(FALSE);
// Send the body of the message.
if (!SendBytes (
s,
pBuf,
cbBuf))
LOGA ( ( __log_buf, SSPI_CLIENT " body failed.\n" ) );
return(FALSE);
LOGA ( ( __log_buf, SSPI_CLIENT " success\n" ) );
return(TRUE);
BOOL ReceiveMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
DWORD cbRead;
DWORD cbData;
// Receive the number of bytes in the message.
LOGA ( ( __log_buf, SSPI_CLIENT " entry.\n" ));
if (!ReceiveBytes (
s,
(PBYTE)&cbData,
sizeof (cbData),
&cbRead))
return(FALSE);
if (sizeof (cbData) != cbRead)
LOGA ( ( __log_buf, SSPI_CLIENT " failed: size of cbData %lu, bytes %lu\n", sizeof (cbData), cbRead));
return(FALSE);
// Read the full message.
if (!ReceiveBytes (
s,
pBuf,
cbData,
&cbRead))
return(FALSE);
if (cbRead != cbData)
return(FALSE);
*pcbRead = cbRead;
return(TRUE);
} // end ReceiveMessage
BOOL SendBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
PBYTE pTemp = pBuf;
int cbSent;
int cbRemaining = cbBuf;
if (0 == cbBuf)
return(TRUE);
while (cbRemaining)
LOGA ( ( __log_buf, SSPI_CLIENT " %lu bytes.\n", cbRemaining ));
cbSent = send (
s,
(const char *)pTemp,
cbRemaining,
0);
if (SOCKET_ERROR == cbSent)
LOGA ( ( __log_buf, SSPI_CLIENT " send failed: 0x%08.8X\n", GetLastError ()));
return FALSE;
pTemp += cbSent;
cbRemaining -= cbSent;
LOGA ( ( __log_buf, SSPI_CLIENT " success\n" ) );
return TRUE;
BOOL ReceiveBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
PBYTE pTemp = pBuf;
int cbRead, cbRemaining = cbBuf;
LOGA ( ( __log_buf, SSPI_CLIENT " Entry: %lu bytes.\n", cbRemaining ));
while (cbRemaining)
cbRead = recv (
s,
(char *)pTemp,
cbRemaining,
0);
LOGA ( ( __log_buf, SSPI_CLIENT " %lu bytes remaining.\n", cbRemaining ));
if (0 == cbRead)
break;
if (SOCKET_ERROR == cbRead)
LOGA ( ( __log_buf, SSPI_CLIENT " recv failed: 0x%08.8X\n", GetLastError ()));
return FALSE;
cbRemaining -= cbRead;
pTemp += cbRead;
*pcbRead = cbBuf - cbRemaining;
LOGA ( ( __log_buf, SSPI_CLIENT " success.\n" ));
return TRUE;
} // end ReceiveBytes
void MyHandleError(char *s)
DWORD err = GetLastError();
if (err)
LOGA ( ( __log_buf, SSPI_CLIENT " %s error (0x%08.8X). Exiting.\n",s, err ))
else
LOGA ( ( __log_buf, SSPI_CLIENT " %s error (no error info). Exiting.\n",s ));
exit (EXIT_FAILURE);
Server.cpp
// This is a server-side SSPI Windows Sockets program.
#include "StdAfx.h"
#include <windows.h>
#include <winsock.h>
#include <stdio.h>
#include <stdlib.h>
#include "Sspiexample.h"
#include <iostream>
CredHandle g_hcred;
struct _SecHandle g_hctxt;
static PBYTE g_pInBuf = NULL;
static PBYTE g_pOutBuf = NULL;
static DWORD g_cbMaxMessage;
static TCHAR g_lpPackageName[1024];
BOOL AcceptAuthSocket (SOCKET *ServerSocket, std::string certThumb );
#define SSPI_SERVER "SChannelServer:" __FUNCTION__
void main (int argc, char * argv[])
CHAR pMessage[200];
DWORD cbMessage;
PBYTE pDataToClient = NULL;
DWORD cbDataToClient = 0;
PWCHAR pUserName = NULL;
DWORD cbUserName = 0;
SOCKET Server_Socket;
WSADATA wsaData;
SECURITY_STATUS ss;
PSecPkgInfo pkgInfo;
SecPkgContext_StreamSizes SecPkgSizes;
SecPkgContext_PackageInfo SecPkgPkgInfo;
ULONG cbMaxMessage;
ULONG cbHeader;
ULONG cbTrailer;
std::string certThumb;
// Create a certificate if no thumbprint is supplied. Otherwise, use the provided
// thumbprint to find the certificate.
if ( (argc > 1) && (strlen( argv[1]) > 0) )
certThumb.assign(argv[1]);
else
LOGA( ( __log_buf, SSPI_SERVER " : No certificate thumbprint supplied.\n") );
LOGA( ( __log_buf, SSPI_SERVER " : Press ENTER to create a certificate, or abort and start over with a thumbprint.\n") );
std::cin.get();
certThumb.clear();
Insert code to find or create X.509 certificate.
// Set the default package to SChannel.
wcscpy_s(g_lpPackageName, 1024 * sizeof(TCHAR), UNISP_NAME);
// Initialize the socket interface and the security package.
if( WSAStartup (0x0101, &wsaData))
LOGA ( ( __log_buf, SSPI_SERVER " Could not initialize winsock: \n") );
cleanup();
ss = QuerySecurityPackageInfo (
g_lpPackageName,
&pkgInfo);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " Could not query package info for %s, error 0x%08x\n",
g_lpPackageName, ss) );
cleanup();
g_cbMaxMessage = pkgInfo->cbMaxToken;
FreeContextBuffer(pkgInfo);
g_pInBuf = (PBYTE) malloc (g_cbMaxMessage);
g_pOutBuf = (PBYTE) malloc (g_cbMaxMessage);
if (NULL == g_pInBuf || NULL == g_pOutBuf)
LOGA ( ( __log_buf, SSPI_SERVER " Memory allocation error.\n"));
cleanup();
// Start looping for clients.
while(TRUE)
LOGA ( ( __log_buf, SSPI_SERVER " Waiting for client to connect...\n"));
// Make an authenticated connection with client.
if (!AcceptAuthSocket (&Server_Socket, certThumb ))
LOGA ( ( __log_buf, SSPI_SERVER " Could not authenticate the socket.\n"));
cleanup();
ss = QueryContextAttributes(
&g_hctxt,
SECPKG_ATTR_STREAM_SIZES,
&SecPkgSizes );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " failed: 0x%08x\n", ss));
exit(1);
// The following values are used for encryption and signing.
cbMaxMessage = SecPkgSizes.cbMaximumMessage;
cbHeader = SecPkgSizes.cbHeader;
cbTrailer = SecPkgSizes.cbTrailer;
LOGA ( ( __log_buf, SSPI_SERVER " cbHeader %u, cbMaxMessage %u, cbTrailer %u\n", cbHeader, cbMaxMessage, cbTrailer ));
ss = QueryContextAttributes(
&g_hctxt,
SECPKG_ATTR_PACKAGE_INFO,
&SecPkgPkgInfo );
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " failed: 0x%08x\n", ss));
exit(1);
else
LOGA ( ( __log_buf, SSPI_SERVER " Package Name: %ls\n", SecPkgPkgInfo.PackageInfo->Name));
// Free the allocated buffer.
FreeContextBuffer(SecPkgPkgInfo.PackageInfo);
// Send the client an encrypted message.
strcpy_s(pMessage, sizeof(pMessage),
TEST_MSG);
cbMessage = (DWORD)strlen(pMessage);
EncryptThis (
(PBYTE) pMessage,
cbMessage,
&pDataToClient,
&cbDataToClient,
cbHeader,
cbTrailer);
// Send the encrypted data to client.
if (!SendBytes(
Server_Socket,
pDataToClient,
cbDataToClient))
LOGA ( ( __log_buf, SSPI_SERVER " send message failed. \n"));
cleanup();
LOGA ( ( __log_buf, SSPI_SERVER " %d encrypted bytes sent. \n", cbDataToClient));
if (Server_Socket)
DeleteSecurityContext (&g_hctxt);
FreeCredentialHandle (&g_hcred);
shutdown (Server_Socket, 2) ;
closesocket (Server_Socket);
Server_Socket = 0;
if (pUserName)
free (pUserName);
pUserName = NULL;
cbUserName = 0;
if(pDataToClient)
free (pDataToClient);
pDataToClient = NULL;
cbDataToClient = 0;
} // end while loop
LOGA ( ( __log_buf, SSPI_SERVER " Server ran to completion without error.\n"));
cleanup();
} // end main
BOOL AcceptAuthSocket (SOCKET *ServerSocket, std::string certThumb )
SOCKET sockListen;
SOCKET sockClient;
SOCKADDR_IN sockIn;
// Create listening socket.
sockListen = socket (
PF_INET,
SOCK_STREAM,
0);
if (INVALID_SOCKET == sockListen)
LOGA ( ( __log_buf, SSPI_SERVER " Failed to create socket: %u\n", GetLastError ()));
return(FALSE);
// Bind to local port.
sockIn.sin_family = AF_INET;
sockIn.sin_addr.s_addr = 0;
sockIn.sin_port = htons(usPort);
if (SOCKET_ERROR == bind (
sockListen,
(LPSOCKADDR) &sockIn,
sizeof (sockIn)))
LOGA ( ( __log_buf, SSPI_SERVER " bind failed: %u\n", GetLastError ()));
return(FALSE);
// Listen for client.
if (SOCKET_ERROR == listen (sockListen, 1))
LOGA ( ( __log_buf, SSPI_SERVER " Listen failed: %u\n", GetLastError ()));
return(FALSE);
else
LOGA ( ( __log_buf, SSPI_SERVER " Listening ! \n"));
// Accept client.
sockClient = accept (
sockListen,
NULL,
NULL);
if (INVALID_SOCKET == sockClient)
LOGA ( ( __log_buf, SSPI_SERVER " accept failed: %u\n",GetLastError() ) );
return(FALSE);
closesocket (sockListen);
*ServerSocket = sockClient;
return(DoAuthentication (sockClient, certThumb ));
} // end AcceptAuthSocket
BOOL DoAuthentication (SOCKET AuthSocket, std::string certThumb )
SECURITY_STATUS ss;
DWORD cbIn, cbOut;
BOOL done = FALSE;
TimeStamp Lifetime;
BOOL fNewConversation;
fNewConversation = TRUE;
PCCERT_CONTEXT pCertCtxt;
Insert code to retrieve pCertCtxt
// Build SCHANNEL_CRED structure to hold CERT_CONTEXT for call to AcquireCredentialsHandle
SCHANNEL_CRED credSchannel = {0};
credSchannel.dwVersion = SCHANNEL_CRED_VERSION;
credSchannel.grbitEnabledProtocols = SP_PROT_SSL2_SERVER | SP_PROT_TLS1_SERVER;
credSchannel.cCreds = 1;
credSchannel.paCred = &pCertCtxt;
ss = AcquireCredentialsHandle (
NULL, //pszPrincipal
g_lpPackageName, //pszPackage
SECPKG_CRED_INBOUND, //fCredentialuse
NULL, //pvLogonID
&credSchannel, //pAuthData - need SCHANNEL_CRED structure that indicates the protocol to use and the settings for various customizable channel features.
NULL, //pGetKeyFn
NULL, //pvGetKeyArgument
&g_hcred, //phCredential
&Lifetime); //ptsExpiry
if (!SEC_SUCCESS (ss))
LOGA ( ( __log_buf, SSPI_SERVER " AcquireCreds failed: 0x%08x\n", ss));
return(FALSE);
while(!done)
if (!ReceiveMsg (
AuthSocket,
g_pInBuf,
g_cbMaxMessage,
&cbIn))
return(FALSE);
cbOut = g_cbMaxMessage;
if (!GenServerContext (
g_pInBuf,
cbIn,
g_pOutBuf,
&cbOut,
&done,
fNewConversation))
LOGA ( ( __log_buf, SSPI_SERVER " GenServerContext failed.\n"));
return(FALSE);
fNewConversation = FALSE;
if (!SendMsg (
AuthSocket,
g_pOutBuf,
cbOut))
LOGA ( ( __log_buf, SSPI_SERVER " Send message failed.\n"));
return(FALSE);
return(TRUE);
} // end DoAuthentication
BOOL GenServerContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
BOOL fNewConversation)
SECURITY_STATUS ss;
TimeStamp Lifetime;
SecBufferDesc OutBuffDesc;
SecBuffer OutSecBuff;
SecBufferDesc InBuffDesc;
SecBuffer InSecBuff;
ULONG Attribs = 0;
// Prepare output buffers.
OutBuffDesc.ulVersion = 0;
OutBuffDesc.cBuffers = 1;
OutBuffDesc.pBuffers = &OutSecBuff;
OutSecBuff.cbBuffer = *pcbOut;
OutSecBuff.BufferType = SECBUFFER_TOKEN;
OutSecBuff.pvBuffer = pOut;
// Prepare input buffers.
InBuffDesc.ulVersion = 0;
InBuffDesc.cBuffers = 1;
InBuffDesc.pBuffers = &InSecBuff;
InSecBuff.cbBuffer = cbIn;
InSecBuff.BufferType = SECBUFFER_TOKEN;
InSecBuff.pvBuffer = pIn;
LOGA ( ( __log_buf, SSPI_SERVER " Token buffer received (%lu bytes):\n", InSecBuff.cbBuffer));
PrintHexDump (InSecBuff.cbBuffer, (PBYTE)InSecBuff.pvBuffer);
ss = AcceptSecurityContext (
&g_hcred,
fNewConversation ? NULL : &g_hctxt,
&InBuffDesc,
Attribs,
SECURITY_NATIVE_DREP,
&g_hctxt,
&OutBuffDesc,
&Attribs,
&Lifetime);
if (!SEC_SUCCESS (ss))
LOGA ( ( __log_buf, SSPI_SERVER " AcceptSecurityContext failed: 0x%08x\n", ss));
OutputDebugStringA( "." );
return FALSE;
// Complete token if applicable.
if ((SEC_I_COMPLETE_NEEDED == ss)
|| (SEC_I_COMPLETE_AND_CONTINUE == ss))
ss = CompleteAuthToken (&g_hctxt, &OutBuffDesc);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " complete failed: 0x%08x\n", ss));
OutputDebugStringA( "." );
return FALSE;
*pcbOut = OutSecBuff.cbBuffer;
// fNewConversation equals FALSE.
LOGA ( ( __log_buf, SSPI_SERVER " Token buffer generated (%lu bytes):\n",
OutSecBuff.cbBuffer));
PrintHexDump (
OutSecBuff.cbBuffer,
(PBYTE)OutSecBuff.pvBuffer);
*pfDone = !((SEC_I_CONTINUE_NEEDED == ss)
|| (SEC_I_COMPLETE_AND_CONTINUE == ss));
LOGA ( ( __log_buf, SSPI_SERVER " AcceptSecurityContext result = 0x%08x\n", ss));
return TRUE;
} // end GenServerContext
BOOL EncryptThis (
PBYTE pMessage,
ULONG cbMessage,
BYTE ** ppOutput,
ULONG * pcbOutput,
ULONG cbHeader,
ULONG cbTrailer)
SECURITY_STATUS ss;
SecBufferDesc BuffDesc;
SecBuffer SecBuff[4];
ULONG ulQop = 0;
// The size of the trailer (signature + padding) block is
// determined from the global cbSecurityTrailer.
LOGA ( ( __log_buf, SSPI_SERVER " Data before encryption: %s\n", pMessage));
LOGA ( ( __log_buf, SSPI_SERVER " Length of data before encryption: %d \n",cbMessage));
// Prepare buffers.
BuffDesc.ulVersion = 0;
BuffDesc.cBuffers = 4;
BuffDesc.pBuffers = SecBuff;
PBYTE pHeader;
pHeader = (PBYTE) malloc (cbHeader);
SecBuff[0].cbBuffer = cbHeader;
SecBuff[0].BufferType = SECBUFFER_STREAM_HEADER;
SecBuff[0].pvBuffer = pHeader;
SecBuff[1].cbBuffer = cbMessage;
SecBuff[1].BufferType = SECBUFFER_DATA;
SecBuff[1].pvBuffer = pMessage;
PBYTE pTrailer;
pTrailer = (PBYTE) malloc (cbTrailer);
SecBuff[2].cbBuffer = cbTrailer;
SecBuff[2].BufferType = SECBUFFER_STREAM_TRAILER;
SecBuff[2].pvBuffer = pTrailer;
SecBuff[3].cbBuffer = 0;
SecBuff[3].BufferType = SECBUFFER_EMPTY;
SecBuff[3].pvBuffer = NULL;
ss = EncryptMessage(
&g_hctxt,
ulQop,
&BuffDesc,
0);
if (!SEC_SUCCESS(ss))
LOGA ( ( __log_buf, SSPI_SERVER " EncryptMessage failed: 0x%08x\n", ss));
return(FALSE);
else
LOGA ( ( __log_buf, SSPI_SERVER " The message has been encrypted. \n"));
// Allocate a buffer to hold the encrypted data constructed from the 3 buffers.
*pcbOutput = cbHeader + cbMessage + cbTrailer;
* ppOutput = (PBYTE) malloc (*pcbOutput);
memset (*ppOutput, 0, *pcbOutput);
memcpy (*ppOutput, pHeader, cbHeader);
memcpy (*ppOutput + cbHeader, pMessage, cbMessage);
memcpy (*ppOutput + cbHeader + cbMessage, pTrailer, cbTrailer);
LOGA ( ( __log_buf, SSPI_SERVER " data after encryption including trailer (%lu bytes):\n",
*pcbOutput));
PrintHexDump (*pcbOutput, *ppOutput);
return TRUE;
} // end EncryptThis
void PrintHexDump(DWORD length, PBYTE buffer)
DWORD i,count,index;
CHAR rgbDigits[]="0123456789abcdef";
CHAR rgbLine[100];
char cbLine;
for(index = 0; length;
length -= count, buffer += count, index += count)
count = (length > 16) ? 16:length;
sprintf_s(rgbLine, 100, "%4.4x ",index);
cbLine = 6;
for(i=0;i<count;i++)
rgbLine[cbLine++] = rgbDigits[buffer[i] >> 4];
rgbLine[cbLine++] = rgbDigits[buffer[i] & 0x0f];
if(i == 7)
rgbLine[cbLine++] = ':';
else
rgbLine[cbLine++] = ' ';
for(; i < 16; i++)
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
rgbLine[cbLine++] = ' ';
for(i = 0; i < count; i++)
if(buffer[i] < 32 || buffer[i] > 126)
rgbLine[cbLine++] = '.';
else
rgbLine[cbLine++] = buffer[i];
rgbLine[cbLine++] = 0;
LOGA ( ( __log_buf, SSPI_SERVER " %s\n", rgbLine));
} // end PrintHexDump
BOOL SendMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
if (0 == cbBuf)
return(TRUE);
// Send the size of the message.
if (!SendBytes (
s,
(PBYTE)&cbBuf,
sizeof (cbBuf)))
return(FALSE);
// Send the body of the message.
if (!SendBytes (
s,
pBuf,
cbBuf))
return(FALSE);
return(TRUE);
} // end SendMsg
BOOL ReceiveMsg (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
DWORD cbRead;
DWORD cbData;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
// Retrieve the number of bytes in the message.
if (!ReceiveBytes (
s,
(PBYTE)&cbData,
sizeof (cbData),
&cbRead))
LOGA ( ( __log_buf, SSPI_SERVER " ReceiveBytes failed retrieving byte count.\n", cbBuf ));
return(FALSE);
if (sizeof (cbData) != cbRead)
LOGA ( ( __log_buf, SSPI_SERVER " Error: buffer size (%lu) differs from reported size (%lu)\n", sizeof(cbData), cbRead ));
return(FALSE);
// Read the full message.
if (!ReceiveBytes (
s,
pBuf,
cbData,
&cbRead))
LOGA ( ( __log_buf, SSPI_SERVER " ReceiveBytes failed.\n", cbBuf ));
return(FALSE);
if (cbRead != cbData)
LOGA ( ( __log_buf, SSPI_SERVER " Error: buffer bytes (%lu) differs from reported bytes (%lu)\n", cbData, cbRead ));
return(FALSE);
*pcbRead = cbRead;
return(TRUE);
} // end ReceiveMsg
BOOL SendBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf)
PBYTE pTemp = pBuf;
int cbSent, cbRemaining = cbBuf;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
if (0 == cbBuf)
return(TRUE);
while (cbRemaining)
cbSent = send (
s,
(const char *)pTemp,
cbRemaining,
0);
if (SOCKET_ERROR == cbSent)
LOGA ( ( __log_buf, SSPI_SERVER " send failed: %u\n", GetLastError ()));
return FALSE;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes sent\n", cbSent ));
pTemp += cbSent;
cbRemaining -= cbSent;
return TRUE;
} // end SendBytes
BOOL ReceiveBytes (
SOCKET s,
PBYTE pBuf,
DWORD cbBuf,
DWORD *pcbRead)
PBYTE pTemp = pBuf;
int cbRead, cbRemaining = cbBuf;
LOGA ( ( __log_buf, SSPI_SERVER " %lu bytes\n", cbBuf ));
while (cbRemaining)
cbRead = recv (
s,
(char *)pTemp,
cbRemaining,
0);
if (0 == cbRead)
break;
if (SOCKET_ERROR == cbRead)
LOGA ( ( __log_buf, SSPI_SERVER " recv failed: %u\n", GetLastError () ) );
return FALSE;
cbRemaining -= cbRead;
pTemp += cbRead;
*pcbRead = cbBuf - cbRemaining;
return TRUE;
} // end ReceivesBytes
void cleanup()
if (g_pInBuf)
free (g_pInBuf);
g_pInBuf = NULL;
if (g_pOutBuf)
free (g_pOutBuf);
g_pOutBuf = NULL;
WSACleanup ();
exit(0);
SspiExample.h
// SspiExample.h
#include <schnlsp.h>
#include <sspi.h>
#include <windows.h>
#include <string>
BOOL SendMsg (SOCKET s, PBYTE pBuf, DWORD cbBuf);
BOOL ReceiveMsg (SOCKET s, PBYTE pBuf, DWORD cbBuf, DWORD *pcbRead);
BOOL SendBytes (SOCKET s, PBYTE pBuf, DWORD cbBuf);
BOOL ReceiveBytes (SOCKET s, PBYTE pBuf, DWORD cbBuf, DWORD *pcbRead);
void cleanup();
BOOL GenClientContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
WCHAR *pCertName,
CredHandle *hCred,
PSecHandle phCtext
BOOL GenServerContext (
BYTE *pIn,
DWORD cbIn,
BYTE *pOut,
DWORD *pcbOut,
BOOL *pfDone,
BOOL fNewCredential
BOOL EncryptThis (
PBYTE pMessage,
ULONG cbMessage,
BYTE ** ppOutput,
LPDWORD pcbOutput,
ULONG cbHeader,
ULONG cbTrailer
PBYTE DecryptThis(
PBYTE achData,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt
BOOL
SignThis (
PBYTE pMessage,
ULONG cbMessage,
BYTE ** ppOutput,
LPDWORD pcbOutput
PBYTE VerifyThis(
PBYTE pBuffer,
LPDWORD pcbMessage,
struct _SecHandle *hCtxt,
ULONG cbMaxSignature
void PrintHexDump(DWORD length, PBYTE buffer);
BOOL ConnectAuthSocket (
SOCKET *s,
CredHandle *hCred,
PSecHandle phCtext,
char * pServer,
WCHAR * pCertName
BOOL CloseAuthSocket (SOCKET s);
BOOL DoAuthentication (SOCKET s, WCHAR * pCertName );
BOOL DoAuthentication (SOCKET s, std::string certThumb );
void MyHandleError(char *s);
#define DBG_SIZE 1024
int OutputDebug( char buff[DBG_SIZE] )
int retval;
char debugstring[DBG_SIZE+32];
retval = _snprintf_s( debugstring, DBG_SIZE+32, _TRUNCATE, " %s", buff );
OutputDebugStringA( debugstring );
return retval;
int DbgBufCopy( char *buff, const char *format, ...)
int iLen;
va_list args;
/// Call va_start to start the variable list
va_start(args, format);
/// Call _vsnprintf_s to copy debug information to the buffer
iLen = _vsnprintf_s(buff, DBG_SIZE, _TRUNCATE, format, args);
/// Call va_end to end the variable list
va_end(args);
return iLen;
#define LOGA(_format_and_args_)\
{ char __log_buf[DBG_SIZE];\
DbgBufCopy _format_and_args_;\
printf("%s", __log_buf );\
OutputDebug(__log_buf);\
#define TEST_MSG "This is your server speaking"
My initial attempt built an SCHANNEL_CRED structure following the documentation to set
grbitEnabledProtocols to 0, and let SChannel select the protocol. This worked on Windows 7, selecting TLS1. When I ran the same exe-s on 2008 R2, the Client program failed, with InitializeSecurityContext returning SEC_E_DECRYPT_FAILURE.
The failure occurred on the 2nd call, using phNewContext returned on the first call.
My next attempt set grbitEnabledProtocols to SP_PROT_TLS1_SERVER. This also worked on Win 7, but 2008R2 failed again, this time on the Server side. AcceptSecurityContext failed, returning SEC_E_ALGORITHM_MISMATCH.
TLS is a requirement for my project, but to try getting the sample to run, I next set grbitEnabledProtocols to SP_PROT_SSL2_SERVER. This did work for 2008R2, selecting SSL2, but now the Server failed on Win7 with AcceptSecurityContext returning
SEC_E_ALGORITHM_MISMATCH.
My final try was to set grbitEnabledProtocols to SP_PROT_TLS1_SERVER | SP_PROT_SSL2_SERVER, but that failed identically to the first case, with the Client on 2008R2 returning SEC_E_DECRYPT_FAILURE.
So my question is - What is required to get SChannel to select TLS regardless of the Windows version on which the programs are running?Thank you for the reference. That did provide the information I needed to get TLS working. However, the documentation is not accurate with regard to setting the registry keys and values.
The tables all show DisabledByDefault as a subkey under the protocol. They also describe a DWORD value, Enabled, as the mechanism to enable/disable a protocol.
What I found is DisabledByDefault is a DWORD value under Client/Server and it appears to be the determining factor to whether a protocol is enabled/disabled.
The only way I was able to get TLS 1.1 working is with the following path present:
HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client
Under Client, I must have DisabledByDefault set to 0. With that, the Enabled value does not need to be present.
This held true for any level of TLS.
I also found the setting of grbitEnabledProtocols in the SCHANNEL_CRED structure to be misleading. From the description at
https://msdn.microsoft.com/en-us/library/windows/desktop/aa379810(v=vs.85).aspx, I thought my Server program could set this field to 0, and SChannel would select the protocol as directed by the registry. What I found is that the structure flag must
agree with the registry setting for TLS to work. That is with the resgistry key above for TLS 1.1, I must set grbitEnabledProtocols to SP_PROT_TLS1_1.
Can you confirm the relationship between the SCHANNEL_CRED contents and registry state? -
RFC Connection GFW_ITS_RFC_DEST connection test failed
I can test my IGS connection on SM59 for GFW_ITS_RFC_DEST on the central instance and 1 of my application servers succesfully. But my other 2 applications server failed on the test. What can I check whats the issue and resolved it
Regards
Naziem MahomedHi,
we should focus on Re: SM59 test GFW_ITS_RFC_DEST fails on application servers and discuss the issue only once.
Regards
Matthias -
TREX creation process fails - directory name is invalid
Hello All,
I've installed a TREX instance to be linked up to two SRM instances (SRD and SRT). I had done this successfully on a prior server, but recently we got a new
server to run TREX on.
When I reinstalled TREX on the new server, I have
success having SRD connect to TREX via SM59, but SRT fails because the program isn't getting registered.
While looking into the details, I find this error message in the traces:
[00344] 2007-04-16 14:05:25.519 i Daemon TrexDaemon.cpp(03508) :
start 'TREXRfcServer.exe -r -host=usalsapt -instance=sapgw52
-service=TREXRfcServer_13' failed
[00344] 2007-04-16 14:05:25.519 e Daemon TrexDaemon.cpp(02951) :
creation of process '"TREXRfcServer.exe" -r -host=usalsapt
-instance=sapgw52 -service=TREXRfcServer_13' failed: The directory name
is invalid.
Has anyone experienced something similar before? Or have an idea as to which directory the error message references? Thank you
~TJHi TJ,
did you check in SM59 if the RFC destination is of type "regestration" and has case-sensitive correct the name in there ?
Do you see a different error when SRT is down ?
I guess, you checked to ping usalsapt from the TREX box already ? The instance number is 52 as well ?
Regards
Volker Gueldenpfennig, consolut.gmbh
http://www.consolut.de - http://www.4soi.de - http://www.easymarketplace.de -
Hi,
Recently i just changed db2<sid> password in AIX using passwd command and also i changed the password in r/3 (tcode dbacockpit under database connection)
After that i looked at the etc/security/failedlogin file and i saw a lot of db2<sid> entries.
Can anyone enlighten me which part i have missed out or done wrongly?
Thanks a millionHi,
Changing the db2<sid> password will not require the
update of other users or any other change to reflect the changed
password. which would be needed if you change the passwords of
<sid>adm and sap<sid> (these would need to be updated via dscdb6up)
But if you change the db2<sid> password
it will not affect the running of the SAP instance as SAP
does not use this user to connect.
Do you see alot of entries in the db2diag.log of
Password validation for user db2<sid> failed with rc = -2146500507
validation for user db2<sid> failed with rc = -2146500507 in the
db2diag.log file means that the "Password does not belong with
specified user id" after DB2 SERVER password was changed for instance
owner.
It will not harm the system but some user or script is still using the
old password to connect and it generating this entry. It would be very difficult
to track down exactly what is tyring to connect as it is not an SAP application.
regards,
Paul -
Hi ,
i am installing content server & cache server on my machine.
while installing i am getting the following error:
"SAP DB installation failed"
i had uninstalled once, and renamed the SAP DB to run the installtion only to find the above mentioned error.
what could be the problem?
Any inputs would be highly appreciated.
Thanks,
Ravihi sunil,
I m also facing the same problem, i m installing SAP content server in a Windows XP machine with 1 GB RAM and Enough HD space.
While installtion it give me SAP DB installation (SID) Failed.
Kindly suggest ASAP -
BR bakup failes with usrname/password error.
Hello SAP experts,
I am facing a below issue while running a DB backup using BRBACKUP tool.
======================================================================================
BR051I BRBACKUP 6.20 (136)
BR055I Start of database backup: bedrfxej.anf 2010-07-15 17.36.05
BR280I Time stamp 2010-07-15 17.36.06
BR301E SQL error -1017 at location BrDbConnect-2
ORA-01017: invalid username/password; logon denied
BR310E Connect to database instance <SID> failed
BR280I Time stamp 2010-07-15 17.36.06
BR301E SQL error -1017 at location BrDbConnect-2
ORA-01017: invalid username/password; logon denied
BR310E Connect to database instance<SID> failed
BR056I End of database backup: bedrfxej.anf 2010-07-15 17.36.06
BR280I Time stamp 2010-07-15 17.36.06
BR054I BRBACKUP terminated with errors
======================================================================================
I have checked that when i change the password of the oracle user SYSTEM to differnet one it fails and when it is manger( default oracle password) it works.
so can you please let me know how to go ahead as i need to change the password of the oracle users as per the Business Password standards.
Thanks and regards,
Ramkrishna
R3trans is working fine with the new password and SAP is also running fine.Hi Ramakrishna,
Could you please check the permissions of the below files in kernel i.e. /sapmnt/SID/exe directory.
-rwxrwxr-x 1 ora<SID> sapsys Date 12:01 brarchive
-rwsrwxr-x 1 ora<SID> sapsys Date 12:06 brbackup
-rwsrwxr-x 1 ora<SID> sapsys Date 12:06 brconnect
-rwxrwxr-x 1 <SID>adm sapsys Date 12:07 brrecover
-rwxrwxr-x 1 <SID>adm sapsys Date 12:07 brrestore
-rwxrwxr-x 1 ora<SID> sapsys Date 12:06 brspace
-rwsrwxr-x 1 ora<SID> sapsys Date 12:06 brtools
Also check whether your <SID>adm and ora<SID> are part of dba group. You can find this in /etc/security/group.
Please try running the same with BRtools and check if you are able to do the same. I guess this should fix the issue.
Thanks,
Nick -
Can anyone please explain the concept of SID error with a simple example.
Because a load failed with 100 SID errors all like NO SID found for Value 231A for ZBUC , NO SID found for Value 555A for ZBUC n so on.
Master data for ZBUC is loaded active n updated.
Does this mean that there is enough master data to support transactio data.
I dont understand this concept of SID failing even after reading please explain .Hi Manish,
In the case you specified, the system is trying to verify the Transaction data loaded with the master data available using SID. When it does not find the relevant masterdata (i.e SID) it shows you the above error.
In your example, ZBUC infoobject may not have the value 231A. So you have to go to that infoobject-> maintain masterdata-> and verify by giving 231A in what ever filed it specified in the error message.
If it doesnot show any record, you have to either manually load the data into it and upon receiving the data you can reload the Transaction data.
If you think you can ignore those records, you can uncheck the masterdata verification checkbox as suggested in the above reply.
Assign points if helpful.
Pavan -
Hi All,
Jobs in db13 are failing with below error.
04.08.2010 05:00:46 Job started
04.08.2010 05:00:47 Step 001 started (program RSDBAJOB, variant &0000000000059, user ID xxxxx)
04.08.2010 05:00:47 Execute logical command BRCONNECT On host dbSID
04.08.2010 05:00:47 Parameters: -u / -jid STATS20100609000000 -c -f stats -t ALL
04.08.2010 05:01:27 External communication error at program start (see system log)
04.08.2010 05:01:27 SAPXPG_START_XPG_LONG: sy-subrc ne 0
04.08.2010 05:01:27 destination = SAPXPG_DBDEST_DBSID
04.08.2010 05:01:28 SXPG_STEP_XPG_START: execute_sapxpg: rc = 1.003
04.08.2010 05:01:28 SXPG_STEP_COMMAND_START: SXPG_STEP_XPG_START returned: 1.003
04.08.2010 05:01:28 SXPG_COMMAND_EXECUTE(LONG)
04.08.2010 05:01:28 COMMANDNAME = BRCONNECT
04.08.2010 05:01:28 OPERATINGSYSTEM = ANYOS
04.08.2010 05:01:28 TARGETSYSTEM = dbSID
04.08.2010 05:01:28 DESTINATION = SAPXPG_DBDEST_DBSID
04.08.2010 05:01:28 SXPG_COMMAND_EXECUTE failed for BRCONNECT - Reason: program_start_error: For More Information, See SYS
04.08.2010 05:01:28 Job cancelled after system exception ERROR_MESSAGE
And SAPXPG_DBDEST_DBSID rtc connection failed with timeout error.
Logon Connection Error
Error Details Error when opening an RFC connection
Error Details ERROR: timeout during allocate
Error Details LOCATION: SAP-Gateway on host ciSID.ncsbe.eu.jnj.com / sapgw52
Error Details DETAIL: no connect of TP sapxpg from host dbSID.ncsbe.eu.jnj.com after 20 sec
Error Details COMPONENT: SAP-Gateway
Error Details COUNTER: 98
Error Details MODULE: gwr3cpic.c
Error Details LINE: 2030
Error Details RETURN CODE: 242
Error Details SUBRC: 0
Error Details RELEASE: 701
Error Details TIME: Wed Aug 4 13:41:27 2010
Error Details VERSION: 2
System log is showing " Error1005 when executing external command brtools on SAPXPG_DBDEST_DBSID (in=R,out=M,err=M,trc=0,trm=C. strtstat=,xpgid=0,convid=. msg :Error when openi)".
When i check detail logs also it is throwing error " SXPG_COMMAND_EXECUTE failed for BRCONNECT - Reason: program_start_error: For More Information, See SYS ".
DB and CI are on different hosts.
SAP : SAP EHP 1 for SAP NetWeaver 7.0
DB : Oracle 10.2.0.4.0
OS : HP-UX
Gateway is running, I see gateway profiles exist at OS level in /usr/sap/SID/SYS/profile.
But gateway profiles haven't been created in RZ10.
Is this causing the issue. Can you please help me out here.
Thanks in advance.
Edited by: SAP Basis on Aug 4, 2010 7:59 AMError Details Error when opening an RFC connection
Error Details ERROR: timeout during allocate
Error Details LOCATION: SAP-Gateway on host ciSID.ncsbe.eu.jnj.com / sapgw52
It's using RFC to connect so check SM59 -> TCP/IP Connections -> SAPXPG_DBDEST_<SID>
Make sure the Technical Settings are correct and you can do a successful "Connection Test".
Nelis -
Test call of transport control program (tp) ended with return code 0232
Hi Gurus,
while releasing a request am facing this fallowing error :
Calling the transport control program tp
"tp EXPCHK SIDK901840 pf=
HOSTNAME\sapmnt\trans\bin\TP_DOMAIN_SID.PFL -Dtransdir=\"
which checks the export requirements, returned the following information:
Return code from tp: 0232
Error text from tp: ERROR: Connect to TI6 failed (20110131145153, prob..
and i have checked the all requirements transport..all are fulfilled..
Can any body tell me the solution.
Regards,
Kittu.Hi Juan,
Thanks for your reply. I cant see tp import log because Request itself is not yet released and in tp system log it says that
ERROR: Connect to SID failed (20110131102838, probably wrong environment).and the value of DIR_TRANS is
HOSTNAME\sapmnt\trans.
Please suggest me what to do to solve this issue.
Regards,
Kittu. -
STARTSAP_NBAS - status NO SYSTEM START
Hi all,
I'm upgrading R/3 4.7 to ERP 6.0 SR3 NUC; Windows 2008 + SQL Server 2008. I'm in weekend downtime. In phase status STARTSAP_NBAS I have the error:
UPGRADEPHASE STARTSAP_NBAS
...started at 20140222060031
# Reading Parameter File "D:\usr\sap\put\bin\ALPALL.LST" at 20140222060031
..finished at 20140222060636 with status NO SYSTEM START.
...begin dialogue at 20140222060636
tp.ECO log:
SAPup> Starting subprocess tp.exe with id 5024 at 20140222061006
EXECUTING D:\usr\sap\<SID>\SYS\exe\run\tp.exe pf=D:\usr\sap\put\bin\SHADOW.TPP unlocksys <SID>
Environment: dbms_type=mss
Environment: dbs_mss_schema=<sid>
initial value of NLS_LANG: '<NULL>'
This is D:\usr\sap\<SID>\SYS\exe\run\tp.exe version 372.05.88 (release 700)
Warning: Parameter INTERRUPT is no longer used.
Warning: Parameter DAYLIGHT_SHUTDOWN is no longer used.
Warning: Parameter WITH_TACOB is no longer used.
Warning: Parameter IMPDP_BY_EVENT is no longer used.
Warning: Parameter INTERRUPT is no longer used.
Warning: Parameter DAYLIGHT_SHUTDOWN is no longer used.
Warning: Parameter WITH_TACOB is no longer used.
Warning: Parameter IMPDP_BY_EVENT is no longer used.
TRACE-INFO: 1: [ dev trc,00000] Sat Feb 22 06:10:08 2014 2182 0.002182
TRACE-INFO: 2: [ dev trc,00000] DlLoadLib success: LoadLibrary("dbmssslib.dll"), hdl 0, addr 0000000187740000
TRACE-INFO: 3: 10 0.002192
TRACE-INFO: 4: [ dev trc,00000] using "D:\usr\sap\<SID>\SYS\exe\run\dbmssslib.dll" 9 0.002201
TRACE-INFO: 5: [ dev trc,00000] Thread ID:5516 1590 0.003791
TRACE-INFO: 6: [ dev trc,00000] Thank You for using the SLODBC-interface 11 0.003802
TRACE-INFO: 7: [ dev trc,00000] Using dynamic link library 'D:\usr\sap\<SID>\SYS\exe\run\dbmssslib.dll' 19 0.003821
TRACE-INFO: 8: [ dev trc,00000] dbmssslib.dll patch info 40 0.003861
TRACE-INFO: 9: [ dev trc,00000] SAP patchlevel 0 9 0.003870
TRACE-INFO: 10: [ dev trc,00000] SAP patchno 353 8 0.003878
TRACE-INFO: 11: [ dev trc,00000] Last MSSQL DBSL patchlevel 0 11 0.003889
TRACE-INFO: 12: [ dev trc,00000] Last MSSQL DBSL patchno 350 9 0.003898
TRACE-INFO: 13: [ dev trc,00000] Last MSSQL DBSL patchcomment Work process can not be cancelled (1740162) 12 0.003910
TRACE-INFO: 14: [ dev trc,00000] lpc:(local) connection used on SAP<SID> 534 0.004444
TRACE-INFO: 15: [ dev trc,00000] ERROR: -1 in function ExecuteAndFlush (SQLExecDirect) [line 5520] 78212 0.082656
TRACE-INFO: 16: [ dev trc,00000] (15157) [42000] [Microsoft][SQL Server Native Client 10.0][SQL Server]Setuser failed because of one of the following reasons: the database principal '<sid>_shd' does not exist, its corresponding server principal does not have server access, this type of database principal cannot be impersonated, or you do not have permission.
TRACE-INFO: 17: 29 0.082685
TRACE-INFO: 18: [ dev trc,00000] <if user_name() != '<sid>_shd' setuser '<sid>_shd'> failed -- connect terminated 32 0.082717
TRACE-INFO: 19: [ dblink ,00433] ***LOG BY2=>sql error 15157 performing CON [dblink#8 @ 433] 57 0.082774
TRACE-INFO: 20: [ dblink ,00433] ***LOG BY0=>Setuser failed because of one of the following reasons: the database principal '<sid>_shd' does not exist, its corresponding server principal does not have server access, this type of database principal cannot be impersonated, or you do not have permission. [dblink#8 @ 433]
TRACE-INFO: 21: 23 0.082797
tp returncode summary:
TOOLS: Highest return code of single steps was: 0
ERRORS: Highest tp internal error was: 0232
tp finished with return code: 232
meaning:
connect failed
sapparam: sapargv( argc, argv) has not been called.
sapparam(1c): No Profile used.
sapparam: SAPSYSTEMNAME neither in Profile nor in Commandline
ERROR: Connect to <SID> failed (20140222061008, probably wrong environment).
Process with ID 1756 terminated with status 232
<SID>Adm User has this environment variables:
dbms/type = mss
dbs/mss/server = <HOST>
dbs/mss/dbname = <SID>
dbs/mss/schema = <sid>
I check the following SAP Notes:
- 128126 - Database connect for external tools
- 525677 - Problems when starting shadow instance
- 592514 - MSSQL: internal database users, permissions and security
- 1294762 - SCHEMA4SAP.VBS
- 1727986 - Upgrade Phase MAIN_NEWBAS/STARTSAP_NBAS: Error Starting SAP
- 1910759 - Start of Shadow Instance Failed during upgrade
but any of them, help me to fix the stopper.
Can anybody give me any idea, please?Hi Javier,
Have you tried by executing script mssupgsps.sql ,which you can find under D:\usr\sap\put\bin.This script will create stored procedure sap_upg_getrelease.
After execution provide grant with following
add setuser '<sid>'
grant all on sap_upg_getrelease to <sid>_shd
Hope this will help you.
Regards,
Gaurav -
Mac Pro 2.66 ghz Quad Xeon Freezing when I use any software
Can Anyone Help me, I have a serious freezing issue with My Mac Pro, Everytime I use any software it just Freezes on my ie IDVD, I tried Instaling a new OS System, and repalaced a new Hardrive but with no joy, I'm Guessing its the graphic card now but I dont want to waste anymore money until I'm sure.
ATI Radeon X1900 XT 512 SDRAM used to give me dual screen display until the right side failed so now I'm only using one screen, also everytime I'm displaying a video their are thin random lines and a bit of screen display distortions before it eventually freezes on me.
Please HelpMac Pro 1,1 (all Mac Pro models come with Xeon).
What matters is cleaning the X1900 of dust and from clogging intake and exhaust - every three months.
Run Apple Hardware Test from your OEM DVD.
Install SmcFanControl 2.x and keep the fans rpm to 800-900 instead of 499-599 base as minimum at least.
Monitor temperatures with Hardware Monitor or similar.
Have you been looking to see in System Profile: Memory if there are any errors?
Normally, clone backup update weekly and running Disk Warrior at the same time should be done to spot disk directory and file system problems before they get worse. Or any time your system freezes.
Freeze... and what you have 90% of the time is a corrupt directory and other errors.
At which time you may need to restore if you can't fix the problem. And don't rely on only Apple DU First Aid to find and repairs any and all errors.
For Snow Leopard maybe a flashed ATI 4870 to replace the X1900.
You may need to start over from scratch to get things stable once you find what is happening, and work with a test system until then with some trial and error. Format/initialize and clean install of 10.6.x for the OEM 10.4.7+.
At nearly 4 yrs now since it came out, not sure if you have plans for a new one. -
DBA COCKPIT error when scheduling a job
hi experts
Iam trying to schedule some jobs in DB13 when i try to add the action i get this error:
DBA Cockpit Error
Acces to system SID failed
Function Unit DB6_PLAN_DD_BATCH
Reason job error
iam able to run these jobs externally directly from DBM.
I have checked some notes 1072066,1057855,927642 and they are all refering to MS SQL Server as the database.Iam running ERP6 on Maxdb 7.6
Any help appreciatedhi
> dbmcli inst_enum
OK
7.6.00.35 /sapdb/BT1/db
dbmcli db_enum
OK
BT1 /sapdb/BT1/db 7.6.00.35 fast running
BT1 /sapdb/BT1/db 7.6.00.35 quick offline
BT1 /sapdb/BT1/db 7.6.00.35 slow offline
BT1 /sapdb/BT1/db 7.6.00.35 test offline
xinstinfo BT1-MAXDB
IndepData : /sapdb/data
IndepPrograms : /sapdb/programs
Installationpath of serverdb <BT1-MAXDB> not found!
ERR 20010 RTE Could not open file /sapdb/data/config/BT1-MAXDB for read, rc = 2
sdbregview -l
DB Analyzer /sapdb/programs 7.6.00.35 32 bit valid
Server Utilities /sapdb/programs 7.6.00.35 32 bit valid
PCR 7300 /sapdb/programs 7.3.00.55 valid
PCR 7301 /sapdb/programs 7.3.01.18 valid
PCR 7500 /sapdb/programs 7.5.00.37 32 bit valid
SAP Utilities /sapdb/programs 7.6.00.35 32 bit valid
Base /sapdb/programs 7.6.00.35 32 bit valid
Redist Python /sapdb/programs 7.6.00.35 32 bit valid
JDBC /sapdb/programs 7.6.00.30 valid
Messages /sapdb/programs MSG 0.3951 valid
ODBC /sapdb/programs 7.6.00.35 32 bit valid
Database Kernel /sapdb/BT1/db 7.6.00.35 32 bit valid
Loader /sapdb/programs 7.6.00.35 32 bit valid
SQLDBC /sapdb/programs 7.6.00.35 32 bit valid
SQLDBC 76 /sapdb/programs 7.6.00.35 32 bit valid
Fastload API /sapdb/programs 7.6.00.35 32 bit valid
PCR 7403 /sapdb/programs 7.4.03.44 32 bit valid
SAP Basis component SAPKB70011
db59 there are no errors log says all 4 tests successfull.
Maybe you are looking for
-
Safari 6.0.5 Crashing many times a day
Here's my crash log.. please can someone help as it's driving me loopy!! Process: Safari [14242] Path: /Applications/Safari.app/Contents/MacOS/Safari Identifier: com.apple.Safari Version: 6.0.5 (8536.30.1) Build Info:
-
Problem connecting Axis client to a Service written in Delphi
I'm using Axis client to use a web service already running in Delphi. I have used WSDL2JAVA tool to get the complex types required by the service parameters. But when I try to invoke the service it fails saying "Access violation at address 052DC9E1 i
-
Is it possible to have a splash page that you only see once?
Hello, I was hoping to find out if it's possible to have a splash page for a sign up form that you would see just once. If you skip the sign up form it takes you to the regular site and you never see the splash page again. Is something like that poss
-
Hi, I have three email accounts. Two of them are working fine, the third, my work email from Groupwise (but not an enterprise server) stopped receiving email two weeks ago. The same thing happened to a colleague who has the same make and model Black
-
Can we install different oracle editions in a single system
Hi, Can we install oracle standard edition s/w and enterprise edition s/w in a single windows or unix box. Thanks, Mahi