Smart View 11.1.2.1 - Single Sign On Error

Similar Messages

• Single Sign-On Error while uploading file via WEBADI

  Hello,
  I am getting error while uploading the file via WEBADI. Below is the error message.
  Error Message:
  The Single Sign-On server registration is invalid. Please contact the System Administrator.
  I noticed that this template is uploading data when I connect to Oracle applications and go to WEB ADI responsibility and create a new template.
  In order to make this WEBADI work do I have to create a new template each time I upload the file?
  Our goal is to use the same template, change the numbers and re load it.
  Also, Is there any way I can go to login screen when I click on UPLOAD under ORACLE in excel. That way connection is established.
  Thanks for the help.

  Hi, Actually NW Portal and SQL server has been installed on the same machine.
  Now I am trying to add my SQL server as a JDBC system and checking the connections and I do not see a property under User Management.
  When I try to connect to R/3 backend system "...Dedicated Application server" then I can see the property but not for the JDBC syste.
  any clue how to get rid of the error and to check the connection.
  Thanks in advance.
  Gopi m.

• Smart View 9.3.1 error to connecting Hyperion Planning using Excel

  Hello Folks,
  When I try to connect the Hyperion Planning 9.3.1 using Smart View 9.3.1 I had the following error "Client authorization is needed to accpet the certificate". I am using the URL connection with the following address http://server_name:8300/HyperionPlanning/SmartView.
  Regards,
  Wallace
  Brazil

  Venkat,
  Based on our web session your production BEA license has not been installed and your production server is limiting the number of unique connections to five clients. Those first five clients who connected to the system.
  As we proved in the web session Internet Explorer gets a 403 error and Firefox shows the root cause of the five license issue.
  You may verify this by looking at the license.bea file on your servers and you will see it is an evaluation license. Being a licensed Hyperion customer entitles your company to use a restricted use WebLogic in a non-clustered environment. Below is the proper license.
  The fix for this is to do the following:
  1) Download a license code from Oracle
  2) Go to http://licensecodes.oracle.com/bea.html
  3) Download LIC-WLXB92
  4) On your server(s) backup <BEA_DIRECTORY>\license.bea
  5) Copy text file within the LIC-WLXB92 over the license.bea file
  6) Restart your Hyperion Services
  Regards,
  John A. Booth
  http://www.metavero.com
  Edited by: Jbooth on Feb 12, 2010 4:39 PM
  Edited by: Jbooth on Feb 12, 2010 4:42 PM

• Slow report viewer/rdlc performance in local mode with Single Sign On

  Hi Team,
  We have recently enabled Single Sign On to our application and after that our rdlc reports loading got extremely slow.
  Please find the below configuration that we are using.
  1. Report Viewer 11.0.0.0
  2. running rdlc file in local mode (not using Report Server)
  3. System.IdentityModel.Services 4.0.0.0
  The query behind the reports is returning result in 5-10 sec but report is taking 1-4 min to load (sometimes getting timeout) (as per the complexity of the report).
  We have tried a lot of workaound but nothing worked.
  i saw performance improvement in reports by addding <trust legacyCasModel = "True"   level="Full" /> in config file, But using this we are getting "Dynamic operations can only be performed in homogenous AppDomain" error
  in many pages of our application.
  Without SSO reports are running completely fine.
  We are stucked here and not able to proceed. Is there any issue with the SSO and rdlc in local mode ? Is there any hot fix available for the same ?
  Please help !!!
  Regards,
  Pranav Sharma

  This problem is probably related to :
  [http://blogs.oracle.com/stevenChan/2010/03/ebs_jre_issues_16018.html]
  Oracle problem ID : 1054293.1
  Loginpage / Error in Browser for Export and Attachments after upgrading to Sun JRE 1.6.0_18 [ID 1054293.1]
  Sun bug : 6927268
  ShowDocument calls results in new iexplorer process

• Single Sign-on and PORTAL30 DAD

  What I've done:
  1) Setup up PORTAL30 DAD with Single Sign-on
  2) Created schema called JOHN with "hello world" procedure call TEST
  3) Grant execute on TEST to PORTAL30
  4) Goto http://<servername>/pls/portal30/john.test
  5) Receive "Procedure Doesn't Exist" error
  6) Change DAD from single sign-on to Basic authentication
  7) Repeat Step 4 with no problems

  Hi Derick,
  I want to make our discussion into 2 parts
  1) Sign on
  2) Viewing data based on the Heirarchy
  1)Before discussing about the Sign on i want to know which connectivity you are using ? Live offcie or QaaWS.
  2) We can make the second point possible in two ways One is with providing restriction at universe level
  and the other one is through the use of flash variables.
  Using flash variables:
  The main idea of using flash variables is reading the User ID from BO authentication and based on that we fetch the Heirarchy level of that user. Then we use some excel logic to hide the data from Low level heirarchy(Here we use Dynamic Visibility for components).
  I hope this is what you ar looking for....
  If so i have more points to acheive such scenario.
  Please provide the your BO environment details, such that it will be easy to identify the better best wat to acheve it.
  Regards,
  AnjaniKumar C.A.

• Single Sign on and Macintosh

  Hello,
  we realized single sign on on our mac machines. It runs great. Now i want to combine it with our SAP logon groups. There's an error that he cannot find the KDC. Where's the problem? Is it nit possible to combine groups with using snc?
  We set the followign connection string:
  SAP Prod: conn=/M/sapmachine.firma.de/S/1234/G/example_group&sncon=true&sncname=p:[email protected]&sncqop=9

  Hi Derick,
  I want to make our discussion into 2 parts
  1) Sign on
  2) Viewing data based on the Heirarchy
  1)Before discussing about the Sign on i want to know which connectivity you are using ? Live offcie or QaaWS.
  2) We can make the second point possible in two ways One is with providing restriction at universe level
  and the other one is through the use of flash variables.
  Using flash variables:
  The main idea of using flash variables is reading the User ID from BO authentication and based on that we fetch the Heirarchy level of that user. Then we use some excel logic to hide the data from Low level heirarchy(Here we use Dynamic Visibility for components).
  I hope this is what you ar looking for....
  If so i have more points to acheive such scenario.
  Please provide the your BO environment details, such that it will be easy to identify the better best wat to acheve it.
  Regards,
  AnjaniKumar C.A.

• Single Sign-On and VPDs

  Hi - we're trying to implement a VPD on our company database at the moment and were wondering if a single sign-on architecture on our middle tier could be successfully tied to a VPD on the database tier. We have a number of clients, both internal and external, who will be accessing the database via the web and we need to control who sees what. Could you advise on the feasibility of this approach? Thanks

  Hi Derick,
  I want to make our discussion into 2 parts
  1) Sign on
  2) Viewing data based on the Heirarchy
  1)Before discussing about the Sign on i want to know which connectivity you are using ? Live offcie or QaaWS.
  2) We can make the second point possible in two ways One is with providing restriction at universe level
  and the other one is through the use of flash variables.
  Using flash variables:
  The main idea of using flash variables is reading the User ID from BO authentication and based on that we fetch the Heirarchy level of that user. Then we use some excel logic to hide the data from Low level heirarchy(Here we use Dynamic Visibility for components).
  I hope this is what you ar looking for....
  If so i have more points to acheive such scenario.
  Please provide the your BO environment details, such that it will be easy to identify the better best wat to acheve it.
  Regards,
  AnjaniKumar C.A.

• Single Sign-on and SSL problems

  We are using WebLogic Portal and Server (version 8.1 SP3). We want to have a single sign-on when entering the portal, so that users do not need to reauthenticate each time they access an application via an applet in the portal. We also want to protect the username/password authentication and all other connection information using SSL. We have applications in multiple domains.
  When not using SSL, SSO works okay. We are challenged for username/password exactly once, whether we access the Portal, or an application directly. As soon as we enable SSL, we are challenged repeatedly, and in some cases cannot access the applications at all, as the challenge always fails.
  We suspect that there is a Session cookie problem and that something is clobering the cookie and thus breaking the session. Does anyone have any idea on what might be causing the problem?

  Hi Derick,
  I want to make our discussion into 2 parts
  1) Sign on
  2) Viewing data based on the Heirarchy
  1)Before discussing about the Sign on i want to know which connectivity you are using ? Live offcie or QaaWS.
  2) We can make the second point possible in two ways One is with providing restriction at universe level
  and the other one is through the use of flash variables.
  Using flash variables:
  The main idea of using flash variables is reading the User ID from BO authentication and based on that we fetch the Heirarchy level of that user. Then we use some excel logic to hide the data from Low level heirarchy(Here we use Dynamic Visibility for components).
  I hope this is what you ar looking for....
  If so i have more points to acheive such scenario.
  Please provide the your BO environment details, such that it will be easy to identify the better best wat to acheve it.
  Regards,
  AnjaniKumar C.A.

• Single Sign-On and Data Visibility Rights

  Hello,
  I was wondering whether anyone has any best practices for implementing single sign on and user identification with Excelsius.
  More specifically, I need to interrogate user role, and limit certain data visibility based on that role.
  For example, a sales rep may only see certain data for their own territories, but the regional and national managers can see more.
  With the emphasis in improving enterprise integration with the new version coming up, I'm also wondering if there are any improvements included for this aspect.
  Thanks in advance.
  Derick

  Hi Derick,
  I want to make our discussion into 2 parts
  1) Sign on
  2) Viewing data based on the Heirarchy
  1)Before discussing about the Sign on i want to know which connectivity you are using ? Live offcie or QaaWS.
  2) We can make the second point possible in two ways One is with providing restriction at universe level
  and the other one is through the use of flash variables.
  Using flash variables:
  The main idea of using flash variables is reading the User ID from BO authentication and based on that we fetch the Heirarchy level of that user. Then we use some excel logic to hide the data from Low level heirarchy(Here we use Dynamic Visibility for components).
  I hope this is what you ar looking for....
  If so i have more points to acheive such scenario.
  Please provide the your BO environment details, such that it will be easy to identify the better best wat to acheve it.
  Regards,
  AnjaniKumar C.A.

• Single Sign On -- Enterprise portal and BI JAVA

  Hi,
  I need to watch reports BI J2ee from an EP 7.00. I have configured the single sign On but it works just for ABAP BI Stack.
  This is what I have done for SSO JAVA:
  Importing the BI JAVA Certificate to the SAP NetWeaver 2004s Portal (SAP EP 7.0)
         1.      Start the SAP J2EE Engine Administrator with %INSTALLATION_ROOT%admingo.bat.
         2.      Connect to the portal server.
         3.      Choose  are the values of and of certificate SAPLogonTicketKeypair-cert (see above).
  You also have to add these values under evaluate_assertion_ticket:
     13.      Start the SAP J2EE Engine Administrator with %INSTALLATION_ROOT%admingo.
     14.      Connect to the portal server.
     15.      Choose  (for example, CN=J2E)
  Any clue?
  Regards

  Hi Jorge,
  if the UME is used with an ABAP based system as the back-end user storage, do the following:
  Generate and export the Portal Certificate:
  Go to Visual Administrator
  Choose <SID> - Server - Services - Key Storage - from the tree Select the view TicketKeystore under Views
  If the SAPLogonTicketKeypair exist, delete it.
  If the SAPLogonTicketKeypair-cert exist, delete it.
  Generate a portal certificate using the following steps:
  Under Entry choose Create.
  Enter the folowing values in u201CKey and Certificate Generationu201D
  Organization Unit Name (OU) = J2EE
  Common Name (CN) = <SID>
  Entry Name = SAPLogonTicketKeypair
  Store Certificate: X
  Algorithm: DSA
  Click u201CGenerateu201D
  Import the Portal Java Certificate into ABAP
  STRUSTSSO2
  System PSE:
  u201CImport Certificateu201D - Choose your exported .crt file - File format = Binary
  Click u201CAdd to Certificate Listu201D
  Click u201CAdd to ACLu201D - System ID = <SID>, Client = 000
  save it.
  Export PSE ABAP Certificate and import into J2EE Portal:
  STRUST
  Choose PSE, export it and save as <SID>.pse
  sapgenpse export_p12 -p <SID>.pse <SID>.p12
  copy the generated p12 file <SID>.p12 to J2EE Portal
  Go to Visual Administrator
  Choose <SID> - Server - Services - Key Storage - from the tree Select the view TicketKeystore under Views
  export the .p12 ABAP certificate with "Load"
  adjust com.sap.security.core.server.jaas.EvaluateAssertionTicketLoginModule:
  Choose <SID> - Server - Services - Security Provider - from the components tree select evaluate_assertion_ticket
  ensure that trustediss<n>, trusteddn<n>, trustedsys<n> are correct set.
  ume.configuration.active = true.
  restart the ICM in SMICM
  If you also want to use SSL, there are some further steps to be done.
  Regards,
  Gerd

• Cannot get end-to-end single sign-on to work in CR XI

  Post Author: yarg
  CA Forum: Authentication
  Hello,
  I'm looking for some help please.  I have used Crystal Reports XI fairly extensively over the past year (designing reports mainly), and have now been tasked with getting CR Server XI up and running so that team members can view reports pertaining to them via a web browser.  I have installed CR Server XI on a Windows Server 2003 VM and have followed every single step in the admin guide on pg285 about how to implement end-to-end single sign-on using Kerberos.
  However, every time I try to access InfoView I get prompted for AD credentials.  Single sign-on just is not working and there are no visible error messages to indicate why.  Could anyone please offer suggestions?  Even telling me whether there is any sort of log file which I can check to see what's happening behind the scenes would be very helpful.
  Many thanks in advance,
  Graeme

  Post Author: colin mackenzie
  CA Forum: Authentication
  Hello Graeme.
  Have you tested it with using the user settings under the Enterprise Authentication?
  Does your reports and objects work for the user when connected with the "Enterprise Authentication Type?

• Use single sign on for multiple portal domains

  Is it possible for a user to sign on once to a domain, and then be able to access other domains. What I'm trying to do is have one user registration page/login page, but use different portal server domains to present different sites, while at the same time having a type of single sign on, once a user has entered his credentials. Thus my registration process will create a new ldap user in an external directory, and i can then just point all the different domains to that External Ldap directory.

  I wouldn't recommend this because it would affect performance plus there are potential other issues like conflict that you would run into ..
  Everytime a user logs into a new session is created for him and this means a user might have multiple sessions on the server. The cookie that is also set is dependent on per portal domain so it might not work ..
  An alternative approach might be to have multiple roles and then customize the role for different views. You can modify the membership code in such a way that based on certain criteria you can assign him to a particular role, equivalent to your domain. However the problem could be if you want to provide delegated admin, currently the delegated admin is only at a domain level.

• Intermittent errors when  retrieving through smart view (11.1.2.5.210) in Oracle 11.1.2.3.500

  We are getting the below errors when retrieving from huge smart view sheets for couple of our applications. We have increased the time out settings from the local registry, server registry, mod_wl_ohs file, Web logic console, http.conf, Essbase.properties. Also, increased the JVM from opmn.xml & setCustomParamsAnalyticProviderServices.bat. However we still face the error.
  Note: this is an intermittent error and does not happen all the time.
  Cannot connect to the provider. Make sure it is running in the specified host/port. Error(12152).
  Cannot connect to the provider. Make sure it is running in the specified host/port. Error(12031).
  Also, we are facing  retrieval performance issues after we upgraded to 11.1.2.3.500 after we migrated from 11.1.1.3.500. Has anyone faced this issue? if so, any suggestions in improving the retrieval performance (especially with MDX member formulas in ASO applications)  in 11.1.2.3.500 version?
  Smart view version: 11.1.2.5.210

  Is there a load balancer being used?
  Does the issue common on both Shared and Private connection?
  Smartview client
       A)    add a essbase.cfg  to the client machine in smartview\bin
               the file will have 3 entries
              NETDELAY 2000
              NETRETRYCOUNT 2000
              NETTCPCONNECTRETRYCOUNT  200
  You can give it a try on a single client machine and check is the result is improved.

• Ask the Experts: Single Sign-On with Cisco WebEx Meetings Server, Internet Reverse Proxy, and Enterprise License Manager Solutions

  With Arun Kumar
  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Single Sign-On (SSO) with Cisco WebEx Meetings Server (Cisco WMS), Internet Reverse Proxy (IRP), and Enterprise License Manager (ELM) solutions.
  SSO standards such as Security Assertion Markup Language (SAML) 2.0 provide secure mechanisms for passing credentials and related information between different websites that have their own authorization and authentication systems. SSO enables simplified user authentication and management.
  IRP provides public access, enabling users to host or attend meetings from the Internet and mobile devices. Although IRP is optional, Cisco encourages its use because it provides a better user experience for your mobile workforce.
  Example question topics include:
  SSO profiles and SAML 2.0 Identity providers (IdPs) supported in Cisco WMS
  Basic configuration of IdPs
  Interaction between IdPs and Cisco WMS
  Difference between the cloud client implementation and Cisco WMS
  Meeting access behavior in a split-horizon network topology with SSO
  How to enable public access to Cisco WMS
  Cisco WMS ELM operations
  Cisco WMS ELM compared to other unified communications ELM or standalone ELM and compatibility/inoperability between them
  Arun Kumar is a team lead in the San Jose Conferencing Technical Assistance Center. He has over eight years of experience in conferencing technology and specializes in Cisco Unified Meeting Place Express and Cisco WebEx Meeting Server. He joined Cisco in 2010 as an escalation engineer for the Cisco Telepresence group. Before joining Cisco he worked for the UK's third-largest internet service provider Supanet on VoIP technology and the *Nix domain. Kumar holds a master of science degree in computer science from Sikkim Manipal University in India, and he holds CCIE (Voice) and VMware Certified Professional certifications.
  Remember to use the rating system to let Arun know if you have received an adequate response.
  Arun might not be able to answer each question because of the volume expected during this event. Remember that you can continue the conversation on the Collaboration, Voice, and Video community Other Subjects subcommunity shortly after the event. This event lasts through Monday May 17, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

  Hello Mobile Service,
  CWMS and Jabber integrations:
  http://www.cisco.com/en/US/docs/voice_ip_comm/jabber/Windows/9_1/JABW_BK_E4CC9599_00_environment-configuration-guide_chapter_01.html#JABW_TK_SF2ED5E1_00
  In above link start from section: Set Up Cisco WebEx Meetings Server on Cisco Unified Presence
  then move to section: Add Cisco WebEx Meetings Server to a Profile
  Once done, move to section: Specify Conferencing Credentials in the Client side. You will see above server already listed there, just go ahead and enter your username and password (pleae make sure this user already exists on your CWMS) and accept any certificate/s if presented. Jabber Integration is done and you can start testing the same.
  Attached CWMS - AFDS integration doc.
  Please let me know if any furhter question.
  Thanks, Arun

• Oracle Single Sign on Integration with Oracle EBS  r12

  Hello,
  I am working on a project to integrate Oracle Single Sign On on Oracle r12. There is plenty of information available on Oracle Support but few inter-mixing and confusing terminology keeps popping up and I do not understand how all pieces together work. I am new to Oracle Single Sign On.
  Here are few basic questions.
  1. What is the difference between Oracle Internet Directory, Oracle Virtual Directory and Oracle Active Directory
  2. Are the terms Identity Management and Oracle Single Sign On interchangeable?   What is the difference between two?
  3. What is Oracle Access manager and how different that is from Identity Management?
  4. What is Oracle HTTP Server 11g webgate and how different that is from a normal traditional Oracle HTTP Server?
  5. What is Oracle EBS Accessgate?  Why do I need it?  On metalink some notes do not indicate use of Accessgate at all for OSSO deployment while some makes it look like required.And advise on above will help.
  Thank you
  Darsh

  Hi Darsh,
  1. Oracle Internet Directory (OID) is Oracle LDAP storage solution (more here), Oracle Virtual Directory is Oracle solution that can read identity data (and filter it (mask it) based on policies) from Oracle/non-Oracle databases, Oracle/non-Oracle Directories and files and provide the user profiles as LDAP view (more here), There is nothing called Oracle Active Directory, you must be referring to Microsoft Active Directory.
  2. No, Oracle Single Sign On (OSSO) is a feature in iAS (its obsolete), Identity Management is wide umbrella of solutions and concepts.
  3. Oracle Access Manager is one component of Oracle Identity and Access Management suite of products.
  4. Webgate is Oracle access Manager agent that is installed on a webtier, it intercepts the web requests and collect the credentails, send them to Oracle Access Manager for security evaluation (decide what Authentication is needed, verify collect credentials, etc), webgate then enforce the Access Manager decision.
  5. Oracle EBS AccessGate is a java application that has the same use of OAM Webgate (it is OAM agent) but specific to E Business suite, EBS Access Gate is the new solution replacing OSSO agents, OAM is replacing OSSO server component, EBS and OSSO customers can use OAM server with OSSO agents, or with EBS AccessGate.
  HTH.
  Ghassan