SNC setup for connection SAPGUI - ABAP (no SSO)

Similar Messages

• Problem Create System Object in the Portal for connecting CRM abap

  Hi, i creating system in the portal (JCX) for connecting system ABAP CRM (CRX), after create system try run test connection and show messages error:
  Test Connection with Connector
    Test Details:
  The test consists of the following steps:
  1. Retrieve the default alias of the system
  2. Check the connection to the backend application using the connector defined in this system object
    Results
  Retrieval of default alias successful
  Connection failed. Make sure that Single Sign-On is configured correctly
  In the logs the portal (NWA) show messages:
  Failed in creating the JCO Connection.
  The logs operation system (log Security_audit.log)
  Error> occured  >Thu Jun 23 11:34:41,278<RfcException: message: 'mshost' missing  Return code: RFC_INVALID_PARAMETER(19  Return code: RFC_INVALID_PARAMETER(19)    error group: 101 key: FC_ERROR_PROGRAM
       at com.sap.mw.rfc.api.RfcOptions.checkParameters(RfcOptions.java:438)
       at com.sap.mw.rfc.api.RfcApi.RfcOpen(RfcApi.java:688)
       at com.sap.mw.jco.MiddlewareJRfc$Client.connect(MiddlewareJRfc.java:1079)
       at com.sap.mw.jco.JCO$Client.connect(JCO.java:3256)
  Plase help, any idea?

  message: 'mshost' missing Return
  During the System Object Creating in System Landscape, there is any entry as Message Server Host: CRM MS HOST
  and Message Server Port : sapmsSID and add this entry in etc/services --> bottom samsSID 36NN/tcp where NN is instance number.
  Try this and let me know.
  Thanks
  SM

• RFC User for Connectivity with ABAP Server Proxy Required?

  Hi people,
  I am just wondering how I set-up my connectivity between XI and my business system B.
  Our basis already set-up the connection to the runtime workbench from B->XI
  For that sake they've added the xirwbuser to B (Xi has it as well, of course).
  Now I am configuring the whole thing in the Directory. There I need an receiver agreement and a channel. For that I take the adapter type "XI". Anyway, I need to give here an RFC destination as well. I've added one of type "H".
  And now the issue: Do I really need a separate user for that rfc connection? I thought with proxies the systems are somewhat like "hard-wired" and do not need special users.
  Anyway, if I need a dedicated RFC user: Is a certain role enough or do I need special roles depending on the stuff I am doing in the business system?
  Thanks in advance!
  Helge

  You can of course use an existing service user.
  But for monitoring purpose it is receommended to use a seperate user. (Think about system log entries).
  The user needs the role SAP_XI_APPL_SERV_USER.
  Regards
  Stefan

• JCO Connect Exception for connecting to ABAP system

  Hey Guys,
  When running the program
  [code]import com.sap.mw.jco.*;
  public class TutorialConnect1 extends Object {
     JCO.Client mConnection;
     public Connect1() {
       try {
         // Change the logon information to your own system/user
         mConnection =
            JCO.createClient("100", // SAP client
              "RFCUSER2"// userid
              "RFCUSER2", // password
              null, // language
              "LABR3", // application server host name
              "00"); // system number
         mConnection.connect();
         System.out.println(mConnection.getAttributes());
         mConnection.disconnect();
      catch (Exception ex) {
        ex.printStackTrace();
        System.exit(1);
    public static void main (String args[]) {
      Connect1 app = new Connect1();
  [/code]
  I get the exception
  [code]java.lang.NoClassDefFoundError
       at com.sap.mw.jco.MiddlewareJRfc$Client.connect(MiddlewareJRfc.java:836)
       at com.sap.mw.jco.JCO$Client.connect(JCO.java:3159)
       at com.ids.jco.JCOUtil.getClient(JCOUtil.java:37)
       at com.ids.jco.JCOUtil.main(JCOUtil.java:23)[/code]
  My program in the developer studio compiles just fine, I have added all the libraries in the developer studio. In the "set additional libraries" context menu of the project I have included all the libraries.
  In the Debug/Run settings I see all the libraries included when I test the program.
  I am running the program on Netweaver Developer Studio SP15
  Any help is appreciated.
  Regards
  Sumit.

  Hi Sumit,
  the exact problem is discussed in this forum..just check this....
  Re: Some problems about JCo >.<
  let me know...
                         Regards
                         Kishor Gopinathan

• Connectivity between ABAP and Java Stacks for BI

  Dear all,
  our BI developer have to use BW Analyser for showing and changing of BW reports in Java based NetWeaver Portal.
  Initially just ABAP stack (SID DCE) was installed. In Februar 2014 I installed also an Java Stack (SID JCE) and got dokumentation for
  connection to ABAP Stack from SAP Support, it is attached. Further help from SAP Support is not possible, they mean that this
  case belong to consultion issues.
  Follow activities were sucessfully done:
  1. RFC connection DMSAPERP4DEV_PORTAL_JCE was created in J2EE engine
  2. RFC connection DMSAPERP4DEV_PORTAL_JCE was created for Portal
  3. Portal Server Settings were maintained for portal
  4. Singe Sign-In in BI was maintained
  5. BI Certificate was imported from BI
  6. Portal Certificae was exported from Portal
  7. Portal Certificate was imported into BI.
  By processing of attached SAP guide it was a problem at step 7 "Create BI System in the Portal"with the
  creatig of BW system name. Under "System Administration -> System Configuration -> System Landscape"
  I found no systems which are maintained with the Portal Content Studio. I take a template "SAP_R3_Dedicated"
  but can not change the system name to "SAP_BW", it is still "Dedicated Application Server for R/3 System". All other
  properties was set fine.
  At step 8 of mentioned guide I face the next problem - there is no system names under "SAP Reference System"
  under "Administration -> System Configuration -> Configuration for User Management", because the system
  name on the step 7 could be not set correct, so I can not choose any.
  Please advice how to proceed here.
  Thank you and best regards
  Stan Oberberger
  Technical Consultant

  Hi,
  It clearly says the problem is with virtual memory. SO you need to change your virtual memory settings using configtool.
  See the relevant note.940893
  Make changes in the VM parameters for Bootstarp, Dispatched and the server nodes. Your -Xms should be less than equal to -Xmx.
  Restart the cluster then.
  It should work.
  Do reward good points.

• SSO is not working - User is missing credentials for connecting to alias

  Dear Experts,
  I am facing a strange problem in SSO with reference system user mapping.  I have configured reference system user mapping for accessing R/3 for ESS/MSS and transactional iviews along with UWL.  The SSO was configured 2 months ago and was working fine till yesterday.
  Since this Monday, (2 days), the system connection tests are failing on connector.  But, ESS/MSS & Transaction iviews with SAP Logon tickets are working fine. But, while trying to access UWL tasks, SSO is failing. Following is the error message -
  "Exception occured Exception type:com.sap.netweaver.bc.uwl.connect.ConnectorException Message:Tue Aug 11 09:46:58 CEST 2009
  (Connector) :com.sap.portal.connectivity.destinations.PortalDestinationsServiceException:User is missing credentials for connecting to alias <Aliassystem>. Contact your system administrator. "
  I have created a destination for the respective backend in Visual Admin > node >  services > Destinations as some tasks are not visible in UWL as per Note-  1133821, 2 weeks ago.It was working fine till yestreday. While testing from destinations, for Connected User(SAP Logon ticket Assertion ticket) , getting the error message  -
  Error During ping operation:Ticket contain no/an  emplty ABAP user id(refer note 1159962). The destination is successfully connected with configured user.
  But from the Tracecollector logs, I can see that the mapped user is set in the SAP Logon ticket and the User <ABCD> is existing in the target ECC system. More over, the SSO with refence system user mapping is working fine for ESS/MSS and Transaction based iviews. It is failing only for UWL tasks and also in system connection tests for connector. ITS was failing since the beginning.WAS is successful even now.
  Trace file info -
  Mapped user [ABCD] set in SAP Logon Ticket. The authenticated user is [<portaluserid>]. Authentication stack: [ticket]..
  The created ticket is:
  [Ticket [initialized]
    Ticket Version  = 0
    Ticket Codepage =  (Encoding=1100)
    User = <ABCD>
    Issuing System ID    = EPD
    Issuing System Client = 000
    Creation Time = 200908110746
    Valid Time    = 8 h 0 min
    Signature (length=261 bytes)
  I checked tcode SSO2 in ECC system and it is ready for accepting the logon tickets.  The strange thing is single sign on is working for ESS/Transactional iviews and not for UWL. Second thing is UWL was working fine till yesterday morning and stopped working now with SSO problems.
  Can you pls advise where to look for fixing the SSO - missing user details for UWL destination?
  regards,
  Isvarya

  <title>reporting the text as formatted text - Dear Experts,</title>
  <!--[if gte mso 9]><xml>
  <o:DocumentProperties>
    <o:Author>Isvarya Bolisetti</o:Author>
    <o:LastAuthor>Isvarya Bolisetti</o:LastAuthor>
    <o:Revision>2</o:Revision>
    <o:TotalTime>1</o:TotalTime>
    <o:Created>2009-08-11T11:21:00Z</o:Created>
    <o:LastSaved>2009-08-11T11:21:00Z</o:LastSaved>
    <o:Pages>1</o:Pages>
    <o:Words>385</o:Words>
    <o:Characters>2195</o:Characters>
    <o:Company>Bekaert N.V</o:Company>
    <o:Lines>18</o:Lines>
    <o:Paragraphs>5</o:Paragraphs>
    <o:CharactersWithSpaces>2575</o:CharactersWithSpaces>
    <o:Version>11.9999</o:Version>
  </o:DocumentProperties>
  </xml><![endif]><![if gte mso 9]><![endif]><![if gte mso 9]>
  <!--
  /* Style Definitions */
  p.MsoNormal, li.MsoNormal, div.MsoNormal
       {mso-style-parent:"";
       margin:0cm;
       margin-bottom:.0001pt;
       mso-pagination:widow-orphan;
       font-size:12.0pt;
       font-family:"Times New Roman";
       mso-fareast-font-family:"Times New Roman";}
  @page Section1
  div.Section1
  -->
  </style>
  <!--[if gte mso 10]>
  <style>
  /* Style Definitions */
  table.MsoNormalTable
       {mso-style-name:"Table Normal";
       mso-tstyle-rowband-size:0;
       mso-tstyle-colband-size:0;
       mso-style-noshow:yes;
       mso-style-parent:"";
       mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
       mso-para-margin:0cm;
       mso-para-margin-bottom:.0001pt;
       mso-pagination:widow-orphan;
       font-size:10.0pt;
       font-family:"Times New Roman";
       mso-ansi-language:#0400;
       mso-fareast-language:#0400;
       mso-bidi-language:#0400;}
  </style>
  <![endif]><![if gte mso 9]><![endif]><![if gte mso 9]>Mapped user set in SAP Logon Ticket. The
  authenticated user is . Authentication stack: ..
  The created ticket is:
  [Ticket

• Error in CTC for BI Initial Setup for ABAP

  Hi,
  I have freshly installed BIJAVA 7.0 system and now i wanted to connect
  with BW ABAP7.0 system which has been system copied from Qualtiy system.
  While running the CTC template for BI Initial Setup for ABAP i am
  getting following error :
  " Validate Client : BW is already configured for different client. CTC
  can be run only for that client. If BW has to be configured for the
  client entered in 'Client' input field, perform Client copy using
  transaction SCCL before running CTC template. "
  I have used Java UME option during installation.Will it create any
  problem.
  Regard's
  Goldy

  Hi,
  Hope you would have done all the post precessing after system copy.
  Please check what are the entry maintained in the table mentioned below.
  RSPOR_T_PORTAL
  Change the entry in the above table in SM30 in backend  and also check the settings in the portal
  System Administration -> System Landscape-> SAP_BW
  Thanks
  Rishi Abrol

• How to configure SSO for web dynpro ABAP (not web dynpro Java)

  Hi Experts,
      I am testing SSO in IDES for web dynpro ABAP (Not for web dynpro Java / not for portal). When I am entering url of web dynpro application in web browser like internet explorer, then it should ask for user id and password first time, after login whenever user would access that url, it must not ask for user ID and password (url would be access web browser in mobile). For this I select to configure single sign-on for web dynpro ABAP. I have done below works:
  1). I have created a web dynpro application having url: http://susws076.sap.swk:<port>/sap/bc/webdynpro/sap/zadb_hello_world2
  2). I run TCode SICF and access service node to "Zadb_hello_world2". Double click on it, hit change. pressed "logon data" tab, select "Alternative logon
       procedure"
     Then deleted all logon procedure other than "SSO Authentication" and saved.
  3). Go to "STRUST" and create certificate, choosed "Environment==> Logon Ticket" fill the required parameters and execute. It is OK (no red traffic
       signal).
  4). Execute TCode "RZ10" to change profile parameter, insert new parameter (indicated by red arrow)
  After all this settings I opened a browser enter above URL and hit enter but there is an error
  There is no login page. It directly showed this error page. No cookies is saving.
  Can anyone tell me what all the settings/configuration other than this I have to do. And is there any wrong setting done by me?
  How to set the for single sign-on?
  Thanks in Advance
  Regards
  Piyush

  Hi Piyush,
  Pls refer below links,
  Single Sign On with ABAP WebDynpro
  http://help.sap.com/saphelp_nw70ehp2/helpdata/en/5e/6c85c3edf942f39349a1e337434d29/content.htm
  Regards
  K.N

• Load balance for HTTP Connection to ABAP System (Type H) RFC connection

  Experts,
  For proxy we are using HTTP Connection to ABAP System (Connection type H) RFC connection in PI to get connected to ECC. I only see the option to use Target host in the Target system settings than Load balance option. In general ABAP Connection (Connection type 3) has Load balancing status option in Target system settings.
  My requirement is I should use a logon group with the message server when PI connects to ECC. How can we achieve this? At the moment I can only use the Central Instance or any dialog server (App server) in RFC but not a logon group.
  Thanks in advance.
  Mahesh

  Hi Naga
  Could you check the link below?
  http://help.sap.com/saphelp_nwmobile71/helpdata/en/47/c5935087b62d66e10000000a42189c/content.htm
  https://service.sap.com/sap/support/notes/1040325

• Setup steps for connecting BW to CRM

  Hi,
  Could somebody please let me know the setup steps for connecting BW and CRM.
  Thanking you in advance,
  Dhanabal

  You can also find the steps to connect BW to CRM in Best Practise
  cheers
  mkr

• HTTP connection to ABAP runtime failed

  I am building a scenario where XI picks up a file from a directory and pushes an IDoc to ECC.  I have configured the interface with the Design tool, and I believe my setup in the Configuration tool are correct too, however I am encountering an error when testing the scenario by means of --
  Tools --> Test Configuration.
  The testing tool is giving me the following error upon processing the reciever determination:
  HTTP connection to ABAP Runtime failed.
  Error: 403 Forbidden
  URL: http://serveraddress:port/sap/xi/simulation?sap-client=100
  User: PIDIRUSER
  First of all, I am not sure who the PIDIRUSER is, I assume it's a system user?  Second, given that this error is a HTTP connection error, I am lead to believe that the issue lies somewhere in the RFC connection from XI -> ECC.  I am not sure why exactly it's attempting to connect via HTTP as my communication channel is using the IDoc adapter with an RFC destination to connect to ECC.  Possibly I have configured this incorrectly.  I have read about having to configure a RFC adapter when posting messages from R/3 to XI, does the same apply when posting an IDoc from XI to ECC?  Does anyone have any other thoughts as to why this error may be occuring?  Thanks in advance for your time and help.

  This might help you
  http://help.sap.com/saphelp_nw04/helpdata/en/82/f4993c03e0cd37e10000000a11405a/content.htm
  /people/michal.krawczyk2/blog/2005/06/28/xipi-faq-frequently-asked-questions
  http://help.sap.com/saphelp_nw04/helpdata/en/39/83682615cd4f8197d0612529f2165f/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/39/83682615cd4f8197d0612529f2165f/frameset.htm
  Regards
  Agasthuri Doss

• Create Transaction for web-dynpro ABAP

  hi
     Can you help me in creating a transaction for web-dynpro ABAP.
  thank you.

  If you want a SAPGUI transaction code that will launch your Web Dynpro ABAP application then I suggest creating a parameter transaction code that wraps around the SAP standard transaction code WDYID.  You can use the parameter STARTMODE to decide if you launch your browser within the SAPGUI window or if it opens a new browser window. You will get SAPGUI based Single Sign On with this transaction code as well.  Here is an example of a TCode I setup:
  http://www.flickr.com/photos/tjung/2758987559/
  And here is what it looks like when running in place within the SAPGUI:
  http://www.flickr.com/photos/tjung/2758987583/

• Kerbeos & Cyptolib in same app server for GUI-BW & BO -BW SSO

  Hi
  We have situation wherein we have SSO to BW from SAPGUI (logonpad) using windows AD userid. SNC authentication for this by Kerbeos.
  Now  for our BO webireports we would like have to scheduling functionality & rowlevel secutiry from underlying BW reports. Hence we need to have SSO between BW & BO ( using windows AD userid)
  But SNC authentication for BO-BW SSO uses cryptolib.
  Since we can not have both kerbeos & cryptolib in the same app server, is there any alternative solution other than using 3rd party tool like secude?
  Is this issue addressed in BI4?
  Your help is greatly appreciated.
  Thanks
  Paddy

  Thanks Ingo for the response.
  Can you please elobarate when you say "u201D You should check if the SNC libraries that you are using for the client side SNC also allows for server side trust.u201D
  Also is this issue addressed in BI4 release?
  Thanks

• New Install of MSCS for an Upgraded Abap System

  We are currently on NW04S ECC 6.0 on WAS 700 in a MSCS, Oracle 10g.  Our problem is that we are moving to new hardware and our current system uses the old MSCS (which is an upgraded system originally installed at 4.7 640 (perhaps earlier (4.6c)), which to me means that the Central Instance resides in the MSCS in the SAP Group.  Our plan is to install a clustered system and do a DB restore or copy over to the new hardware.  I have done the install and realize now that the ABAP MSCS install for NW04s ABAP creates the cluster a little differently – in that it looks like the Java (Portal) cluster.  Only the SCS and enqueue are in the MSCS and the CI and all Dis are outside of the MSCS.  This creates a problem for me in that the SCS is using the 00 system number, that on our old system the CI had, so our gui is now pointing to what would be the wrong system number, as it looks like the gui must point to to the CI system number for connection to the message server.  So, I guess this means a reinstall for me and switching the system numbers.  I also don’t know exactly how high availability would be created in this new setup unless you put an application switch in front of your CI and Dis, like you would with the Portal, to direct gui requests.  With the old MSCS the cluster would know if the CI failed and move it to the other node, but since it resides outside of the cluster, you have to have some type of external director – right?

  Hello Jack,
  even you have upgraded from 6.40 to 7.00 you will need to convert to new HA structure according the note 1011190 to avoid the problems with next upgrade. In 700 the CI and DI are not the SPOF (see also
  <a href="https://www.sdn.sap.comhttp://www.sdn.sap.comhttp://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/e0b8cd93-f1e9-2910-c186-86bfff3dac63">here</a>) and you can configure logon groups via the message server.
  In case of hardware change better to take the system copy guide and install new HA architecture - it will save you manual conversion (SAP note 1011190).
  best regards

• VPN Client and Setup for RV042

  Is there a definitive setup for a small VPN using the RV042?
  Situation is 2 remote users wish to get access to a non server (W7P) pc to access files.
  The end point doesn't have a static IP but I've put in a DYNDNS.org so it reports back the IP and I can access the router at least from outside.
  I can setup VPN users but is there more to do?
  Wish to use QVPN client or advise alternative.
  Appreciate all input.
  Thanks
  Bruce

  Bruce,
  QuickVPN normally works well for what you wish to do. Make sure that the Windows Firewall is ON in Windows 7 and Windows Vista clients. Turn off all antivirus and third party firewall software as well at least until you have verified that you have a successful connection. It is very easy to set up, just create a username and password in the router. If you run into trouble, post here or call your local Small Business Support Center:
  http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html