Transparent lookup of LDAP user properties

Hi -
Our developers are using OC4J container security with JAZNUserManager and OID. All is working fine from a security point of view (getRemoteUser, isUserInGroup), but for some properties of the user object (eg email), they are doing a separate ldap lookup. This seems out of sorts to me, dispensing with the mechanics of the security model only to implement it again for something as simple as a property lookup.
Is there a mechanism available to transparently get at these properties?

in your domain definition (dc=domain), use the mailRoutingSmartHost attribute. That should do it.

Similar Messages

  • Assigning roles to LDAP users through BIP API

    Hi.
    My customer has BIP 11g and OIM 9.1.0.2 running on the same weblogic server (11g). Both authenticate against the same LDAP server.
    One of our desired next steps is to provision from OIM the BIP roles to each LDAP user so every user gets the correct roles (and access to the correct reports) according to the groups he has on OIM.
    I've been searching for info regarding this without success. The BIP API doc does not show any info about assigning roles to users.
    We don't need to manage LDAP users, BIP roles, etc... through OIM. We only need to assign BIP roles to LDAP users.
    Is it possible to make that assignments through BIP API?
    If not, any other ideas? New ideas or different approaches are welcome.
    Thanks in advance.

    In OBIEE 11g which includes BIP the application roles are applied to LDAP users and groups using the Enterprise Manager Fusion Control.
    During the upgrade process from OBIEE 10g to OBIEE 11g the groups do get assigned to these roles transparently so there must be some API to leverage this functionality.
    I would start there, http://download.oracle.com/docs/cd/E14571_01/bi.1111/e10541/admin_api.htm
    There are no specific instructions on accomplishing what you seek but if you have some WLST or Java Skills you should be able to get something prototyped.
    Let me know if that helps.

  • Error while configuring external LDAP user store with weblogic

    Hi,
    I have weblogic 10.3 installed and I can access weblogic admin console using weblogic (admin) user. I want to use external ldap user store to access admin console with users present in external ldap.
    To do this, I have configured authentication provider and provided all the required details to connect to ldap.
    For example:
    Base DN: cn=admin,cn=Administrators,cn=dscc (user with which we will connect to LDAP)
    User DN: ou=People,dc=test,dc=com
    Group DN: ou=Groups,dc=test,dc=com
    This authentication provider is set to SUFFICIENT mode. I have deleted the default authentication provider.
    In the boot.properties file I have given the user name and password of the user with which LDAP instance was created something like below.
    password=xxxxxxx
    username=admin
    Now while starting the admin weblogic server, I am getting the below error:
    <Jul 25, 2012 2:22:28 PM IOT> <Critical> <Security> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.>
    <Jul 25, 2012 2:22:28 PM IOT> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
    weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:960)
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
    at weblogic.security.SecurityService.start(SecurityService.java:141)
    at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
    Truncated. see log file for complete stacktrace
    Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User admin javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User admin denied
    at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
    at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    Truncated. see log file for complete stacktrace
    >
    <Jul 25, 2012 2:22:28 PM IOT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
    <Jul 25, 2012 2:22:28 PM IOT> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
    <Jul 25, 2012 2:22:28 PM IOT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
    Can anyone please suggest how to resolve this problem? If, anyone can suggest the exact steps to configure external ldap store to manage admin console via ldap users.
    Regards,
    Neeraj Tati.

    Hi,
    Please refer the below content that I found for Oracle 11g in the docs.
    "If an LDAP Authentication provider is the only configured Authentication provider for a security realm, you must have the Admin role to boot WebLogic Server and use a user or group in the LDAP directory. Do one of the following in the LDAP directory:
    By default in WebLogic Server, the Admin role includes the Administrators group. Create an Administrators group in the LDAP directory, if one does not already exist. Make sure the LDAP user who will boot WebLogic Server is included in the group.
    The Active Directory LDAP directory has a default group called Administrators. Add the user who will be booting WebLogic Server to the Administrators group and define Group Base Distinguished Name (DN) so that the Administrators group is found.
    If you do not want to create an Administrators group in the LDAP directory (for example, because the LDAP directory uses the Administrators group for a different purpose), create a new group (or use an existing group) in the LDAP directory and include the user from which you want to boot WebLogic Server in that group. In the WebLogic Administration Console, assign that group the Admin role."
    Now in my LDAP directory, setup is in such a way that Administrators is a group created under following heirarchy " cn=Administrators,ou=Groups,dc=test,dc=com" and there is one user added in this Administrators group.
    The problem that I am having is when I modify the Admin role in which Administrators group should be added what exaclty I should give in Admin role. Whether I should give only Administrators or full DN: cn=Administrators,ou=Groups,dc=test,dc=com ???
    When i give full DN, it takes every attribute as different, i mean cn=Administrators as different and ou=Groups as different and shows a message that cn=Administrators does not exist.
    Here not sure what to do.
    Also if external ldap authentication provider is the only provider then I need to give the user information in boot.properties file also for weblogic to boot properly. Now, what should I give there in user? still complete DN ??
    Regards,
    Neeraj Tati.

  • LDAP User Synchronization : Password

    Hi All,
    I have a question about LDAP User Synchronization to SU01 in ABAP. Does it create an initial password for the users being Synced? or It stores the LDAP Password in SU01 password field?
    I have doubt about the second, as LDAP will never return the password in plain text, and Password Hashing schemes can be different between LDAP and ABAP.
    If it doesn't store the password at all in SU01 for Synced users, then how does user login into SAP GUI?
    Please let me know.
    Thanks in Advance,
    Sanjeev

    Hi Tim,
    it's not possible to unhash cryptographic hash function. One of the main properties of each cryptographic hash function is preimage resistance which means that it's not feasible for a given hash h to find a message m that hash(m) = h. Even in case that it is possible to find this message you can't be sure that that was the original message because as we know a hash function maps message of arbitrary length to fixed size string. Obviously, there is more messages with variable length than messages with one fixed sized so there has to be at least one hash where there are two messages m1 and m2 and hash(m1) = hash(m2) (pigeon hole principle). So it could happen that user would choose password m1 but your unhasing algorithm would get m2. Obviously, it's highly improbable that second hash function hash m1 and m2 into same hash. Therefore such a solution will not be never available and the only solution is to get password in clear text and distribute it to each system in clear text form. As Julius mentioned this is supported but it has some disadvantages.
    Cheers

  • JANZ  User Properties in SOA Suite 11G

    Hi All,
    I am trying to configure users in Oracle SOA Suite 11G to JANZ Realm . I am able to add user.
    In documentation i see user property file present in this location "SOA_Oracle_Home\bpel\system\services\config\demo-users-properties.xml " , I don't have BPEL folder in SOA_SERVER1 , File available in 10G not in 11G.
    Basically i am looking to set Manager to users which i define.
    Users which i add in admin console are stored in WebLogin Embeded LDAP Server. I am able to see list of user by connecting server using LDAP Browser.
    When i try to add manager attribute using LDAP Browser , it fails , record is not displayed in Jdeveloper .
    Appreciate if your help in finding user properties or setting Manager role to the user. How can i add more attributes defined in documentation.
    Regards
    Vijay

    Hi Siva,
    I don't think still there is any support for PGP in Oracle SOA. You may use java for PGP encryption/decryption and transfer externally encoded messages over SFTP.
    Please refer -
    Re: PGP Encryption/Decryption
    PGP Encryption in B2B
    Regards,
    Anuj

  • HOW-TO specify database credentials in LDAP user

    Hi:
    I want to know how can i specify oracle database credentials (oracle database usernname) that one specific user will use to connect to the database for instance when using Oracle Forms.
    I saw in OID some "tags" like orcluserv1, etc... is this ? how can i do it ?
    For instance i want that:
    LDAP user Database user
    user00001 dbuserA
    user00002 dbuserA
    user00003 dbuserA
    user00004 dbuserB
    user00005 dbuserB
    So ldap user00001 will connect to the database with dbuserA ..
    Thanks in advance,
    Ricardo

    Hi Ashish:
    I've succesfully created an user with OIDDAS and assign it a "resource acess information" of type OracleDB.
    So, when creating this user i specified the username in db that this user will use to access database. Until now, it's all perfect. But, where's this information is stored ?
    I've access OID Manager and see that user is create in the Entry Management, but the DB information is not stored in any of the properties of this user.
    This is a problem, because I want to make an APP that will use DBMS_LDAP pack to create user dynamically, so I have to know what attributes/classes/properties that user needs for assign it to a specific DB user.
    Can you help ?
    Thanks The information is stored in an Oracle Specific container called 'cn=oracleContext' in the default subscriber.
    You can use the DBMS_LDAP_UTL package (shipped in iAS 902) to query these Resource Access Descriptors. Directly
    storing these from PL/SQL is not presently supported. OIDDAS is the only interface through which you can get this done.

  • Difference between UME and LDAP users

    Hi,
    I am facing a strange problem. In my Webdynpro application, I am accessing the portal user properties using the normal user management APIs. IUser object. On my local server, all the users are UME users and it runs fine.
    When I deployed my application on the central server which creates LDAP users by default, the code bombs saying the user is not authorized. When I recreate the user in UME, it is fine again. Are there APIs which I can use which work for both the user stores?
    Thanks in advance,
    Kiran

    Hi Kiran,
    I User object works for both the cases. Just try the below code.
    <%@ page import = "com.sap.security.api.IUser" %>
         private void getUser() {
              user = compRequest.getUser();
              userId = user.getUniqueID();
              userName = user.getUniqueName();
    It worked for me for getting the users from LDAP.
    Regards,
    Santhosh

  • CUCM 8.6.2 LDAP User Delete Pending LDAP Sync Status Inactive

    BE6K ver 8.6.2
    Client has a user who recently got married.  They changed her account information in Active Directtory to reflect her new last name. At that point CUCM shows her as
    Delete Pending
    LDAP Sync Status Inactive
    CUC shows
    LDAP User has been deleted.
    The user still exists in both CUC and CUCM and is actively takign and receiving calls.  User has VM access.
    Shorrt of deleting the user in AD and recreating her, is there a way to force this to re-sync?
    Thanks
    Matt

    Then that's expected to happen, for all purposes to CUCM/CUC eyes, msmith no longer exists and will be deleted, and a new user mjones now will be imported.
    Depending on when the change was done and when CUCM detected this, it might take up to 48 hours maximum to delete the user
    You'll need to associate everything to the new user, and also add that new user into CUC.
    Or switch back her userID to the old one, and just change the surname for directory purposes.
    HTH
    java
    if this helps, please rate
    www.cisco.com/go/pdihelpdesk

  • Problem with Afaria and LDAP user authentication in Android device

    Hi all,
    I have a server with Afaria 7 (SP4, hotfix3) installed. In this Afaria there is a tenant (system) without LDAP/AD integration working correctly. I need to have other tenant with LDAP integration in which the users must be authenticated.
    I know that for iOS devices is necessary reinstall the iphoneserver selecting "Afaria Server managed authentication" but at first I want to make run the Android devices. For this reason I don't do this yet.
    I follow the next steps:
    1-Create a new tenant
    2- Configure LDAP integration
    3-Create a inventory policy with authentication required
    4-Create a static group associated to the inventory policy
    5-Create a enrolment policy associated to the static group.
    When I launch the Afaria agent on the device, the user/password parameters are required. After fill the user/password parameters, the device connect to the server and then is show the message "user or password incorrects".
    I have seen the log and seem the problem is that Afaria can't authenticate this user.
    I validate that Afaria can "see" the LDAP users creating a user group that contains this user(JimenM99)
    The problem is autentication, because if I remove "autentication required" of the inventory policy, the device enrol correctly.
    Could you please help to solve this problem?
    Thanks in advance.  

    Hi all,
    I have a server with Afaria 7 (SP4, hotfix3) installed. In this Afaria there is a tenant (system) without LDAP/AD integration working correctly. I need to have other tenant with LDAP integration in which the users must be authenticated.
    I know that for iOS devices is necessary reinstall the iphoneserver selecting "Afaria Server managed authentication" but at first I want to make run the Android devices. For this reason I don't do this yet.
    I follow the next steps:
    1-Create a new tenant
    2- Configure LDAP integration
    3-Create a inventory policy with authentication required
    4-Create a static group associated to the inventory policy
    5-Create a enrolment policy associated to the static group.
    When I launch the Afaria agent on the device, the user/password parameters are required. After fill the user/password parameters, the device connect to the server and then is show the message "user or password incorrects".
    I have seen the log and seem the problem is that Afaria can't authenticate this user.
    I validate that Afaria can "see" the LDAP users creating a user group that contains this user(JimenM99)
    The problem is autentication, because if I remove "autentication required" of the inventory policy, the device enrol correctly.
    Could you please help to solve this problem?
    Thanks in advance.  

  • Not able to figure out the table index for Edit table User Properties Dialo

    Studio Edition Version 11.1.1.0.0
    Build JDEVADF_MAIN.D5PRIME_GENERIC_080403.0915.4920
    I'm trying to automate the various features in Jdeveloper dialogs. At one point I got struck with table in Edit Table Dialog.
    Right Click on New -> Database Tier-> Select APPS: Import to offline database Objects. Step 1- Step5 dialogs comes up. Click on Next till finish button comes up. After that one table along with xdf file will be shown in the Jdeveloper Tree Menu. Right click on Table, Go to Properties. Then Select User Properties in the Left Pane. On Right Side table will be shown. I want to know what is the index for this table and also I need to input certain text and select some drop downs from this table.
    Automation Tool: JFCUnit
    Could you please tell how can I put values in some of the fields and select the values from the drop downs.
    Kindly let me know if you need any more Information for the same.

    Hi,
    if you are from Oracle, please use an internal forum. If not, the JDeveloper 11 forum is at: JDeveloper and OC4J 11g Technology Preview
    Frank

  • How to force a new password in portal with LDAP user? external users

    With an external portal (used by agents that do not work for you or reside in your office), company policy is for password to be changed every qtr.
    If the users are creating as LDAP users how to force them to change their password when required?
    Is this a custom application that needs to be written so when they log into the portal if the qtr has expired the portal ask them to enter a new password that becomes valid for the next qtr.
    Versus internally deleting and emailing all the users a new password?

    Hi Glenn,
    We are getting one problem when we are creating user in LDAP and login with that user in  Portal that time we are getting Password change screen , but when we create a user in LDAP and change the password of that user in LDAP then when the user tries to  Login to portal that time we are not able to see the password change screen.
    But again if we change the password of that user through Portal we are able to see change password screen.
    can you help on this how we can force the user to change password when we are changing password in LDAP or in SAP System.
    Regards
    Trilochan

  • LDAP user no longer able to log in

    We have CQ 5.3 set up using LDAP authentication.  We have one user who has been using CQ with her AD Userid/password for over a year with no issues, but she came in one day and now it's saying her user id and password don't match.
    We've tried on multiple different instances of CQ and she gets the same message every time.  She is able to log into other applicaitons that use LDAP for authentication just fine. We have tried resting CQ to see if that resolves the issue and it hasn't.  I originally thought it was some sort of issue with her LDAP account, but because she can log into other apps, I'm wondering if not? Or maybe there WAS an issue with her account, but it was resolved (she thought maybe her account was locked, so she ran an unlock procedure), but CQ just hasn't caught up to that fact?  This started happening a week ago.

    Hi Jennifer,
    Have you tried running a manual LDAP User sync for the single user (http://localhost:4502/crx/config/ldap.jsp)?  Since the user can login to other systems via LDAP, the problem is most likely with their account in CQ.  Maybe try deleting their account in CQ and re-creating/re-sync via LDAP User sync.
    Hope this helps.
    Ron

  • User Property changes show up on the outlook 2013 UI correctly but it does not show up on the MailItem User Properties in Shared Account between PCs Environment

    Hello There,
    I have written an Outlook Add-In to add several User Properties to our incoming emails. This add-in will be installed in 100 computers in different states and our Exchange server is hosted in our datacenter in CA. 
    Everything works great but there is an odd thing happens and that is when one PC changes a UserProperty Value all the other PCs  show up that change on their outlook UIs but when I get the MailItem object from the same other PC is
    not showing the changes. But if I shutdown outlook on that PC and open it up again the changes will be showing up in the MailItem object. It seems to me that MailItem doesn't refresh but UI does.
    Does anyone know how I can refresh the MailItem after its UserProperties has been changed from another pc in a shared account environment.   
    These are my codes to save a property and show all properties:
    Public Sub SaveUserProperty(xName As String, xValue As String)
    Dim ns As Outlook.NameSpace = Me.Application.GetNamespace("MAPI")
    Dim oMailItem As Outlook.MailItem = Nothing
    Dim oUserProperties As Outlook.UserProperties = Nothing
    Dim oUserProperty As Outlook.UserProperty = Nothing
    Try
    oMailItem = ns.GetItemFromID(curMailId)
    oUserProperties = oMailItem.UserProperties
    oUserProperty = oUserProperties.Find(xName)
    If oUserProperty IsNot Nothing Then
    oUserProperty.Value = xValue
    End If
    oMailItem.Save()
    Catch ex As Exception
    MsgBox(String.Format("{0}: {1}{2}", "SaveProperty", vbTab, ex.Message))
    Finally
    If Not IsNothing(oUserProperty) Then
    Marshal.ReleaseComObject(oUserProperty)
    oUserProperty = Nothing
    End If
    If Not IsNothing(oUserProperties) Then
    Marshal.ReleaseComObject(oUserProperties)
    oUserProperties = Nothing
    End If
    If Not IsNothing(oMailItem) Then
    Marshal.ReleaseComObject(oMailItem)
    oMailItem = Nothing
    End If
    If Not IsNothing(ns) Then
    Marshal.ReleaseComObject(ns)
    ns = Nothing
    End If
    End Try
    End Sub
    Public Sub ShowUserProperties()
    Dim builder As StringBuilder = New StringBuilder()
    Dim ns As Outlook.NameSpace = Me.Application.GetNamespace("MAPI")
    Dim oMailItem As Outlook.MailItem = Nothing
    Dim oUserProperties As Outlook.UserProperties = Nothing
    Dim oUserProperty As Outlook.UserProperty = Nothing
    Try
    oMailItem = ns.GetItemFromID(curMailId)
    oUserProperties = oMailItem.UserProperties
    For Each oUserProperty In oUserProperties
    builder.AppendFormat("{2}:{0}{3}{1}", vbTab, vbNewLine, oUserProperty.Name, oUserProperty.Value)
    Runtime.InteropServices.Marshal.ReleaseComObject(oUserProperty)
    Next
    If (builder.Length > 0) Then
    System.Windows.Forms.MessageBox.Show(builder.ToString(), "The UserProperties collection")
    End If
    Catch ex As Exception
    MsgBox(String.Format("{0}: {1}{2}", "ShowUserProperties", vbTab, ex.Message))
    Finally
    If Not IsNothing(oUserProperty) Then
    Marshal.ReleaseComObject(oUserProperty)
    oUserProperty = Nothing
    End If
    If Not IsNothing(oUserProperties) Then
    Marshal.ReleaseComObject(oUserProperties)
    oUserProperties = Nothing
    End If
    If Not IsNothing(oMailItem) Then
    Marshal.ReleaseComObject(oMailItem)
    oMailItem = Nothing
    End If
    If Not IsNothing(ns) Then
    Marshal.ReleaseComObject(ns)
    ns = Nothing
    End If
    End Try
    End Sub

    Outlook will not see the latest changes downloaded from Exchange (or changed through MAPI bypassing the Outlook Object Model on the local machine) until the MailItem object is completely released and reopened. The explorer list shows the changes since it
    is fed off the underlying folder contents table, not the cached MailItem object.
    There is nothing you can unless you make sure the MailItem object is released and is never kept referenced fro any prolonged periods of time.
    Dmitry Streblechenko (MVP)
    http://www.dimastr.com/redemption
    Redemption - what the Outlook
    Object Model should have been
    Version 5.5 is now available!

  • How to only synchronize one specific LDAP user group with SAP?

    Hi,
    Hopefully this is the correct forum to post this in. I want to have continuous one-way synchronization of users from my LDAP server to my SAP central system. I've started configure in SAP using transaction SM59 and LDAP. Can I somewhere set that only one specific LDAP user group shall be transferred to SAP (they do not need to be assigned to any specific group, profile, role in SAP) - or should this be done on the LDAP server side (or is it at all possible)?
    Correct me if I'm wrong, but the User Group field in the report RSLDAPSYNC_USER only concerns SAP user groups right? This would therefore not be sufficient since I want to select the users to synchronize based on user groups in the directory.
    Thanks, Oscar

    We've used a repository constant to specify the LDAP filter for reading users / groups from the LDAP target.
    E.g. LDAP_FILTER_USERS (&(objectCategory=person)(objectClass=user))
    Then we also have a constant for the LDAP_STARTING_POINT
    For our AD Group Initial Load we filter according to these settings:
    LDAP_FILTER_GROUPS = (objectclass=group)
    LDAP_STARTING_POINT_GROUPS = ou=IDMManagedGroups,ou=Groups,dc=cfstest,dc=le,dc=ac,dc=uk
    The above example only reads AD groups starting at the specified OU
    Then in a Job From LDAP Pass the LDAP URL looks like this:
    LDAP://%$rep.LDAP_HOST%:%$rep.LDAP_PORT%/%$rep.LDAP_STARTING_POINT_GROUPS%?*?SUB?%$rep.LDAP_FILTER_GROUPS%
    I hope this helps
    Paul

  • LDAP users Faicng Error While Accessing the ESS Iviews in Portal

    Hi,
    My Portal is SAP EP 7.0 SP20 And ECC 6.0 SP16.
    UME users able to access the ESS MSS Iviews.But only one LDAP User only access ESS/MSS Iviews Other getting the Below error.
    Critical Error
    A critical error has occured. Processing of the service had to be terminated. Unsaved data has been lost.     
    Please contact your system administrator     
    Syntax error in program CL_XSS_CAT_BUFFER=============CP        ., error key: RFC_ERROR_SYSTEM_FAILURE     
    Syntax error in program CL_XSS_CAT_BUFFER=============CP        ., error key: RFC_ERROR_SYSTEM_FAILURE:
    com.sap.tc.webdynpro.modelimpl.dynamicrfc.WDDynamicRFCExecuteException: Syntax error in program CL_XSS_CAT_BUFFER=============CP        ., error key: RFC_ERROR_SYSTEM_FAILURE
                    at com.sap.tc.webdynpro.modelimpl.dynamicrfc.DynamicRFCModelClassExecutable.execute(DynamicRFCModelClassExecutable.java:101)
                    at com.sap.xss.ser.xssmenu.fc.ModelHandler.onInit(ModelHandler.java:205)
                    at com.sap.xss.ser.xssmenu.fc.wdp.InternalModelHandler.onInit(InternalModelHandler.java:428)
                    at com.sap.xss.ser.xssmenu.fc.FcXssMenu.setPersonnelNumber(FcXssMenu.java:570)
                    at com.sap.xss.ser.xssmenu.fc.FcXssMenu.onInit(FcXssMenu.java:292)
                    at com.sap.xss.ser.xssmenu.fc.wdp.InternalFcXssMenu.onInit(InternalFcXssMenu.java:455)
                    at com.sap.xss.ser.xssmenu.fc.FcXssMenuInterface.onInit(FcXssMenuInterface.java:165)
                    at com.sap.xss.ser.xssmenu.fc.wdp.InternalFcXssMenuInterface.onInit(InternalFcXssMenuInterface.java:389)
                    at com.sap.xss.ser.xssmenu.fc.wdp.InternalFcXssMenuInterface$External.onInit(InternalFcXssMenuInterface.java:546)
                    at com.sap.pcuigp.xssfpm.wd.FPMComponent$FPM.attachComponentToUsage(FPMComponent.java:922)
                    at com.sap.pcuigp.xssfpm.wd.FPMComponent$FPM.attachComponentToUsage(FPMComponent.java:891)
                    at com.sap.pcuigp.xssfpm.wd.FPMComponent$FPMProxy.attachComponentToUsage(FPMComponent.java:1084)
                    at com.sap.pcuigp.xssutils.navi.FcNavigation.onInit(FcNavigation.java:314)
                    at com.sap.pcuigp.xssutils.navi.wdp.InternalFcNavigation.onInit(InternalFcNavigation.java:358)
                    at com.sap.pcuigp.xssutils.navi.FcNavigationInterface.onInit(FcNavigationInterface.java:145)
                    at com.sap.pcuigp.xssutils.navi.wdp.InternalFcNavigationInterface.onInit(InternalFcNavigationInterface.java:142)
                    at com.sap.pcuigp.xssutils.navi.wdp.InternalFcNavigationInterface$External.onInit(InternalFcNavigationInterface.java:278)
                    at com.sap.pcuigp.xssfpm.wd.FPMComponent$FPM.attachComponentToUsage(FPMComponent.java:922)
                    at com.sap.pcuigp.xssfpm.wd.FPMComponent$FPM.attachComponentToUsage(FPMComponent.java:891)
                    at com.sap.pcuigp.xssfpm.wd.FPMComponent$FPMProxy.attachComponentToUsage(FPMComponent.java:1084)
                    at com.sap.pcuigp.xssutils.roadmap.VcRoadmap.onInit(VcRoadmap.java:188)
                    at com.sap.pcuigp.xssutils.roadmap.wdp.InternalVcRoadmap.onInit(InternalVcRoadmap.java:162)
                    at com.sap.pcuigp.xssutils.roadmap.VcRoadmapInterface.onInit(VcRoadmapInterface.java:153)
                    at com.sap.pcuigp.xssutils.roadmap.wdp.InternalVcRoadmapInterface.onInit(InternalVcRoadmapInterface.java:144)
                    at com.sap.pcuigp.xssutils.roadmap.wdp.InternalVcRoadmapInterface$External.onInit(InternalVcRoadmapInterface.java:220)
                    at com.sap.pcuigp.xssfpm.wd.FPMComponent.doProcessEvent(FPMComponent.java:564)
                    at com.sap.pcuigp.xssfpm.wd.FPMComponent.doEventLoop(FPMComponent.java:438)
                    at com.sap.pcuigp.xssfpm.wd.FPMComponent.wdDoInit(FPMComponent.java:196)
                    at com.sap.pcuigp.xssfpm.wd.wdp.InternalFPMComponent.wdDoInit(InternalFPMComponent.java:110)
                    at com.sap.tc.webdynpro.progmodel.generation.DelegatingComponent.doInit(DelegatingComponent.java:108)
                    at com.sap.tc.webdynpro.progmodel.controller.Controller.initController(Controller.java:215)
                    at com.sap.tc.webdynpro.progmodel.controller.Controller.init(Controller.java:200)
                    at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.init(ClientComponent.java:430)
                    at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.init(ClientApplication.java:362)
                    at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.initApplication(ApplicationSession.java:782)
                    at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:302)
                    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingPortal(ClientSession.java:761)
                    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:696)
                    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)
                    at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
                    at com.sap.tc.webdynpro.clientserver.session.core.ApplicationHandle.doProcessing(ApplicationHandle.java:73)
                    at com.sap.tc.webdynpro.portal.pb.impl.AbstractApplicationProxy.sendDataAndProcessActionInternal(AbstractApplicationProxy.java:869)
                    at com.sap.tc.webdynpro.portal.pb.impl.AbstractApplicationProxy.create(AbstractApplicationProxy.java:229)
                    at com.sap.portal.pb.PageBuilder.updateApplications(PageBuilder.java:1344)
                    at com.sap.portal.pb.PageBuilder.createPage(PageBuilder.java:356)
                    at com.sap.portal.pb.PageBuilder.init(PageBuilder.java:549)
                    at com.sap.portal.pb.PageBuilder.wdDoInit(PageBuilder.java:193)
                    at com.sap.portal.pb.wdp.InternalPageBuilder.wdDoInit(InternalPageBuilder.java:150)
                    at com.sap.tc.webdynpro.progmodel.generation.DelegatingComponent.doInit(DelegatingComponent.java:108)
                    at com.sap.tc.webdynpro.progmodel.controller.Controller.initController(Controller.java:215)
                    at com.sap.tc.webdynpro.progmodel.controller.Controller.init(Controller.java:200)
                    at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.init(ClientComponent.java:430)
                    at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.init(ClientApplication.java:362)
                    at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.initApplication(ApplicationSession.java:782)
                    at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:302)
                    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)
                    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)
                    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)
                    at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
                    at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
                    at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doPost(DispatcherServlet.java:53)
                    at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
                    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
                    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
                    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
                    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
                    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
                    at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
                    at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
                    at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
                    at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
                    at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
                    at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
                    at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
                    at java.security.AccessController.doPrivileged(Native Method)
                    at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
                    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by: com.sap.aii.proxy.framework.core.BaseProxyException: Syntax error in program CL_XSS_CAT_BUFFER=============CP        ., error key: RFC_ERROR_SYSTEM_FAILURE
                    at com.sap.aii.proxy.framework.core.AbstractProxy.send$(AbstractProxy.java:150)
                    at com.sap.pcuigp.xssutils.xssmenu.model.MenuModel.hrxss_Ser_Getmenudata(MenuModel.java:171)
                    at com.sap.pcuigp.xssutils.xssmenu.model.Hrxss_Ser_Getmenudata_Input.doExecute(Hrxss_Ser_Getmenudata_Input.java:137)
                    at com.sap.tc.webdynpro.modelimpl.dynamicrfc.DynamicRFCModelClassExecutable.execute(DynamicRFCModelClassExecutable.java:92)
                    ... 76 more
    Thanks & Regrads,
    Subba Rao

    Hi,
    Now every user facing the same error while accessing ESS Iviews from Portal.
    in ST22 Dump is created.
    What happened?                                                                                |
    Error in the ABAP Application Program
    The current ABAP program "CL_XSS_CAT_TIME_SHEET=========CP" had to be
    terminated because it has
    come across a statement that unfortunately cannot be executed.
    The following syntax error occurred in program
    "CL_XSS_CAT_BUFFER=============CP " in include
    "CL_XSS_CAT_BUFFER=============CM00C " in
    line 50:
    ""L_CATSDB" and "L_CATSDBCOMM" are not mutually convertible. In Unicode"
    " programs, "L_CATSDB" must have the same structure layout as "L_CATSDB"
    "COMM", independent of the length of a Unicode character."
    The include has been created and last changed by:
    Created by: "SAP "
    Last changed by: "SAP "
    Error in the ABAP Application Program
    The current ABAP program "CL_XSS_CAT_TIME_SHEET=========CP" had to be
    terminated because it has
    |    come across a statement that unfortunately cannot be executed.
    What we need to resolve the above issue.
    Thanks & Regards,
    Subba Rao

Maybe you are looking for

  • PE51 - How to display a custom result in a PE51 forms?

    Hi experts, I want to display the result of a specific Module Function in a PE51 form (payslip). The module function returns a table with a proper contain for each employee / period. I don't know the size of the table (number of lines) for each emplo

  • Adobe Media Encoder CC renders do not reflect changes to Dynamically Linked After Effects Comps

    When rendering a Premiere timeline with a dynamically linked After Effects composition, Adobe Media Encoder will sometimes use an older version of the linked composition (even after I have saved changes in the After Effects comp). For example, if I c

  • XML in clob columns and OWB

    I'm building some ETL process to extract data from XML in CLOB columns. I know that there are solutions to use functions as extractvalue() of WB_XML_LOAD(), but I want to know if there is any other way to deal with XML. The reason for that is because

  • Applet not working in IE

    HI I made this applet and it is working in Netscape but not working with Microsoft explorer. here is the html code: <html> <head> <title>Week Name Calculator</title> </head> <body> JWORLD <APPLET  CODE="FindTheDayA.class" CODEBASE=" " WIDTH=290 HEIGH

  • Release Procedure - Currency

    Hi, I have release procedure for purchase order with value as one of the characteristics. Now my characteristics has USD, however i need to incorporate the release for other currencies like EURO, Yen etc. Let me know what should be my approach. Regar