Transporting anonymous MIME service user logon details
Hi
I was having a problem with saved BW excel reports prompting for username and password logon to view saved excel report sheets, I found implementing note 650399 & 487456 fixed this problem by setting a user in SICF path /default_host/sap/bw/mime for anonymous logon in DEV.
The problem is, when I transport this, the anonymous user settings are lost in /default_host/sap/bw/mime, how do I transport this public user setting? as I do not want to open up the QA and Production clients to enter the anonymous data directly, as this would make the object a repaired object wouldn't it?
Also, the note I followed, 487456, says to maintain the anonymous logon with the public user, normally in the ICF i have created aliases to services, not changed the original, the note says you should enter the anonymous user into /default_host/sap/bw/mime as this is a SAP standard path, couldn't this cause problems with future Support Packs and upgradeds?
Thanks for any help.
Hi Ruchit
Yes, the user exists with correct password and user setup in QA.
When I look at the anonymous logon details, when i do a technical help, the table is ICFSERVICE and the fieldname for the username is ICF_USER.
When I look in the transport I created when i entered the anonymous the logon details in DEV, the ICFSERVICE table is there, but the not the field for ICF_USER, the only fields in the transport from table ICFSERVICE are ICF_NAME
and ICFPARGUID.
So, looks like user ID has not been recorded in the transport, even though the transport was created when I entered the logon details.
Regards,
Paul.
Similar Messages
-
Transporting anonymous MIME service user
Hi
I was having a problem with saved BW excel reports prompting for username and password logon to view saved excel report sheets, I found implementing note 650399 & 487456 fixed this problem by setting a user in SICF path /default_host/sap/bw/mime for anonymous logon in DEV.
The problem is, when I transport this, the anonymous user settings are lost in /default_host/sap/bw/mime, how do I transport this public user setting? as I do not want to open up the QA and Production clients to enter the anonymous data directly, as this would make the object a repaired object wouldn't it?
Also, the note I followed, 487456, says to maintain the anonymous logon with the public user, normally in the ICF i have created aliases to services, not changed the original, the note says you should enter the anonymous user into /default_host/sap/bw/mime as this is a SAP standard path, couldn't this cause problems with future Support Packs and upgradeds?
Thanks for any help.Hi Ruchit
Yes, the user exists with correct password and user setup in QA.
When I look at the anonymous logon details, when i do a technical help, the table is ICFSERVICE and the fieldname for the username is ICF_USER.
When I look in the transport I created when i entered the anonymous the logon details in DEV, the ICFSERVICE table is there, but the not the field for ICF_USER, the only fields in the transport from table ICFSERVICE are ICF_NAME
and ICFPARGUID.
So, looks like user ID has not been recorded in the transport, even though the transport was created when I entered the logon details.
Regards,
Paul. -
Get portal user logon details from abap web dynpro
Hi all,
I am developing an abap web dynpro which will be added via an iview to our ees/mss portal. What i need to know is how do i get the current user logon details in my web dynpro! i.e. if a user is loged into the portal using personnel number 111111 i need to be able to capture this value so that i can retrieve hr data for this personel number! any information would be much appreciated!
Regards
MartHi Mart,
You can pass "iv_user=<User.LogonUid>" as application parameter in iview.
add iv_user parameter in HANDLEDEFAULT method of default window of webdynpro component.
that's it.
when u run your webdynpro application, you can have value of portal logged on userid in iv_user.
hope this will help u a lot.
[Visit this thread|Re: WD4A: pass portal logged in userID to WebDynpro ABAP IView.]
-Haresh Khandal -
Hi everybody,
My requirement is to get the logon details of a user ( Application Area ) details for a specific period of time.
For this, are the details stored anywhere in the system ( presentation or application server ) ?
Can anybody suggest ?
Note : Pls guide me if this isnt right place for posting this query ?
Regards,
Kumudha.Hai,
In order to activate Audit log, you have to set the profile parameters which is you see in the blog already given to you.
In RZ10 you have to select the Instance profile and set the parameters and their relevant values and save them.
The settings are activated after the instance has been restarted.
http://www.saptechies.com/setting-sap-profile-parameters/
Since the profiles you add help in activating Audit log this will not create any problem in your system.
Regards,
Yoganand.V -
When connecting to remote system, once again asking user & password details
hi
I created one RFC in R/3 system, with the same logical system name of xi, giving all technical and logon details.
When I click on remote logon to enter into xi system,it is once again asking user logon details. After entering the details it is allowing into the xi system. Directly it is not entering into remote system when I click remote logon button.
I created both sides (in xi and R/3) and checked the same thing. Both sides I am getting the same problem. it is showing client name correctly but user and password name it is displaying the same server information. like if I am connecting from R/3 to XI means it is showing XI client number but R/3 user and password. Once after I change user and password and press enter it is going into remote system.
Could someone please help me on this?
Thanks in advance and best regards,
1234hi lavanya
Provide the user with the corresponding authorization or avoid using the protected users DDIC and SAP*
check below
Trusting Transaction SMT2
The trusting transaction SMT2 (or SM59 ® RFC ® Trusting Systems) constructs a list of all trusting systems that have been established for this trusted system. Here, a logon and authorization check for the current user and client is performed, using the destination TRUSTING_SYSTEM@S00 that has been automatically created.
This basically corresponds to transaction SM51, if you use Remote Login to perform a logon on a different application server.
If problems occur while setting the destination TRUSTING_SYSTEM@S00 (such as host name or service information), you either have to create a new destination for your needs, and then enter the host name or service information using SAP router strings, or adjust the network settings of the server. To correct the problem in transaction SMT2, you have to adjust the network configuration of the server. As this transaction is only to be used for test purposes, in this case you could also choose to ignore the error.
To perform a logon as a different user or client, you have to create a new RFC destination with a trusted option set.
In this scenario, the following error text in SMT2 can be ignored:
No authorization to log on as a trusted system (Trusted RC=0)
If the host name contains the character '_' (as in "my_host"), then the generation of the related trusting system destination may lead to incorrect settings. This problem can be corrected by implementing Support Package SAPKB46D09 (see below). For earlier releases, the changes required to correct the problem can be made manually.
regards
kummari -
Last three user logon date and time
Hi Everybody,
I would like to find out last few user logon details of an user. Where can I get this information if ST01 trace is not turn on? Table USR02 only shows the last logon that is insufficient.
Thanks!You can use the dynamic audit logs in SM19 to record a successfull logon event for a single or all users.
If you want the information readily available, you can activate parameter rsau/enable and set static filters.
If it is too late for this, then you would need to look in the application statistics (ST03N in Expert Mode) to get the information. -
Hi all,
I need some logic to achive report scenario
userwise total logon time for the day for the terminal.
Sample Data
Date Time User Terminal Logon Logoff
20100403 125622 usr01 User05 LOGON SUCCESSFUL
20100403 125804 usr01 User06 LOGON SUCCESSFUL
20100403 130152 usr01 User05 USER LOGOFF
20100403 131653 usr01 User06 USER LOGOFF
20100403 134625 usr01 User05 LOGON SUCCESSFUL
20100403 142720 usr01 User05 USER LOGOFF
20100403 144108 usr01 User05 LOGON SUCCESSFUL
20100403 144558 usr01 User05 USER LOGOFF
20100403 154432 usr01 User07 LOGON SUCCESSFUL
20100403 155349 usr01 User07 USER LOGOFF
20100403 180135 usr01 User05 LOGON SUCCESSFUL
20100403 180546 usr01 User05 USER LOGOFF
20100404 81936 usr01 User05 LOGON SUCCESSFUL
20100404 82012 usr01 User05 USER LOGOFF
20100404 83511 usr01 User05 LOGON SUCCESSFUL
20100404 83620 usr01 User05 USER LOGOFF
20100404 83620 usr01 User05 LOGON SUCCESSFUL
20100404 83937 usr01 User05 USER LOGOFF
20100404 83916 usr01 User05 LOGON SUCCESSFUL
20100404 91603 usr01 User05 USER LOGOFF
20100404 93835 usr01 User05 LOGON SUCCESSFUL
20100404 93900 usr01 User05 USER LOGOFF
20100404 155750 usr01 User05 LOGON SUCCESSFUL
20100404 163909 usr01 User05 USER LOGOFF
Thanks,
Kaleelhmm r u loading this data in some info-provider?
anyway in system use t-code SUIM
here u can get user logon details, password change history & much more -
User logon history date and time details
Hi,
can any tell me the user logon history tables,
as usr02 is only having the present log on detailsuse below Function module
CALL FUNCTION '<b>RSAU_READ_FILE</b>'.
it will solve your problem...
=====================================
Use BAPIS there are very useful BAPIS to get the user's info.
BAPI_USER_CHANGE Change User
BAPI_USER_CLONE Create User with Template in Another System
BAPI_USER_CREATE Create a User
BAPI_USER_CREATE1 Create a User
BAPI_USER_DELETE BAPI to Delete a User
BAPI_USER_DISPLAY Display users
BAPI_USER_EXISTENCE_CHECK Check a user exists
BAPI_USER_GET_DETAIL Read User Details
BAPI_USER_LOCACTGROUPS_ASSIGN Change Activity Group Assignment for Dependent Systems from Central System
BAPI_USER_LOCACTGROUPS_DELETE Delete Activity Group Assignments in the Dependent Systems
BAPI_USER_LOCK Lock User
BAPI_USER_LOCPROFILES_ASSIGN Change Profile Assignment for Dependent Systems from Central System
BAPI_USER_LOCPROFILES_DELETE Delete Profile Assignments for Dependent Systems
BAPI_USER_PROFILES_ASSIGN User: Assign profiles
BAPI_USER_PROFILES_DELETE User: Delete All Profile Assignments
BAPI_USER_UNLOCK Unlock user
===================================
U can see tables:
USR01 User master record (runtime data)
USR02 Logon data
USR03 User address data
USR05 User Master Parameter ID
USR12 User master authorization values
<b>Reward Points if it is useful..</b>
Thanks & Regards
ilesh 24x7 -
IS validation rule export to Data Services invalidates datastore logon details
I am exporting an Information Steward 4.2 SP1 validation rule to Data Services 4.2 SP1; a part of the rule is a database table lookup. In the export process, IS creates a new datastore with that table I'm doing the lookup against.
The problem is that every time I re-export the rule after changing it, I have to maintain db server logon details in that generated datastore again.
Have I missed a configuration step, or it's just an error to raise through OSS?Hi Apurva ,
Now I got Variable Id and Varibale Value i have give From Data Fields of VC .
When i click on Button Export To Excel it gives
SET_VARIABLES_STATE is Correctly placed For
VARIABLE_VALUES VARIABLE_VALUE
if give
VARIABLE_VALUES VARIABLE_VALUE instead of SET_VARIABLES_STATE it is giving No MetaData is available for VARIABLE_VALUES VARIABLE_VALUE
it throws like .
please help in this regard.
I Have given The Formuls AS Below
"pcd!3aportal_content!2fcom.sap.pct!2fplatform_add_ons!2fcom.sap.ip.bi!2fiViews!2fcom.sap.ip.bi.bex?QUERY=zmp_prodn_mtef_ccp_1&BI_COMMAND_1-BI_COMMAND_TYPE=VARIABLE_VALUES VARIABLE_VALUE&BI_COMMAND_1-VARIABLE_VALUES VARIABLE_VALUE_1-VARIABLE_TYPE=VARIABLE_INPUT_STRING&BI_COMMAND_1-VARIABLE_VALUES-VARIABLE_VALUE_1-VARIABLE_TYPE-VARIABLE_INPUT_STRING="&2009&"&BI_COMMAND_1-VARIABLE_VALUES-VARIABLE_VALUE_1-VARIABLE=0P_FYEAR&BI_COMMAND_3-BI_COMMAND_TYPE=EXPORT&BI_COMMAND_3-EXPORT_FORMAT=XLS&BI_COMMAND_3-null="
Regards ,
venkat p -
How to find the Last logon detail of a deleted user?
I need to find the last logon detail of a deleted user.I have tried with SM20 i got the details,but i coildnt get for few users.Is there any other way to get this?
Hi Eva,
Follow below:-
1. Go to Se16
2. table name either USH02 or USH04
3. provide BNAME row as your user name then execute it
4. you will get all the entries for that user in the next output screen
5. Check the Column names like
MODDA
MODTI
MODBE
TCODE REPID
For the Details which you need.
The descriptions of this columns are as below:-
MANDT
Client
BNAME
User
MODDA
Modification date
MODTI
Modification time
MODBE
Changed by
TCODE
Not More Closely Defined Area, Pos
REPID
Program Name
BCODE
Initial password
GLTGV
Valid from
GLTGB
Valid through
USTYP
User Type
CLASS
User group
UFLAG
User Lock Status
ACCNT
Account number
PASSCODE
Password Hash Val.(SAH1, 160 Bit)
CODVN
Password Code Vers.
PWDINITIAL
Indicator: Password Is Initial
Let me know if you need further help in this.
Regards,
Ram -
Automatic email with logon details when user creation
Hi,
Does any one can through some light on sending automatic emails with logon details when the users created with SU01? I know we have lot of tools like GRC, Approva we can do but I would like to know any thing within SAP not with any external tools.
Thanks,
VenkatQuick and easy way without any development:
a) Create a variant for report RSUSR100N to search for created user IDs where the creator was not equal to the expected "false positive" ones.
b) Save a dynamic date and time calculation for the variant.
c) Define a mail distribution list for the spool request if there is one ...
d) Schedule the variant periodically as per the dynamic date and time period.
e) Check that SCOT is configured to send the mail or SMS.
f) Wait for the mail to be sent (this step might take some time...)
Cheers,
Julius -
Can LabVIEW run as a service on WinNT kernels [without a user logon]?
Is it possible to run LabVIEW as a service on a WinNT kernel [NT 4.0, 2000, or 2003]?
I.e. is it possible to run LabVIEW without a user logging on?
Or must there always be a user logged on before LabVIEW can be run?
Also, if standard-issue National Instruments LabVIEW cannot run as a service, then are there any third party products [maybe from Endevo, or Vogel Automatisierungstechnik] that have the ability to create something like a "LabVIEW-lite" that can run as a service [without a user logon]?
Thanks!Windows
=======
LabVIEW code can run within a service, but LV does not support being built as a service.
What is the difference? An NT Service requires a special exported API and integration with the NT Service Manager. We do not build that kind of EXE, just the regular EXE. However, you can build your LV application into a DLL and then load that up from your own service host EXE.
However, there are a couple of gotcha's that happen when running as a service. First remember that you cannot have any UI - so if any of your VI's attempt to open their front panel, you are going to be in trouble. Second, there is an issue with pumping Windows messages in LV right now. See my blog article on ASP.NET and LV (which is LV running in a service - the aspnet_wp.exe service). My blog link is in my signature.
Also remember that while a service doesn't need a user to log in, it itself is going to log into Windows to get the security credentials. You'll need to think about what credentials you want the application running under when you configure the NT service. Remember, Local System, which is the default, means that you have super user priv. on the local machine, but no NT Network permissions. It is generally a good idea to create an NT Workgroup or Domain account specifically for the service so that you can control what permissions it has.
Other Platforms
===============
Linux and Solaris daemons are a bit more straightforward and so, I think, both the EXE and DLL should work. However, I haven't done daemon work in over 10 years so I won't promise anything
I have never worked on a Mac so I have no idea. But X is really a Unix OS so I imagine it would be the same as Linux. However, for all platforms supported by LV, building into a library and then calling the library from the OS's service host *should* work. Just the same rules about the UI.
Brian Tyler
http://detritus.blogs.com/lycangeek -
I want to grant permissions to all domain users to view reports on our Report Server. Domain users are able to access our Report Server URL and folder, but when they click on a report item they get an error message:
"Cannot open database "ReportServer" requested by the login. The login failed. Login failed for user 'USER LOGON'"
I'm using windows authentication and configured the local service account in SSReportS Config Manager as the credentials to connect to the Report Server DB.
Can someone please help how I should properly do this step by step to give all domain users permissions to view a report in SSRS?
Thanks much! - Rookie DBAHi IWAR,
The error message "Cannot open database "ReportServer" requested by the login. The login failed. Login failed for user 'USER LOGON'" means the user 'USER LOGON' does not have permissions to access the "ReportServer" database.
To fix this issue, please verify that the user has a valid database user login. For more details, please refer to the following steps.
In SQL Server Management Studio, open Object Explorer and expand the Databases folder.
Expand the database in which to create the new database user.
Right-click the Security folder, point to New, and then click User.
On the General page, enter a name for the new user in the User name box.
In the Login name box, enter the name of a SQL Server login to map to the database user.
Click OK.
Reference:
http://technet.microsoft.com/en-us/library/ms156468(v=sql.105).aspx
Hope this helps.
Thanks,
Katherine Xiong
Katherine Xiong
TechNet Community Support -
Use ZBEX Anonymous Login Service in BIApplicationFrame in ABAP Web Dynpro
Hello,
We created a ZBEX Service as an alias of the BEX Service as per SAP OSS Note 516884 to allow users to anonymously access BW reports.
Now we want to embed the BI Web Application in an ABAP Webdynpro as a BIApplicationFrame.
Note that the ABAP Web Dynpro is on the SAP R/3 ERP side while BI is a separate BW instance.
The problem we are facing is the standard BIApplicationFrame element uses the SAP standard BEX service when it forms the URL and we do not seem to have a way to make it use the ZBEX Anonymous login service. Hence it always asks for the logon screen defeating our purpose.
Has anybody done been able to make the BIApplicationFrame use ZBEX service and if yes, what is the solution to this problem?
Thanks and regards,
Atul KulkarniHi Ankur,
Someone will somewhere call the EJB (not: "Java Bean"!). As an EJB isn't part of a request/response cycle but mainly thought for business logic, it is of course the task of the calling component to deliver the user (his logonID for example) to the EJB. There is not other way!
Hope it helps
Detlev -
Problem in maintaining service user for CCM srm_cse
Hello all,
We are implementing SRM 4.0 (EBP 5.5) SSP scenario.
To support shopping of EBP we are also implementing CCM 2.0 as an add on.
Please note CCM and EBP are on same client and CAT & CSE are also on the same client.
No XI is involved as the catalog will be only uploaded in CSV format.
I am doing intial configurations for CAT and CSE.
Now we know that we need to configure a service user in the service of srm_cse.
I am adding the same in SRM client-> trans SICF -> default host -> sap -> bc -> bsp -> ccm -> srm_cse ->change service -> log on procedure- log on data reqd. -> Anonymous log on data - details of client, user, password, language.
since my SRM and CCM are in same client I have put the same client no. and given the user with role "/CCM/CATALOG_SEARCH"
But when I am saving this change in service I am getting an error messaeg that " Changes to Repository or cross-client Customizing are not permitted ".
I am in a same client hence there is no question of cross client customizing .
The other cause left is CHANGES TO REPOSITORY .
Can anybody tell me where I should do config so that this "changes to repository" error message will be be corrected?
Thanks for yr attention and apologies for lengthy matter.
Kind Regards,
DineshHello Yann,
Thanks a lot for your attention.
But my question was regarding particular error I am getting while maintaining service user in the service "srm_cse" as given in my first message.
Can you throw some light on that pl.?
My client configration as per yr path is present.
Regards,
Dinesh
Maybe you are looking for
-
Error while filling the Setup tables
Hi Experts, I tried to fill the setup tables using the transaction code SBIW. But there I found an error saying that "Error determining rate: foreign curr. local curr. EUR date 25.07.2007 (doc. 2497) Message no. M2810". Please help me in th
-
SRM 7 - Deleting a cart even when PO exists
Hi all, As per OSS note 1649794,in SRM 7,a cart can be deletd(item level) even afyer the follow on document i.e. PO is created. Is there a way we can control to not allow requester to be able to delete a cart when a PO exists for the cart?
-
Emails containing pictures are blank when I forward them
When I receive emails including pictures/photos, when I forward these on the recipient is not getting pictures. All my plug ins are up to date.
-
Exit to change the value of eban-ekgrp and ekko-ekgrp
Hi all, which user exit is the best to change the value of eban-ekgrp and ekko-ekgrp
-
Hello Everyone!, I am facing very weird problem with my vi. The TDMS write in my "Processing" case/state records the processed data for each channel of every run. However, instead have different set of data for every run, I get