Type of logon in SM04

Hello everybody,
   when i execute the transaction SM04, then one user show the logon type RFC.
then what is mean by the logon type if RFC, I know that the RFC means Remote Function call.
But what is mean by logon type RFC
Thanks
Ganesh

Simply means that the user was logged one via an RFC connection instead a SAPGui connection.
For example if you have Solution Manager you'll see frequent connection from the SOLMAN user via RFC.
Regards
Juan

Similar Messages

  • Explanation of the types of logons

    Can someone explain the different types of Logons availabe through the NCo 3 connector?
    As I understand it, there are 3 types:
    1) Connection directly to a specific application server
    2) Connection to a message server using a logon group
    3) Connection through a gateway.
    Is a message server/logon group type logon used when there is more than one appserver in an Instance?  If so, is the message server also one of the app servers or is it a separate server?
    If you have more than one app server in an instance, why would you ever want to connect directly to an application server rather than through a message server?
    What is a "gateway" connection?

    In order:
    Opacity is just that: A percentage determines how transparent that layer will look above another layer in a layer stack.
    The official Adobe help for Photoshop can help explain the shorter list of Blend Modes PS Touch has including Screen and Multiply.
    Match Color will try to capture the overall color tone of the layer beneath it. (Especially good for trying to match two disparate layers.) Take note this only shows up for the next to bottom-most layer and above in the layer stack for obvious reasons. (You can't match color in the bottom-most layer because there isn't anything underneath that layer to match color with.)
    Merge Layers does what you think it does with some options: You can merge only visible layers, flatten the whole project into one layer or simply merge the selected layer with the layer immediately beneath it.
    Finally, Delete simply deletes the layer.

  • Particular type of logon

    Hello,
    I'm trying to run a script that requires the following connection string: orcl as sysdba. The problem I'm having is that I do not know how to do it in PQL Plus (XP Prof) since it does not have any field for a connection string. I know that there is a way to do it is prompt window but I don't know how. How to do it please then? Thank you very much indeed.
    Sincerely yours,
    André Luiz

    Simply means that the user was logged one via an RFC connection instead a SAPGui connection.
    For example if you have Solution Manager you'll see frequent connection from the SOLMAN user via RFC.
    Regards
    Juan

  • Change language of output type in output type condition?

    Hey Team ABAP,
    subject is MM output type determination for PO.
    Standard finds his customized output type and sets communication language of supplier as output type language.
    I need to somehow change that, as we dont want to print our PO´s in supplier language but in logon language.
    I didnt found a way to customize it in a way that it determines the output type with logon language. So i thought: "well, lets do it in a condition then".
    I coded a new condition and set that condition in the OT scheme for desired OT.
    Problem is that manipulating XNAST[] at this point doesnt really make any impact. copndition runs in main program SAPLV61B which is actually the main program for messaging, so i´m at the correct nast and dirty assigns cant help me either.
    I guess my problem is cause SPRAS is actually a key field of NAST respective XNAST then.
    Besides, i cant just goto the driver program and set nast-spras = sy-langu there, as we want to make use of the language of the output type.
    What i want is: output type gets determined in logon language, but when user decides to change the language it should take effect.
    Any ideas?

    well one more addition to this:
    Setting that checkbox does what i want, but only language wise.
    Setting it also prevents you from beeing able to assign a partner to that output type which again is bad.
    So now i end up having a problem without the checkbox and as well with the checkbox.
    Just wanted to let you know... beeing on my way to modify FM messaging then.

  • Meaning of User types & their use....

    Hi all,
    Please explain me below user types and their significance in brief:
    USR02-USTYP  Description
    A             Dialog
    B             System User (Internal RFC and Background Processing)
    C             Communication User (External RFC)
    L             Reference User
    S             Service User
    Regards,
    Sachin

    User Type
    Dialog 'A'
    A normal dialog user is used by one person only for all types of logon.
    During a dialog logon, the system checks for expired and initial passwords and provides an option to change the password.
    Multiple dialog logons are checked and logged if necessary.
    System 'B'
    Use the system user type for internal system processes (-> background processing) or system-related processes (-> ALE, workflow, TMS, CUA).
    Dialog logon (using SAP GUI) is not possible.
    A user of this type is excluded from the general settings for password validity. Only user administrators can change the password using transaction SU01 (Goto -> Change Password).
    Multiple logons are permissible.
    Communication 'C'
    Use users of type Communication for dialog-free communication between systems (-> RFC or CPIC) .
    Dialog logon (using SAP GUI) is not possible.
    The general settings for the validity period of a password apply to users of this type. Users of this type can change their passwords (like dialog users). The dialogs for changing the password must be provided by the caller (RFC/CPIC client). You can use the RFC function module USR_USER_CHANGE_PASSWORD_RFC or the RFC API function RfcOpenEx() to change the password.
    Service 'S'
    A user of the type Service is a dialog user that is available to an anonymous, larger group of users. Generally, this type of user should only be assigned very restricted authorizations.
    For example, service users are used for anonymous system access using an ITS service or a public Web service. Once an individual has been authenticated, a session that started anonymously using a service user can be continued as a personal session using a dialog user (see SUSR_INTERNET_USERSWITCH)
    During logon, the system does not check for expired and initial passwords. Only the user administrator can change the password.
    Multiple logon is allowed.
    Reference 'L'
    Like the service user, a reference user is a general user, not assigned to a particular person. You cannot log on using a reference user. The reference user is only used to assign additional authorization. Reference users are implemented to equip Internet users with identical authorizations.
    On the Roles tab, you can specify a reference user for additional rights for dialog users. Generally, the application controls the allocation of reference users. You can allocate the name of the reference user using variables. The variables should begin with "$". You assign variables to reference users in transaction SU_REFUSERVARIABLE.
    This assignment applies to all systems in a CUA landscape. If the assigned reference user does not exist in one of the CUA child systems, the assignment is ignored.

  • Error Runging the Transaction iview using SSO logon ticket

    Hi I am getting the follwoing error  in log file. when i am running the Transaction iview using SAP Loggon ticket.
    #1.5 #005056A33F2000840000000500000600000456BC1060683F#1221265635404#com.sap.security.core.umap.imp.UserMappingDataImp#sap.com/irj#com.sap.security.core.umap.imp.UserMappingDataImp.getAuthenticationTicket()#Guest#0##n/a##28a92320812111ddb972005056a33f20#Thread[UWL Pooled Thread:2,5,SAPEngine_Application_Thread[impl:3]_Group]##0#0#Error#1#/System/Security/Usermanagement#Java###The attribute "" of the backend system with alias "" has the invalid value "".
    Cannot generate an SAP authentication assertion ticket for user and the specified backend system.
    Please adjust the value of the system attribute. Supported values are "" and "".#6#AuthenticationTicketType#"KPMGVM005_ALIAS"##"Stokkeland, Pauline" (unique ID: "USER.PRIVATE_DATASOURCE.un:P00024384")#SAP Logon Ticket#SAP Assertion Ticket#
    I have imported the .der file of the portal in to the SAP ECC sytem.using STRUSTSSO2
    Created the profile parameters using rz10 trnsaction.
    login/create_sso2_ticket
    login/accept_sso2_ticket
    restarted the ECC system.
    Created the system object using the follwoing parameters
    WAS
    Connector
    Usermanagement
    Under usermanagement
    Authentication Ticket Type - SAP Logon TicketSAP 
    Logon Method -SAPLOGONTICKET 
    User Mapping Fields  :<not selected>
    User Mapping Type    :<not selected>
    when i test the sytem object under connection test:showing the following error.
    Test Details:
    The test consists of the following steps:
    1. Retrieve the default alias of the system
    2. Check the connection to the backend application using the connector defined in this system object
      Results
    Retrieval of default alias successful
    Connection failed. Make sure that Single Sign-On is configured correctly
    But WAS, ITS, Connector are successfull. but above message is showing.
    what could be the problem.
    When i run one transaction iview with this system it is showing following error.
    com.sap.portal.appintegrator.sap.Transaction::Transaction/WebGuiSSOITS640Layer
    Parameter Dump
    $DebugAction  
    $TimeStamp  1221268987126
    ALLOW_BROWSER  Yes
    Alias  
    ApplicationParameter  
    ApplicationVariants  GuiType
    AuthScheme  default
    Authentication  ******
    AutoStart  false
    CachingLevel  
    ClassName  com.sapportals.portal.appintegrator.layer.SingleSignOnLayer
    ClientWindowID  
    CodeLink  com.sap.portal.appintegrator.sap.Transaction
    CommandField  YTIME
    CurrentWindowId  WID1221260007272
    CustomerExit.ParameterProvider  
    DR.TargetIDPropertyName  TCode
    DebugMode  false
    DynamicParameter  
    DynproFields  
    ExecutionLocation  KPMGVM005_ALIAS
    ExportParameters  Authentication, LogonUser, RequestMethod
    FederationAlias  
    ForcedRequestLanguage  
    ForwardParameters  
    ForwardParameters.Always  sap-config-mode
    ForwardParameters.Excluded  
    ForwardParameters.Forbidden  ClientWindowID, Command, DebugSet, DynamicParameter, Embedded, InitialNodeFirstLevel, SerAttrKeyString, SerKeyString, SerPropString, SessionKeysAvailable, iview_id, iview_mode, windowId, sap-pp-producerid, sap-pp-consumerBaseURL, sap-pp-returnToConsumer, login_submit, j_user, j_password, j_authscheme, uidPasswordLogon, MappedUser, MappedPassword
    GUSID  
    GuiType  WebGui
    GuiType.default  WebGui
    ITSVersion  640
    JREPluginDownloadLocation  
    JREPluginMimeType  application/x-java-applet;version=1.4.1_02
    JavaGuiCodeBase  
    JavaGuiTraceFile  
    JavaGuiTraceKey  
    LAF  
    LoadingCacheKey  <Portal.Version><LAF.Theme>
    LogonMethod  SAPLOGONTICKET
    MandatoryParameters  System
    NavMode  1
    NavigationTarget  navurl://21635c17e11df05c58e1c07deaf5bed1
    NextLayer  Transaction/WebGuiESIDLayer
    OkCode  
    OkCodeField  
    OptionalParameters  
    ParameterTemplate  <ApplicationParameter[PROCESS_RECURSIVE]>;<ForwardParameters[QUERYSTRING]>;<DynamicParameter[PROCESS_RECURSIVE]>;
    Portal  
    ProducerLocation  Remote
    REFRESH_CONTENT  -1
    ReuseWinguiConnection  false
    RoundtripURL  
    SSO2Template  
    SessionManagementVersion  
    SupportedUserAgents  (MSIE, >=5.5, *) (Netscape, *, ) (Mozilla,,*)
    SupportsUnicodeCodePages  false
    System  KPMGVM005_ALIAS
    System.type  lookup:com.sapportals.portal.appintegrator.lookup.SystemLookup
    TCode  YTIME
    Technique  Standard
    TopLayer  Transaction/DragAndRelateLayer
    Transactions_Require_SSF  RRMX,RRMXP
    URL  
    UnsupportedUserAgents  
    UseFrog  true
    UseSPO1  false
    UserMappingTemplate  sap-user=<MappedUser>&sap-password=<MappedPassword>
    ValidityPeriod  -1
    Wizard.ApplicationVariantPane.Description  
    Wizard.ApplicationVariantPane.Title  
    Wizard.MandatoryParameters  System, TCode, GuiType
    Wizard.OptionalParameters  ApplicationParameter, UseFrog, Technique
    Wizard.ParameterPane.Description  
    Wizard.ParameterPane.Title  
    X509Template  
    com.sap.application_integration.ConfigurationServiceID  Transaction_Configuration
    com.sap.portal.ComponentType  com.sapportals.portal.iview
    com.sap.portal.activityreport.MonitorHits  true
    com.sap.portal.admin.propertyeditor.categoryName  
    com.sap.portal.iview.AccessibilitySupport  
    com.sap.portal.iview.Availability  VISIBLE
    com.sap.portal.iview.DisableChildrenDYN  
    com.sap.portal.iview.DisableChildrenRL  
    com.sap.portal.iview.DisableChildrenTC  
    com.sap.portal.iview.DragAndRelate  false
    com.sap.portal.iview.ExpansionMode  Open
    com.sap.portal.iview.HasContentPadding  true
    com.sap.portal.iview.Height  80
    com.sap.portal.iview.HeightScale  PIXELS
    com.sap.portal.iview.HeightType  FIXED
    com.sap.portal.iview.HelpURL  
    com.sap.portal.iview.IsTemplate  false
    com.sap.portal.iview.MainObject  
    com.sap.portal.iview.MaxAutoHeight  1000
    com.sap.portal.iview.MinAutoHeight  0
    com.sap.portal.iview.SMiViewURL  com.sap.portal.epsolman.EPSolman
    com.sap.portal.iview.ShowDetails  true
    com.sap.portal.iview.ShowExpand  true
    com.sap.portal.iview.ShowHelp  false
    com.sap.portal.iview.ShowMinimize  true
    com.sap.portal.iview.ShowPersonalize  true
    com.sap.portal.iview.ShowRefresh  false
    com.sap.portal.iview.ShowRemove  true
    com.sap.portal.iview.ShowSMiView  false
    com.sap.portal.iview.ShowTitle  true
    com.sap.portal.iview.ShowTray  true
    com.sap.portal.iview.TitleURL  
    com.sap.portal.iview.TrayType  PLAIN
    com.sap.portal.iview.Width  400
    com.sap.portal.iview.WidthScale  PIXELS
    com.sap.portal.iview.WidthType  FIXED
    com.sap.portal.iview.family  
    com.sap.portal.navigation.DragRelate  0
    com.sap.portal.navigation.ExtWindowHeight  710
    com.sap.portal.navigation.ExtWindowWidth  1014
    com.sap.portal.navigation.Invisible  false
    com.sap.portal.navigation.JScript  
    com.sap.portal.navigation.MergeId  
    com.sap.portal.navigation.MergePriority  100.0
    com.sap.portal.navigation.Mergible  true
    com.sap.portal.navigation.NavigationHierarchyMetadata  Cacheable
    com.sap.portal.navigation.Priority  100.0
    com.sap.portal.navigation.QuickLink  
    com.sap.portal.navigation.ShowAddToFavorites  true
    com.sap.portal.navigation.ShowType  1
    com.sap.portal.navigation.WindowName  
    com.sap.portal.navigation.view  
    com.sap.portal.pcd.gl.Collection  IP_PTL_INITIAL_CONTENT
    com.sap.portal.pcd.gl.CreatedAt  Sat Sep 22 11:32:17 EDT 2007
    com.sap.portal.pcd.gl.CreatedBy  Administrator
    com.sap.portal.pcd.gl.DeltaLinkState  -1
    com.sap.portal.pcd.gl.Domain  EP
    com.sap.portal.pcd.gl.LastChangedAt  Fri Sep 12 19:24:19 EDT 2008
    com.sap.portal.pcd.gl.LastChangedBy  ksingh
    com.sap.portal.pcd.gl.ObjectClass  com.sapportals.portal.iview
    com.sap.portal.pcd.gl.OriginalCountry  
    com.sap.portal.pcd.gl.OriginalLanguage  en
    com.sap.portal.pcd.gl.Responsible  Administrator
    com.sap.portal.pcd.gl.TransportDependencies  pcd:com.sap.portal.system/archives/com.sap.portal.appintegrator.sap.par
    com.sap.portal.pcd.role.EntryPoint  false
    com.sap.portal.pcm.Description  VRB_com.sap.portal.pcm.Description
    com.sap.portal.pcm.Title  myTime
    com.sap.portal.pcm.admin.Capabilities  com.sap.portal.capability.delete,com.sap.portal.capability.link,com.sap.portal.capability.copy,com.sap.portal.capability.edit,com.sap.portal.capability.cut,com.sap.portal.capability.transportable,com.sap.portal.capability.launch,com.sap.portal.capability.editpermissions
    com.sap.portal.pcm.admin.UseDefaultCapabilities  true
    com.sap.portal.private.iview.PropertiesUrl  pcd:com.sap.portal.system/applications/com.sap.portal.appintegrator.sap/components/Transaction
    com.sap.portal.reserved.iview.ButtonsURL  
    com.sap.portal.reserved.iview.EditorURL  pcd:portal_content/com.sap.pct/admin.templates/iviews/editors/com.sap.portal.pcmEditor
    com.sap.portal.reserved.iview.IconName  
    com.sap.portal.reserved.iview.IsolationMode  URL
    com.sap.portal.reserved.iview.NavPanelStatus  Automatic
    com.sap.portal.reserved.iview.ParamList  *
    com.sap.portal.reserved.iview.WizardURL  com.sap.portal.appintegrator.iViewWizard
    com.sap.portal.workDistributionTopic  
    com.sapportals.portal.navigation.FolderEntry  false
    com.sapportals.portal.navigation.Pictogram  
    com.sapportals.portal.navigation.WinFeatures  resizable=yes,toolbar=no,menubar=no
    propertyIdMapping  
    com.sap.portal.appintegrator.sap.Transaction::Transaction/WebGuiSSOITS640Layer
    MandatoryParameters
    System   SAP_LocalSystem KPMGSBBW_alis KPMGVM005_ALIAS SAP_BW SAP_CRM SAP_ECC SAP_RPM SAP_WEBDYNPRO_CRM_ALIAS TestECC_Alias Test_CRM_Alias WebEx XBICLNT100 XCRCLNT100 XECCLNT100 
    Is it required to add  ECC certificate to Portal sytem?
    we have created the same user id in both the sytems.
    Please let me know what could be the error.
    Regards

    Vijay,
    Please follow these steps and lemme know what you observe.
    Go to system administration->support->sap application-> under test and configuration tools choose sap transaction
    under the mandatory fields choose the system that you have created, choose a tcode (se16) and choose sap gui for windows and click go.
    If you are able to logon to your ecc system, your sso works!
    P.S Make sure the user name with which you are testing this, exists in the backend as well.
    Good luck
    Cheers,
    Sandeep Tudumu

  • External Portal - userIDs used by customers? guest logon?

    Hi,
    We want to impliment an external facing Portal where the customers(citizens) will be able to look up their account information via our CRM system.
    Can somebody maybe explain or point me in the direction on how the userID's and licensing will be treated?
    Obviously a customer must log  in from the internet onto his own account and need a userID for this, but is this a standard SAP userID that is created? So do we need the userID in CRM as well? (I would  hoped the Portal will only read the customer data from CRM rather than the user actually logging onto the Portal.
    What are the user licensing implications? We can surely not be expected to have to pay for user licenses for say a million seperate accounts.
    Thanks, any advise will be appreciate.

    Hi Anja,
    Thanks for the reply.
    No, I do not like to have every customer to have an userID (via UME). I would prefer it to be some type of anonymous logon.
    But then again the user must have some type of logon ID, because how will the customer be identified and linked to his/her own utilities account via CRM?
    Basicaly we use IS-U. So we want to allow customers in the future to view and to manage his their account, provide meter readings, etc. Hopefully this makes more sense.
    All advice will be much appreciated.
    Thanks,
    Adriaan

  • Recipent Type in Pocess Chain email

    HI I am creating message for some of the processes in process chain ,and want it to be mailed to some on SAP Inbox....what recipent type i have to select for it?

    SAP BI
    You could chhose recipent type SAP Logon Name. Denerally we create shared distribution list for the people who wants to receive this message. Take basis people help and they have to do some settings.
    Hope this helps
    Thanks
    sat

  • Impact of Changing User Types

    What is the impact of changing user types from 'service' user type to either a 'communication' or 'system' user type?  Will the change stop authorizations or will it only affect administration?  Is the change related to the available fields or locking security and not necessarily related to authorizations.

    Which release are you on?
    It also depends on your config => rejecting expired passwords, compliance with current password policies (at logon...) and same user context for RFC calls.
    You should first investigate why it is a "SERVICE" type user. If it is from a config wizard with a profile delivered by SAP, then there might be a good reason for this.
    The authority checks on "SERVICE" and "SYSTEM" users are the same, except that "SYSTEM" users are not SAPGui capable. This is not only restricted to the SAPGui logon screen. And for all logon types, they are excempted from changing their password - both via the requirement to do so and the ability to do it voluntarily...
    But if they can administrate themselves, then they can (authorization object S_USER_GRP).
    The same cannot be said for "COMMUNICATION" type users. I recommend not using them at all and there are many SAP notes which correct standard config wizards to use the correct user type => SYSTEM.
    "COMMUNICATION" users are "DIALOG" users, except that when you enter the correct password via the SAPGui logon screen, then a message is returned to inform you that the user type cannot logon from that screen. But other screens will work, if the first screen is skipped.
    You can test this with transaction OBVU in the standard system, or any other Z-transaction of the same ilk.
    Cheers,
    Julius

  • Which table store the user type attribute details on 4.5b version

    Hi,
      I am hunting for the table which store the user type attribute.To simply the problem when i create user in the 4.5b system using su01 tcode & when you select user type from logon data say you select Dialog or BDC or Background and CPIC type now where this information is store in the table, what i got from system is User type (A=online, C=CPIC, D=BDC, O=ODC) but on UI it is showing as Dialog or BDC etc. which is confusing me.
      so can anyone tell the table which store detail info about say A = Dialog or D = BDC user type.
    thanks,
    John.

    Hi John,
    These are the Fixed values allowed to this Domain. No value table is maintained but they maintain the Fixed values in the Value Range Tab of the Domain.
    Go to SE11--> Domain Name ---> Display --> Select Tab strip Value Range, where you can see the fixed values for this Domain.
    Satya

  • Wireless keyboard AND Password logon on iMAC

    I am a new Apple user with a MacBook Air and a iMac for professional use and I just ran into the problem that my iMac, configured with password protection, went to sleep and my wireless keyboard lost its pairing because I paired the keyboard with my MacBook Air. The mouse is working on my iMac but I cannot logon because I cannot type the password. Apple's solution is to go out and borrow or buy a wired keyboard or USB wireless keyboard and then you can logon. That is a kludge!
    Apple, Hey Apple, I don't want to be the Annoying Orange but wouldn't it be much more elegant and friendly to have an on-screen keyboard where I can 'type' the logon password with my mouse? In the wireless era problem recoveryshould be made easy. Just a 2 finger or right finger click and the keyboard option pops up. Almost everyone has a wired or a USB mouse laying around but not a 'spare' keyboard. From a company that sells high-end, user-friendly, expensive, tools for our private and professional life I expect more. BTW as a 20+ year user of MS I do like my Apple tools but found some productivity and efficiency limiting bugs that really should have been resolved years ago. I will post those in the appropriate forums.
    Greetings
    Ton

    Netflix app is not populating at all on my 55l7200u anymore.  We had Toshiba support come out yesterday to replace a board in the tv to stop a whistling sound coming from the tv and now Netflix App is not working.  We press the button on the remote and the screen goes black for 2 seconds and then automatically jumps back to cable.  We've tried resetting the factory settings, updated the firmware last night and still nothing.  It's not even coming up with an error.  When we go into the settings and look for information, we found a 'Netflix setup' but there is no Netflix ESN and 'Deactivating' Netflix option does nothing.  The other App we use is working correctly (you Tube). 
    Please help.

  • Validating logon... prb

    hi...
    something wrong with this code?
    its a log in validation, if the user detials dont exits it should output something otherwise go to another link... depending on the resultset,
    but it doesnt seem to work if the user detials are invalid, i.e when the resulset does not return antyihng ==null.... it goes to a blank page... but not with the output....
    method
    public ResultSet validUser(String email, String password)
             try
                   String query = "SELECT * FROM Users WHERE email = '" +  email + "' AND password = '" + password + "'";
                 Statement stmt = conn.createStatement();
                 rs = stmt.executeQuery(query);
             catch ( SQLException sqle )
                   errorMsg = errorMsg + "\n" + "Error: SQLException " + sqle.getMessage();
             catch (Exception e)
                   errorMsg = errorMsg + "\n" + "Error: General: " +e.getMessage();
              return rs;
    JSP
    String email = request.getParameter("email");
         String password = request.getParameter("password");
         String type = null;
         logon.connect();
         ResultSet rs = logon.validUser(email, password);
         if (rs == null)
         { %>
    </p>
             <p>Sorry please Enter your own Email and registration number, the system does not recognise your email or password
              <a href="frontPage.htm">click Here to go Back</a>
               <%
         if (rs.first())
              type = rs.getString(3);
         if (type.equals("student"))
         { %>
              <jsp:forward page="studentMain.jsp"/>
           <%
         else if (type.equals("teacher"))
         {     %>
              <jsp:forward page="teacherMain.jsp"/>
             <p>
               <%
         logon.disconnect();
         %>
    <%= logon.getError() %>

    in that code, it looks like if rs is null, you are still attempting to call first or other methods on it... Personally, I wouldn't return a result set from the login method. I would return null if it's invalid and if it's a valid login, create an object (some bean class) that contains the user information and store that in the session, that way you always have it from then on elsewhere.

  • Issue accessing share from other forest. No logon servers available to serve your request.

    Hello, gents!
    We have two AD forests and external 2-way trust between them. About month ago I was able to reach share on fileserver from localdomain.com to remotedomai.com without any issues. Now when I am trying to do it I have an error
    "\\servername\share is not available.You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
    there are currently no logon server available to service the logon request".
    I validated trusts - everything validating fine.
    In the event log of remote server, I am trying to access I found this error EventID 4625 from Microsoft Windows Security:
    An account failed to log on.
    Subject:
    Security ID: NULL SID
    Account Name: -
    Account Domain: -
    Logon ID: 0x0
    Logon Type: 3
    Account For Which Logon Failed:
    Security ID: NULL SID
    Account Name: artem
    Account Domain: localdomain
    Failure Information:
    Failure Reason: An Error occured during Logon.
    Status: 0xc000005e
    Sub Status: 0x0
    Process Information:
    Caller Process ID: 0x0
    Caller Process Name: -
    Network Information:
    Workstation Name: ANOMDC1
    Source Network Address: 172.20.0.10
    Source Port: 53693
    Detailed Authentication Information:
    Logon Process: NtLmSsp
    Authentication Package: NTLM
    Transited Services: -
    Package Name (NTLM only): -
    Key Length: 0
    This event is generated when a logon request fails. It is generated on the computer where access was attempted.
    The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
    The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
    The Process Information fields indicate which account and process on the system requested the logon.
    The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
    The authentication information fields provide detailed information about this specific logon request.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    What would be the proper steps to troubleshoot it?

    See what is the status/substatus and see which number correspod to your system
    Status and Sub Status Codes
    Description (not checked against "Failure Reason:") 
    0xC0000064
    user name does not exist
    0xC000006A
    user name is correct but the password is wrong
    0xC0000234
    user is currently locked out
    0xC0000072
    account is currently disabled
    0xC000006F
    user tried to logon outside his day of week or time of day restrictions
    0xC0000070
    workstation restriction
    0xC0000193
    account expiration
    0xC0000071
    expired password
    0xC0000133
    clocks between DC and other computer too far out of sync
    0xC0000224
    user is required to change password at next logon
    0xC0000225
    evidently a bug in Windows and not a risk
    0xc000015b
    The user has not been granted the requested logon type (aka logon right) at this machine
     Regards
    Milos

  • Determination of login type

    Hi all,
    I'd like to understand in ABAP program how user logged on in system either from GUI for Windows or from Web (GUI for HTML - ITS, WEB Dynpro for ABAP etc )?
    Could you help me please?

    Hi,
    Go to SUIM Tcode.
    under USER -click on logon details
    enter your user id  and execute
    you will get the details in areport
    see the USER TYPE column in the report, there it is mentioned
    based on this field User Type you will know how you logged in:
    see the doc:
    Dialog 'A'
    A normal dialog user is used by one person only for all types of logon.
    During a dialog logon, the system checks for expired and initial passwords and provides an option to change the password.
    Multiple dialog logons are checked and logged if necessary.
    System 'B'
    Use the system user type for internal system processes (-> background processing) or system-related processes (-> ALE, workflow, TMS, CUA).
    Dialog logon (using SAP GUI) is not possible.
    A user of this type is excluded from the general settings for password validity. Only user administrators can change the password using transaction SU01 (Goto -> Change Password).
    Multiple logons are permissible.
    Communication 'C'
    Use users of type Communication for dialog-free communication between systems (-> RFC or CPIC) .
    Dialog logon (using SAP GUI) is not possible.
    The general settings for the validity period of a password apply to users of this type. Users of this type can change their passwords (like dialog users). The dialogs for changing the password must be provided by the caller (RFC/CPIC client). You can use the RFC function module USR_USER_CHANGE_PASSWORD_RFC or the RFC API function RfcOpenEx() to change the password.
    Service 'S'
    A user of the type Service is a dialog user that is available to an anonymous, larger group of users. Generally, this type of user should only be assigned very restricted authorizations.
    For example, service users are used for anonymous system access using an ITS service or a public Web service. Once an individual has been authenticated, a session that started anonymously using a service user can be continued as a personal session using a dialog user (see SUSR_INTERNET_USERSWITCH)
    During logon, the system does not check for expired and initial passwords. Only the user administrator can change the password.
    Multiple logon is allowed.
    Reference 'L'
    Like the service user, a reference user is a general user, not assigned to a particular person. You cannot log on using a reference user. The reference user is only used to assign additional authorization. Reference users are implemented to equip Internet users with identical authorizations.
    On the Roles tab, you can specify a reference user for additional rights for dialog users. Generally, the application controls the allocation of reference users. You can allocate the name of the reference user using variables. The variables should begin with "$". You assign variables to reference users in transaction SU_REFUSERVARIABLE.
    This assignment applies to all systems in a CUA landscape. If the assigned reference user does not exist in one of the CUA child systems, the assignment is ignored.
    Reward if useful.
    regards,
    Anji

  • What is Interactive Logon?

    hi,
    Can somebody explain to me exactually what interactive logon is, I don't know what it has to do with logging in from the logon screen.from what I've read it sounds like its more about services and scheduled tasks being able to interact with the desktop/session.
    I know there are security policies for allowing/denying interactive logon so it must have something to do with using the login screen.
    I know that in windows you can logon to a computer if the account isn't stored on that computer, through a domain for example. but I'm not sure what this 'interacting with the session' means
    I also know that a console task can run as a separate user/credential and I know that a user account can have a different profile impersonating it but the files from that account still stay put, in the same locations.
    Does this have anything to do with it?
    Regards, Rocklore

    ... 1. If there is just one computer with one account that can host a domain and can switch over to a workgroup then:
    Isn't logging in interactively to that account either to its domain or its workgroup just the same as using the welcome screen, if not whats the difference? ...
    I do not get your question on "one account that can host a domain and can switch over to a workgroup". Anyway, referring back to the same diagram,
    Local user accounts  User accounts defined on a local computer are called
    local user accounts. Local user accounts have access to the local computer only, and they must authenticate themselves before they can access network resources. You create local user accounts with the Local Users And Groups utility.
    Domain user accounts  Users accounts defined in Active Directory are called
    domain user accounts. Through Single Sign-On, domain user accounts can access resources throughout the domain. Domain user accounts are created in Active Directory Users And Computers.
    If you are asking whether logon via Welcome Screen is considered Interactive Logon, the answer is yes (even though Ctrl + Alt + Del does not apply).
    ... 2. What is the difference between classic logon and interactive logon ...
    You cannot compare classic logon with interactive logon. Interactive logon is the method that you use to logon to a computer. Classic logon or Welcome Screen logon are the user interface that Microsoft provides users for to carry out Interactive Logon.
    The Welcome screen provides a list of accounts on the computer. To log on with one of these accounts, you click the account and type a password (if one is required). Note that the Welcome screen does not display all the accounts that have
    been created on the computer. Some accounts, such as Administrator, are hidden from view. The Welcome screen is convenient because it displays a list of available accounts.
    The Classic Logon screen requires users to type a logon name rather than selecting an account from a list of available accounts. The Logon screen has several features that you can control. By default, the name of the last user to log on
    is displayed in the User Name field of the Log On To Windows dialog box. You can improve security by hiding the user name of the last user to log on. Instead, users will need to know a valid account name for the computer.
    Hope that helps.
    Cheers,
    Tas Chew

Maybe you are looking for

  • Need to link 2 files, one with a numeric firld and on with an alpha numeric

    I need to link 2 files in my report by employee number. In the employee file it is an 8 character Numeric field like 1505087. In the GL File, it is an 8 character field like '01505087' I have done a TONUMBER on the employee number.  Where do I link t

  • Email Vendor Balance confirmation

    HI, I have configured Vendor Balance confirmation (F.18) and its working fine. However I need to send the confirmations directly to vendors through email. Can anyone please guide me exactly how to achieve this? Thanks in anticipation, Nitish

  • A way to clear digital signatures with presence = "hidden"

    LCD 9, Dynamic forms using digital signatures, Reader 9x I discovered this by accident, so wondering if this is a design feature or a bug. I have a dynamic form and have sub-forms throughout it.  I create a flowed subform for my digital signature tha

  • AS3 pass variables-values from loaded external swf to parent swf

    Hi, I am working on an eLearning project that uses a main SWF (SWF1) and a second SWF (SWF2) with 2 quizzes in it. Published to AIR for Desktop and Android, SWF1 and SWF2 are packaged together in the AIR desktop or AIR APK exports. I can use a loader

  • Windows 7 - Lightroom 5.3

    After loadinf lightroom 5.3 in a windows 7 environment, there seemed to be an issue with the "color profile"... Are there recommended profiles for 5.3?