UME Configuration change for  j_user attribute

Hi All,
We have a requirement in portal like users login into the portal with the windows ID(Which is loginuid in the LDAP)(loginuid is synchronized with windows ID) and the further authorizations should happen with the field called uid.
We made change in the UME datasourse xml file as below.
In the attribute mapping ,
<attribute name="j_user"><physicalAttribute name="loginuid"/>
and
<attribute name="uniquename"><physicalAttribute name="uid"/>
After making this changes user couldnt login with the loginuid..
We are getting the following error in the trace file:
===========================================
[]#2#ume.configuration.active#true#
#1.5#000C299E546D002A0000000100000464000423C9E09FC94C#1165249872673#com.sap.security.core.server.jaas#sap.com/irj#com.sap.security.core.server.jaas#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Java###got []: []#2#ume.configuration.active#true#
#1.5#000C299E546D002A0000000200000464000423C9E09FCB79#1165249872673#com.sap.security.core.server.jaas#sap.com/irj#com.sap.security.core.server.jaas#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Java###Received no SAPLogonTicket. Authentication stack: [].#1#ticket#
#1.5#000C299E546D002A0000000300000464000423C9E09FCCB0#1165249872673#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.DataBasePersistence][md=doSearch][cl=19919]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###Perform query: SELECT DISTINCT PID FROM UME_STRINGS WHERE ((PID LIKE ? ESCAPE '\#') AND (((NAMESP=?) AND (NAMESPH=?) AND (ATTR=?) AND (ATTRH=?) AND (UPPERVAL =  ?) AND (UPPERVALH = ?))))#
#1.5#000C299E546D002A0000000400000464000423C9E09FE037#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###entry for search with searchfilter (&(objectclass=inetorgperson)(loginuid=user1)) searched in cache#
#1.5#000C299E546D002A0000000500000464000423C9E09FE07B#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###search result found in cache#
#1.5#000C299E546D002A0000000600000464000423C9E09FE07E#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###found principals: no results found#
#1.5#000C299E546D002A0000000700000464000423C9E09FE3FD#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.DataBasePersistence][md=doSearch][cl=19919]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###Perform query: SELECT DISTINCT PID FROM UME_STRINGS WHERE ((PID LIKE ? ESCAPE '\#') AND (((NAMESP=?) AND (NAMESPH=?) AND (ATTR=?) AND (ATTRH=?) AND (UPPERVAL =  ?) AND (UPPERVALH = ?))))#
#1.5#000C299E546D002A0000000800000464000423C9E09FF19E#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###entry for search with searchfilter (&(objectclass=inetorgperson)(loginuid=user1)) searched in cache#
#1.5#000C299E546D002A0000000900000464000423C9E09FF1DE#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###search result found in cache#
#1.5#000C299E546D002A0000000A00000464000423C9E09FF217#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###found principals: no results found#
#1.5#000C299E546D002A0000000B00000464000423C9E0A03B38#1165249872704#com.sap.security.core.imp#sap.com/irj#com.sap.security.core.imp.[cf=com.sap.security.core.sapmimp.logon.SAPMLogonLogic][md=initBeans][cl=20245]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###LanguagesBean created#
#1.5#000C299E546D002A0000000C00000464000423C9E0A03CE4#1165249872704#com.sap.security.core.util#sap.com/irj#com.sap.security.core.util.[cf=com.sap.security.core.util.ErrorBean][md=ErrorBean(Message)][cl=15715]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Java###message USER_AUTH_FAILED#1#message USER_AUTH_FAILED#
#1.5#000C299E546D002A0000000D00000464000423C9E0A03DB3#1165249872704#com.sap.security.core.imp#sap.com/irj#com.sap.security.core.imp.[cf=com.sap.security.core.sapmimp.logon.SAPMLogonLogic][md=executeRequest][cl=20245]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###No command found, forwarding to umLogonPage#
#1.5#000C299E546D00270000001100000464000423C9E0B8A4B3#1165249874314#com.sap.security.core.server.jaas#sap.com/irj#com.sap.security.core.server.jaas#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_4##0#0#Info##Java###got []: []#2#ume.configuration.active#true#
#1.5#000C299E546D00270000001200000464000423C9E0B8A7ED#1165249874314#com.sap.security.core.server.jaas#sap.com/irj#com.sap.security.core.server.jaas#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_4##0#0#Info##Java###got []: []#2#ume.configuration.active#true#
#1.5#000C299E546D00270000001300000464000423C9E0B8A89E#1165249874314#com.sap.security.core.server.jaas#sap.com/irj#com.sap.security.core.server.jaas#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_4##0#0#Info##Java###Received no SAPLogonTicket. Authentication stack: [].#1#ticket#
#1.5#000C299E546D00270000001400000464000423C9E0B8B6D3#1165249874314#com.sap.security.core.imp#sap.com/irj#com.sap.security.core.imp.[cf=com.sap.security.core.logon.imp.SAPJ2EEAuthenticator][md=getLoggedInUser][cl=20245]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_4##0#0#Warning##Java###null
[EXCEPTION]
#1#com.sap.engine.services.security.exceptions.BaseLoginException: Authentication did not succeed.
Regards,
Birla.

Hi ,
you need to change uniqename too.
<attribute name="uniquename">
                                             <physicalAttribute name="loginuid"/>
change it and test on configutool  before activate & restart .
Thanks
Tag

Similar Messages

  • Anyone Seen this Message Before "Configuration changes for domain saved to the repository."

    I'm running into this situation where one of my WLS servers is generating the following
    messages "Configuration changes for domain saved to the repository." This process
    of saving to a repository is causing an issue on start-up. Typically my deployments
    take 2-3 minutes on start-up. They are now taking 10 minutes. I've made no changes
    to my application. I've been able to identify that this process of saving to a
    repository is the main issue of contention....
    Anyone know what the message means? Anyone know how to disable this message?

    This is just WebLogic writing back changes to config.xml, which it does from time
    to time for reasons like:
    - your app deployment has changed.
    - you've reconfigured something in the console.
    etc...
    WebLogic just spins this off into a handy execute thread, so it would be surprising
    if this was causing your app deployment to slow down (how do you know it is).
    In my experience, slower than normal app deployments are usually down to:
    - waiting for database connections.
    - waiting for connecitons to other external resources.
    Remember (in WLS6.x anyway) initialisation is done serially on the main thread,
    so if something's slow, everything gets blocked behind it.
    simon.
    I'm running into this situation where one of my WLS servers is generatingthe following
    messages "Configuration changes for domain saved to the repository."This process
    of saving to a repository is causing an issue on start-up. Typicallymy deployments
    take 2-3 minutes on start-up. They are now taking 10 minutes. I'vemade no changes
    to my application. I've been able to identify that this process ofsaving to a
    repository is the main issue of contention....
    Anyone know what the message means? Anyone know how to disable thismessage?

  • Configuration changes for transactin CK94 in SPRO

    How to make changes in the SPRO so that in the transaction CK94, I can get Page up and Page Down functionality activated. I need this for BDC purpose refer to my earlier posting https://www.sdn.sap.com/sdn/collaboration.sdn?node=linkFnode6-1&contenttype=url&content=https://BDC: How to enter data in Table control (With wizard) using scrolling?.
    Thanks for your help.
    Ashish

    KK
    Hi i hope before you run PT60 you have copied schema TM04 to you customised one and in IT 0007 hope its 9 and  permite quota generation without TE is in INCREASE .
    If So then in IT 2013 select the Leave type and give the end date of the year and change the number it will work.
    I hope you have to write a PCR for carryforward as per my knowledge.
    However wait for expert ans
    Thanks
    Vibin

  • Configuration change Log

    Hi,
      I need to find the configuration change log in development system. Do we have any transaction/report/program from which we can track all the configuration changes for a perticular object.
    Thanks,
    Vijay

    for almost all customizing you can find the change history in menu tools within the cuistomizing.

  • Configuring approval for update of some profile attributes

    Hi All,
    I need to configure approval when some of the profile attributes are updated.
    1. How do i know which attribute is updated?
    2. How do i configure approval ?
    Thanks in Advance.
    Shrinath

    The standard strategy for detecting which attribute has been updated is to add a hidden "shadow" attribute for each attribute.
    Implementing your scenario turns out to be a bit complex but I think the following approach should work.
    To implement your scenario you also need a boolean flag for each attribute kept in a db table or lookup table (not on the USR form). This flag is normally set to false.
    When a change comes in the shadow attribute is used to detect which attribute is updated through a post insert event handler (or entity adapter). This adapter sets the flag to true, resets the main attribute to the value kept in the shadow attribute and kicks off the request. The entity adapter always checks the flag as the first step in the flow and if the flag is set the entity adapter does nothing.
    This will trigger the event handler but as the two attributes now are identical nothing happens.
    When the approval is done either the change is approved or denied.
    In the case of approval the provisioning code sets the flag to false and writes the new value to the main attribute, next to the shadow attribute and finally sets the flag.
    In case of denied you need to reset the flag to false. Not exactly sure if you can do this as part of the deny workflow or if you would have to create a scheduled task that does this.
    A bit complex but should solve your problem.
    Hope this helps
    /Martin

  • Changelog configuration to audit specific attributes changes

    Hi,
    I am trying to configure changelog. The objective is to create a file having the change in specific attribute values for adds and mods. I configured the same and it creates the file also; but I don't see changes in that file and under the columns e.g. changeType and Firstname it shows the value 'T'.
    Has anybody used the change log file and can guide me how to configure the same to audit chchanges on specific attriutes and redirectng to the file. Also can we also get old value and new value in that output file.

    Hi,
    The steps what you performed to enable audit logging were just for every cmdlet and every parameter in the organization, not for the user. So, the normal user who had run the cmdlet or parameter would be recorded on output.
    I recommend you refer to the following article :
    Administrator Audit Logging
    Hope this helps!
    Thanks.
    Niko Cheng
    TechNet Community Support

  • How to configure the Oracle XSL Mapper for ‘schemaLocation’ attribute?

    In the Transformation_1.xsl I need to have the ‘schemaLocation’ attribute defined as such:
    <inc:CaseIncidentReport xsi:schemaLocation="http://caseincidentreport.com/1.0.4 CaseIncidentReport.xsd">
    This is fine as long as long as I don’t switch to the Design tab. When I switch to the Design tab, Oracle XSL Mapper regenerates the XSL file and renders the root element as
    <inc:CaseIncidentReport>
    Can some one tell me how to configure Oracle XSL Mapper for ‘schemaLocation’ attribute? I am using BPEL Designer/JDeveloper Version 10.1.2.1.0 (Build 1915)
    Thanks,

    What do you mean by normal import? Where can I include the 'schemaLocation' attribute in the Designer? I have no trouble adding the shemaLocation in the source tab but when I switch to the design tab it always stripe it off.
    How do I file an enhancement request? I see the the XSL Mapper needs improvements.
    Thanks,
    Nathan

  • [svn:fx-trunk] 12912: With TLF 571 checked in we can now revert the MXML 2009 changes for how the id language attribute is processed .

    Revision: 12912
    Revision: 12912
    Author:   [email protected]
    Date:     2009-12-14 12:08:35 -0800 (Mon, 14 Dec 2009)
    Log Message:
    With TLF 571 checked in we can now revert the MXML 2009 changes for how the id language attribute is processed.
    An unqualified id property will no longer be seen as a setter for a normal public, writable, non-static "id" property - which matches Flex 3 behavior.
    As in earlier versions of Flex, the mechanism to retain MXML id attribute information at runtime is to implement mx.core.IMXMLObject. The compiler will generate a call to the intialized() method and pass in the id information.
    Note: One exception to this rule seems to be UIComponent which instead get id attribute information via mx.core.IDeferredInstantiationUIComponent (although there seems to be a TODO in the codebase to remove this mechanism and thus should not be relied on by third parties).
    QE notes: Please add tests for the TLF id property on flow elements (div, span, p, etc).
    Doc notes: Please check that we have not documented
    Bugs: N/A
    Reviewer: Paul
    Tests run: Checkintests, local test cases.
    Is noteworthy for integration: Yes
    Modified Paths:
        flex/sdk/trunk/frameworks/projects/framework/src/FrameworkClasses.as
        flex/sdk/trunk/frameworks/projects/framework/src/mx/core/UIComponent.as
        flex/sdk/trunk/frameworks/projects/spark/src/spark/core/SpriteVisualElement.as
        flex/sdk/trunk/frameworks/projects/spark/src/spark/primitives/supportClasses/GraphicEleme nt.as
        flex/sdk/trunk/modules/compiler/src/java/flex2/compiler/mxml/builder/ComponentBuilder.jav a
        flex/sdk/trunk/modules/compiler/src/java/flex2/compiler/mxml/lang/StandardDefs.java
        flex/sdk/trunk/modules/compiler/src/java/flex2/compiler/mxml/reflect/Type.java
        flex/sdk/trunk/modules/compiler/src/java/flex2/compiler/mxml/reflect/TypeTable.java
        flex/sdk/trunk/modules/compiler/src/java/flex2/compiler/mxml/rep/init/ValueInitializer.ja va
    Removed Paths:
        flex/sdk/trunk/frameworks/projects/framework/src/mx/core/IID.as

    This is a duplicate post.  This should be locked to avoid further confusion.
    My CSS wont change
    Nancy O.

  • I have Photoshop CS purchased many years ago for a LOT of money.  Other day went to use it, got msg. "computer configuration changed, need to re-activate".  Tried that for days, didn't work.  Cannot call ANYONE to find out problem.  Am not very computer l

    I have Photoshop CS, purchased many years ago for a LOT of money.  Other day went to use it, got msg. "computer configuration changed, need to re-activate.  Tried that for days, didn't work.  Cannot call ANYONE to find out problem.  Am not very computer literate, so don't understand what that means.  LOVE the CS program and know how to use it, so don't want to have to learn something new.  Don't know what to do.  Went to all the big name stores and no one can tell me anything, like what happened to CS or what is replacing it that is the same as CS.  CAN SOMEONE PLEASE HELP!!!     

    jd49034389 wrote:
    down further there is a Photoshop CS2, do I just do that one?
    Yep. That's the one. Make sure to use the supplied key on the download page, not your old one.
    Good luck.
    --OB

  • A alert for compute is being investigated. Configuration changes to Virtual Machines (IaaS), such as adding or removing a disk or an endpoint may cause reboots.

    I receive the following alert from Windows Azure; Any clue what does this mean?
    Time: 3/26/2014 7:37:33 PM
    TITLE : compute : Advisory
    SUBSCRIPTION ID: Not Available
    DESCRIPTION: A alert for compute is being investigated. Configuration changes to Virtual Machines (IaaS), such as adding or removing a disk or an endpoint may cause reboots.

    This issue correlates with an issue you might see at the Windows Azure Service Dashboard:http://www.windowsazure.com/en-us/support/service-dashboard/
    See below a paste from that page from the period of your alert. Friendly Azure is piping you courtesy notification vai your event log!
    Compute : Advisory [East US, North Central US, South Central US, West US]
    26 Mar 2014  1:29 AM UTC
    A alert for compute is being investigated. Configuration changes to Virtual Machines (IaaS), such as adding or removing a disk or an endpoint may cause reboots.
    John Joyner MVP-SC-CDM

  • Watch configuration files for changes

    I changed web.xml to get charting to work and it did (but it worked without restarting CF)
    I do not have the Watch configuration files for changes option checked in cfAdmin.
    I went to make the same changes on other boxs and CF "undeployed" itself.
    I am running CF8 on Solaris. I recently upgraded the JVM to 1.6_10

    See
    http://www.stillnetstudios.com/2008/03/04/getting-cfstat-to-work.

  • Accounting Command for Configuration Changes

    Hi All,
    i want the logs of command 0r configuration changes made in ROuters or Switches to ACS 4.1,
    like the following
    Wed Jun 27 03:46:47 2001 172.16.25.15 fgeorge tty3 5622329430/4327528 stop
    task_id=3 service=shell priv-lvl=1 cmd=show version <cr>
    the above is found in the Command Accounting of the Link
    http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfacct.html#wp1000976

    Anand
    The information that you need about how to configure this is not so good in the link that you posted. But it is not difficult to configure. I use the following line in configuration of routers and get the accounting records in ACS for all privilege level commands including any configuration commands.
    aaa accounting commands 15 default start-stop group tacacs+
    You might want to change some details (like tacacs+) depending on how your routers are configured to talk to ACS.
    HTH
    Rick

  • ASA send syslog messages for configuration changes

    On a router you can send configuration changes to the syslog server by doing,
    conf t
    archive
    log config
    logging enable
    notify syslog
    Then the router will send something like,
    .Aug  3 13:12:00.776 PACIFIC: %PARSER-5-CFGLOG_LOGGEDCMD: User:admin  logged command:no interface Loopback76
    if I had typed at the command line, "no int lo76"
    How do you do this on the ASA?
    Goal:  I want to know when anybody does any kind of config on my ASA.

    The syslog number 111008 and 111010 will log the command that is entered by user.
    111010 is for configuration changes.
    Here is the syslog for your information:
    111008:
    http://www.cisco.com/en/US/docs/security/asa/asa84/system/message/logmsgs.html#wp4769400
    111010:
    http://www.cisco.com/en/US/docs/security/asa/asa84/system/message/logmsgs.html#wp4769410
    You need to enable syslog, and severity level 5, and if you don't want to see any other logging, you can only log the above 2 syslog numbers.

  • UME Configuration for 2 groups

    Hi All,
    We have configured our UME with one LDAP source having group path as 'ou=groups,ou=SAP ePortal,ou=Applications,ou=Intranet,dc=<companyname>,dc=com'.
    But if we create a new group, can we configure the XML such that it will have both the groups. Existing one should be as it is and the new one should also be added.
    Regards,
    Gurmat

    Hi
    How to configure multiple LDAP datasources?
    ans:
    a) Note 736471 - UME Configuration of multiple LDAP data sources
    b)https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/e1959b90-0201-0010-849c-d2b1d574768b
    Example: Configuration of Multiple LDAP Data Sources
    http://help.sap.com/saphelp_nw70/helpdata/EN/4e/4d0d40c04af72ee10000000a1550b0/content.htm
    Regards
    Shridhar Gowda

  • Can the ACE be configured for logging configuration changes to syslog server ?

    Hi,
    On all our routers, switches and firewalls we've configured syslog so we get logs when configuration changes occur.
    Is this possible on the ACE too ?
    regards,
    Sebastian  

    Hi Sebastian,
    Yes it is possible but depends upong the logging level you have set. So logging trap 5 should be able to get you the configuration changes or command execution logs.
    Nov  1 2013 11:20:33 : %ACE-5-111008: User 'admin' executed the 'logging buffered 6' command.
    Nov  1 2013 11:20:48 : %ACE-5-111008: User 'admin' executed the 'no rserver testlog' command.
    So you should see these level 5 logs on syslog if logging trap 5 is configured.
    Let me know if you have any questions.
    Regards,
    Kanwal

Maybe you are looking for

  • LR Mobile sync caused iPad mini to crash continuously and reboot with blue screen?

    Hi, I've been using LR Mobile on my iPad Mini (Retina) for quite sometime now without any issues. It worked flawlessly, until yesterday. I'm not sure whether this problem was caused by the LR Mobile app or not but this was my experience. Begin syncin

  • Invalid annotation/can not be saved

    I have just started to use version 9. When I use the typewriter (at least I think that is when it usually happens) I get the following error message.  "Invalid annotation object."    After that, when I try to save I get this.  "The document could not

  • Soap Fault Handler

    Hi I have written a prrof of concept page in Application Express Builder to call a web service. It all works OK as far as it goes; the page process gets the data and the report section displays the data. The success and error messages defined in the

  • When i select an event for move to trash, it doesn't appear in the trash to be emptied. where is it?

    I have iMovie 10.0.4. When I select an event for 'move to trash' it doesn't appear in the trash to be emptied there. Where is it?

  • Array of records registerOutParameter

    Hi !! I have a Pl/SQL function that returns an array of records. I want to call this procedure doing the following: st =conn.prepareCall("{? = call partes.PROYECTOS_DISPONIBLES(?,?,?)}"); st.registerOutParameter(1, oracle.jdbc.driver.OracleTypes.ARRA