UME configuration : datasource and logonticket
Hello,
Can somebody explain me or give infos on UME configuration for logonticket and datasource for SAP R/3. System : ABAP/JAVA on the same stack (NW2004s).
Thanks
Best regards
Hi,
For logon tickets please, refer the link below.
http://help.sap.com/saphelp_nw2004s/helpdata/en/e8/6bc22a4686714d963e9efb77cfbcb5/frameset.htm
For dataSource ABAP configuration, you need to set the following properties in the configtool
ume.persistance.data_source_configuration = dataSourceConfiguration_abap.xml
r3.connection.master.ashost : <Backend server name>
r3.connection.master.client : <Client id>
r3.connection.master.sysnr : <Backend system number>
r3.connection.master.user : <communication user name> (the sapjsf or communication user which we created in backend system)
r3.connection.master.password : <communication user password> (it is the password of the com user which is in the backend system)
ume.login.guest_user.uniqueids : Guest user id (same as Guest, createed in the backend system)
login.ticket_portalid : yes (If administrator id length is more than 12 charcters ex: administrator)
: No (If administrator id length is less than 12 charcters ex: j2ee_admin)
Thanks
R.Murali
Similar Messages
-
SLD server and UME configuration
Dear Portal Gurus,
I have configured the UME as ABAP datasource (R/3) with client (001). all the things sld is running and able to create jco connections .
iam not able to create users from user adminstration when the client is 001
when i modify the ume configuration with client as 800 and giving proper username and password after restarting the j2ee server iam able to create users . but the problems iam facing are.
1) SLD is not runnining.
2)Logon page language is changed.
3) All the JCO's are not working.
what are the steps to be taken in j2ee server to modify the ume configuration . and successfull running of sld and logon page.
Regards
prasadsolved by me
-
How to include new driver and configure datasource in NW 7.0
Hi,
I have deployed my application in the app server and now i need to add the ms sql drivers to the application server and configure datasource to it.
Can any one help me to configure the datsource in Nw 7.0 and also how to add the driver files tp app server..?
thanks in advance
jayakumarHi,
Follow these links:
How To Install and Configure External Drivers for the JDBC & JMS
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/f04ce027-934d-2a10-5a8f-fa0b1ed4d88f
http://saphelp.border-states.com/EN/b3/cc633c3a892251e10000000a114084/content.htm
http://www.sapag.co.in/JDBC%20Adapter-Type2JDBCDriver%20Deployment.html
Regards,
Nithiyanandam
Reward points -
Studio Creator and configurable datasources problem
At design time we've binded components to a creator-configured datasource. As a result the Studio Creators generates in a '_init' method of a session bean code like
'rowSet.setDataSourceName("java:comp/env/jdbc/mydb");'
(where 'rowSet' is a 'CachedRowSetXImpl').
So far so good.
In the next step we tried to make the datasource jndi name configurable to use this code to connect to different databases. It works fine in a web/app-server environment at run time.
But unfortunately the Studio Creator doesn't accept this code. Using something other than the shown hard-coded jndi string in a statement like the example above results in a component error...
This means that we've to use different code at design time and build/runtime? At the moment after working at the design every time we change the code (substitution using ant, e.g.: "java:comp/env/jdbc/mydb" --> getDatasourceName() ) and build the archive.
Is there is any other way to avoid this problem? We dislike such one code patching...
Regards, ThomasHi I found solution, i puted on the page a table -component (with brand new automaticly created dataprovider) , then i set properties visible= false for table, and now I can bind statictext with database field and deploy on tomcat server .
But i think it is not a elegant solution in page source i habe noused-code.
Have Any another Ideas. HELP PEOPLE !!!!
Mariuszek: I use Creator.because right now I can see result of my job and i can qickly change ideas ,
I tried with JDeveleper but i did'nt find this functionality (wich version do you prefered ?) , unfortunately i have to deploy my application on Tomcat. This is my study project, and i make this to become a Master of Techinal Univeristy ;), Deadline time is 30 th September :(
greetings -
Multi-Domain LDAP UME configuration
Hello
We have EP 7.0 installed and want to connect the UME to our Corporate
LDAP (MSADS) as data source.
Our ADS is as follows:
domain.pt u2013 This is our top level domain. Here we have our main users.
Gs.domain.pt u2013 This is a child domain of ren.pt. Here are some special
users that cannot be moved to domain.pt level (because of this we have to
use multi-domain configuration)
According to some documents Step 2 of Note 762419 - Multi-Domain Logon
Using Microsoft Active Directory this configuration as to be done
according to a Multiple-Domain UME LDAP Configuration.
Following is is my configuration of LDAP access:
I have set the u201CUME LDAP Datau201D in Config Tool to point to
the u201CdataSourceConfiguration_ads_readonly_db_with_krb5_multipledomain.xmlu201D configuration file that has been previously change by me following previous documents. The xml is is the end of the message
Also in the u201CUME LDAP Datau201D (Directory Server) I have defined the following settings:
Server Name: dc01.domain.pt (This is the DC of domain.pt)
Server port: 389
User: j2ee-pp3 @domain.pt
Pass: ******* (ok on all configuration tests and authentication)
SSL: NO.
User Path: DC=domain,DC=pt
Group Path: DC=domain,DC=pt
Checked the u201CFlat User Group Hierarchyu201D.
Checked the u201CUse UME Unique id with unique LDAP Attributeu201D.
At u201CAdditional LDAP Propertiesu201D I have set the properties of
ume.ldap.unique_user_attribute(global) and
ume.ldap.unique_uacc_attribute(global) to userprincipalname. This was
done according to the Multi-Domain configuration.
Also ume.ldap.access.multidomain.enabled=true was set the property
sheet of the UME service. After this all checks are ok including in
User Administration in Portal.
Conclusion: We have no problem with SSO and search capabilities
at u201Cdomain.ptu201D level. All users of this domain are able to access the
portal with SSO.
Nevertheless no user from u201Cgs.domain.ptu201D is able to logon. Additionally,
using User Admninistration in Portal with option u201CAll Data Sourcesu201D
returns no results when searching for users from this child domain. It
seems the the configuration file does not recognize gs.domain.pt.
Is it possible that our xml file is incorrectly adapted? Is there any
missing or wrong configuration for multi-domain LDAP access? Please
advice.
Thanks in advance
dataSourceConfiguration_ads_readonly_db_with_krb5_multipledomain.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- $Id: //shared_tc/com.sapall.security/630_SP_COR/src/_deploy/dist/configuration/shared/dataSourceConfiguration_ads_readonly_db_with_krb5_multipledomain.xml#6 $ from $DateTime: 2004/08/20 09:55:24 $ ($Change: 17140 $) -->
<!DOCTYPE dataSources SYSTEM "dataSourceConfiguration.dtd">
<dataSources>
<dataSource id="PRIVATE_DATASOURCE"
className="com.sap.security.core.persistence.datasource.imp.DataBasePersistence"
isReadonly="false"
isPrimary="true">
<homeFor>
<principals>
<principal type="group"/>
<principal type="user"/>
<principal type="account"/>
<principal type="team"/>
<principal type="ROOT" />
<principal type="OOOO" />
</principals>
</homeFor>
<notHomeFor/>
<responsibleFor>
<principals>
<principal type="group"/>
<principal type="user"/>
<principal type="account"/>
<principal type="team"/>
<principal type="ROOT" />
<principal type="OOOO" />
</principals>
</responsibleFor>
<privateSection>
</privateSection>
</dataSource>
<dataSource id="CORP_LDAP"
className="com.sap.security.core.persistence.datasource.imp.LDAPPersistence"
isReadonly="true"
isPrimary="true">
<homeFor/>
<responsibleFor>
<principal type="account">
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="j_user"/>
<attribute name="j_password"/>
<attribute name="userid"/>
<attribute name="logonalias"/>
</attributes>
</nameSpace>
</principal>
<principal type="user">
<nameSpaces>
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="firstname" populateInitially="true"/>
<attribute name="displayname" populateInitially="true"/>
<attribute name="lastname" populateInitially="true"/>
<attribute name="fax"/>
<attribute name="email" populateInitially="true"/>
<attribute name="email"/>
<attribute name="title"/>
<attribute name="department"/>
<attribute name="description"/>
<attribute name="mobile"/>
<attribute name="telephone"/>
<attribute name="streetaddress"/>
<attribute name="uniquename" populateInitially="true"/>
<attribute name="krb5principalname"/>
<attribute name="kpnprefix"/>
<attribute name="dn"/>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attributes>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>
</attributes>
</nameSpace>
<nameSpace name="$usermapping$">
<attributes>
<attribute name="REFERENCE_SYSTEM_USER"/>
</attributes>
</nameSpace>
</nameSpaces>
</principal>
<principal type="group">
<nameSpaces>
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="displayname" populateInitially="true"/>
<attribute name="description" populateInitially="true"/>
<attribute name="uniquename"/>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attributes>
<attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE"/>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE"/>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.bridge">
<attributes>
<attribute name="dn"/>
</attributes>
</nameSpace>
</nameSpaces>
</principal>
</responsibleFor>
<attributeMapping>
<principals>
<principal type="account">
<nameSpaces>
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="domain_j_user">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="j_user">
<physicalAttribute name="userprincipalname"/>
<attribute name="logonalias">
<physicalAttribute name="userprincipalname"/>
</attribute>
<attribute name="j_password">
<physicalAttribute name="unicodepwd"/>
</attribute>
<attribute name="userid">
<physicalAttribute name="null"/>
</attribute>
</attributes>
</nameSpace>
</nameSpaces>
</principal>
<principal type="user">
<nameSpaces>
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="firstname">
<physicalAttribute name="givenname"/>
</attribute>
<attribute name="displayname">
<physicalAttribute name="displayname"/>
</attribute>
<attribute name="lastname">
<physicalAttribute name="sn"/>
</attribute>
<attribute name="fax">
<physicalAttribute name="facsimiletelephonenumber"/>
</attribute>
<attribute name="uniquename">
<physicalAttribute name="userprincipalname"/>
</attribute>
<attribute name="loginid">
<physicalAttribute name="null"/>
</attribute>
<attribute name="email">
<physicalAttribute name="mail"/>
</attribute>
<attribute name="mobile">
<physicalAttribute name="mobile"/>
</attribute>
<attribute name="telephone">
<physicalAttribute name="telephonenumber"/>
</attribute>
<attribute name="department">
<physicalAttribute name="ou"/>
</attribute>
<attribute name="description">
<physicalAttribute name="description"/>
</attribute>
<attribute name="streetaddress">
<physicalAttribute name="postaladdress"/>
</attribute>
<attribute name="pobox">
<physicalAttribute name="postofficebox"/>
</attribute>
<attribute name="krb5principalname">
<physicalAttribute name="userprincipalname"/>
</attribute>
<attribute name="kpnprefix">
<physicalAttribute name="samaccountname"/>
</attribute>
<attribute name="dn">
<physicalAttribute name="distinguishedname"/>
</attribute>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attributes>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">
<physicalAttribute name="null"/>
</attribute>
</attributes>
</nameSpace>
<nameSpace name="$usermapping$">
<attributes>
<attribute name="REFERENCE_SYSTEM_USER">
<physicalAttribute name="sapusername"/>
</attribute>
</attributes>
</nameSpace>
</nameSpaces>
</principal>
<principal type="group">
<nameSpaces>
<nameSpace name="com.sap.security.core.usermanagement">
<attributes>
<attribute name="displayname">
<physicalAttribute name="displayname"/>
</attribute>
<attribute name="description">
<physicalAttribute name="description"/>
</attribute>
<attribute name="uniquename" populateInitially="true">
<physicalAttribute name="ou"/>
</attribute>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.usermanagement.relation">
<attributes>
<attribute name="PRINCIPAL_RELATION_MEMBER_ATTRIBUTE">
<physicalAttribute name="null"/>
</attribute>
<attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">
<physicalAttribute name="null"/>
</attribute>
</attributes>
</nameSpace>
<nameSpace name="com.sap.security.core.bridge">
<attributes>
<attribute name="dn">
<physicalAttribute name="null"/>
</attribute>
</attributes>
</nameSpace>
</nameSpaces>
</principal>
</principals>
</attributeMapping>
<privateSection>
<ume.ldap.access.server_type>MSADS</ume.ldap.access.server_type>
<ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>
<ume.ldap.access.authentication>simple</ume.ldap.access.authentication>
<ume.ldap.access.flat_group_hierachy>true</ume.ldap.access.flat_group_hierachy>
<ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>
<ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>
<ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>
<ume.ldap.access.objectclass.user>User</ume.ldap.access.objectclass.user>
<ume.ldap.access.objectclass.uacc>User</ume.ldap.access.objectclass.uacc>
<ume.ldap.access.objectclass.grup>organizationalUnit</ume.ldap.access.objectclass.grup>
<ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>
<ume.ldap.access.auxiliary_naming_attribute.user>samaccountname</ume.ldap.access.auxiliary_naming_attribute.user>
<ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>
<ume.ldap.access.auxiliary_naming_attribute.uacc>samaccountname</ume.ldap.access.auxiliary_naming_attribute.uacc>
<ume.ldap.access.naming_attribute.grup>ou</ume.ldap.access.naming_attribute.grup>
<ume.ldap.access.pwd.via.usercontext>true</ume.ldap.access.pwd.via.usercontext>
<ume.ldap.access.set_pwd>true</ume.ldap.access.set_pwd>
<ume.ldap.access.multidomain.enabled>true</ume.ldap.access.multidomain.enabled>
<ume.ldap.access.extended_search_size>200</ume.ldap.access.extended_search_size>
<ume.ldap.access.domain_mapping>
[DOMAIN_PT;DC=domain,DC=pt]
[GS_DOMAIN_PT;DC=gs,DC=domain,DC=pt]
[gs;DC=DC=gs,DC=domain,DC=pt]
[domain;DC=pt]
</ume.ldap.access.domain_mapping>
</privateSection>
</dataSource>
</dataSources>
Edited by: Joaquim Pereira on Feb 7, 2009 1:34 PMHi Gaetano
I tried to set back the "uniqueid" in the XML to samaccountname.
Also, i changed the spnego to go only to domain.pt (gs.domain.pt is a child domain).
In the 1st tests this worked perfectly, but we still to do some testings with this config.
When i get confirmation, ill reply here.
Thank you.
PS:. we thought on defining the abap user for each user, but there are a lot of users...
we'll try this config, and if it doesn't work, probably, thats what we'll do.
Edited by: Joaquim Pereira on Feb 12, 2009 5:45 PM
Everything seams to be working now. setting back the uniqueid to samaccountname and configuring spnego to go to only 1 domain solved the issue.
I just need to test which change did the trick.
Edited by: Joaquim Pereira on Feb 13, 2009 1:02 PM -
UME Configuration change for j_user attribute
Hi All,
We have a requirement in portal like users login into the portal with the windows ID(Which is loginuid in the LDAP)(loginuid is synchronized with windows ID) and the further authorizations should happen with the field called uid.
We made change in the UME datasourse xml file as below.
In the attribute mapping ,
<attribute name="j_user"><physicalAttribute name="loginuid"/>
and
<attribute name="uniquename"><physicalAttribute name="uid"/>
After making this changes user couldnt login with the loginuid..
We are getting the following error in the trace file:
===========================================
[]#2#ume.configuration.active#true#
#1.5#000C299E546D002A0000000100000464000423C9E09FC94C#1165249872673#com.sap.security.core.server.jaas#sap.com/irj#com.sap.security.core.server.jaas#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Java###got []: []#2#ume.configuration.active#true#
#1.5#000C299E546D002A0000000200000464000423C9E09FCB79#1165249872673#com.sap.security.core.server.jaas#sap.com/irj#com.sap.security.core.server.jaas#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Java###Received no SAPLogonTicket. Authentication stack: [].#1#ticket#
#1.5#000C299E546D002A0000000300000464000423C9E09FCCB0#1165249872673#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.DataBasePersistence][md=doSearch][cl=19919]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###Perform query: SELECT DISTINCT PID FROM UME_STRINGS WHERE ((PID LIKE ? ESCAPE '\#') AND (((NAMESP=?) AND (NAMESPH=?) AND (ATTR=?) AND (ATTRH=?) AND (UPPERVAL = ?) AND (UPPERVALH = ?))))#
#1.5#000C299E546D002A0000000400000464000423C9E09FE037#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###entry for search with searchfilter (&(objectclass=inetorgperson)(loginuid=user1)) searched in cache#
#1.5#000C299E546D002A0000000500000464000423C9E09FE07B#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###search result found in cache#
#1.5#000C299E546D002A0000000600000464000423C9E09FE07E#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###found principals: no results found#
#1.5#000C299E546D002A0000000700000464000423C9E09FE3FD#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.DataBasePersistence][md=doSearch][cl=19919]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###Perform query: SELECT DISTINCT PID FROM UME_STRINGS WHERE ((PID LIKE ? ESCAPE '\#') AND (((NAMESP=?) AND (NAMESPH=?) AND (ATTR=?) AND (ATTRH=?) AND (UPPERVAL = ?) AND (UPPERVALH = ?))))#
#1.5#000C299E546D002A0000000800000464000423C9E09FF19E#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###entry for search with searchfilter (&(objectclass=inetorgperson)(loginuid=user1)) searched in cache#
#1.5#000C299E546D002A0000000900000464000423C9E09FF1DE#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###search result found in cache#
#1.5#000C299E546D002A0000000A00000464000423C9E09FF217#1165249872688#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=searchPrincipalDatabag][cl=20149]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###found principals: no results found#
#1.5#000C299E546D002A0000000B00000464000423C9E0A03B38#1165249872704#com.sap.security.core.imp#sap.com/irj#com.sap.security.core.imp.[cf=com.sap.security.core.sapmimp.logon.SAPMLogonLogic][md=initBeans][cl=20245]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###LanguagesBean created#
#1.5#000C299E546D002A0000000C00000464000423C9E0A03CE4#1165249872704#com.sap.security.core.util#sap.com/irj#com.sap.security.core.util.[cf=com.sap.security.core.util.ErrorBean][md=ErrorBean(Message)][cl=15715]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Java###message USER_AUTH_FAILED#1#message USER_AUTH_FAILED#
#1.5#000C299E546D002A0000000D00000464000423C9E0A03DB3#1165249872704#com.sap.security.core.imp#sap.com/irj#com.sap.security.core.imp.[cf=com.sap.security.core.sapmimp.logon.SAPMLogonLogic][md=executeRequest][cl=20245]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_35##0#0#Info##Plain###No command found, forwarding to umLogonPage#
#1.5#000C299E546D00270000001100000464000423C9E0B8A4B3#1165249874314#com.sap.security.core.server.jaas#sap.com/irj#com.sap.security.core.server.jaas#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_4##0#0#Info##Java###got []: []#2#ume.configuration.active#true#
#1.5#000C299E546D00270000001200000464000423C9E0B8A7ED#1165249874314#com.sap.security.core.server.jaas#sap.com/irj#com.sap.security.core.server.jaas#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_4##0#0#Info##Java###got []: []#2#ume.configuration.active#true#
#1.5#000C299E546D00270000001300000464000423C9E0B8A89E#1165249874314#com.sap.security.core.server.jaas#sap.com/irj#com.sap.security.core.server.jaas#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_4##0#0#Info##Java###Received no SAPLogonTicket. Authentication stack: [].#1#ticket#
#1.5#000C299E546D00270000001400000464000423C9E0B8B6D3#1165249874314#com.sap.security.core.imp#sap.com/irj#com.sap.security.core.imp.[cf=com.sap.security.core.logon.imp.SAPJ2EEAuthenticator][md=getLoggedInUser][cl=20245]#j2ee_guest#192#####SAPEngine_Application_Thread[impl:3]_4##0#0#Warning##Java###null
[EXCEPTION]
#1#com.sap.engine.services.security.exceptions.BaseLoginException: Authentication did not succeed.
Regards,
Birla.Hi ,
you need to change uniqename too.
<attribute name="uniquename">
<physicalAttribute name="loginuid"/>
change it and test on configutool before activate & restart .
Thanks
Tag -
UME Configuration for 2 groups
Hi All,
We have configured our UME with one LDAP source having group path as 'ou=groups,ou=SAP ePortal,ou=Applications,ou=Intranet,dc=<companyname>,dc=com'.
But if we create a new group, can we configure the XML such that it will have both the groups. Existing one should be as it is and the new one should also be added.
Regards,
GurmatHi
How to configure multiple LDAP datasources?
ans:
a) Note 736471 - UME Configuration of multiple LDAP data sources
b)https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/e1959b90-0201-0010-849c-d2b1d574768b
Example: Configuration of Multiple LDAP Data Sources
http://help.sap.com/saphelp_nw70/helpdata/EN/4e/4d0d40c04af72ee10000000a1550b0/content.htm
Regards
Shridhar Gowda -
Dear all ,
I am using SPnego and Kerberos methode to do a single signOn between the EP 7.0 and the Operating System.
I have created the service user as mentioned in the NOTE ,but when coming to the UME configuration i am confused ,i need to edit the dataSourceConfiguration_adam_readonly.xml file which SAP has provided.I have done that.
Now my question is where to place the edited XML file of the datasource.
Its very urgent Please help me out.
Thanks
Ravi.sHi!
In fact you can place the edited .xml File anywhere you like. You need to upload it from configtool before you can use it. The location should be something that will not be accidentally overwritten and is not world-writable - otherwise feel free to choose any location that suits your needs. <Drive>:\usr\sap\<SID\ might be a good choice for example.
Regards,
Ju00F6rg -
ERP 2005 IDES Installation UME Configuration Error
Hello All,
I am installing ERP 2005 SR2 .
At the step of UME Configuration it is stopped.
I restarted sapinst but no luck , again stoped sap with mmc and restarted the machine and started the sap and then started the sapinst but there was also no luck.
I really appreciate if some one can suggest me.Thanks a lot in advance
ERROR 2010-10-14 16:20:54
CJS-30059 Java EE Engine configuration error.<br>DIAGNOSIS: Error when configuring J2EE Engine. See output of logfile umconfigurator.log: 'Warning :
ERPTRAINING/sapmnt/ER5/SYS/global/security/lib/tools/w3c_http.jar file stated but does not exist !Exception occurred in openJar(
ERPTRAINING\sapmnt\ER5\SYS\global\security\lib\tools\iaik_ssl.jar ) : java.util.zip.ZipException: The specified network name is no longer available at java.util.zip.ZipFile.open(Native Method) at java.util.zip.ZipFile.<init>(ZipFile.java:111) at java.util.jar.JarFile.<init>( JarFile.java:127) at java.util.jar.JarFile.<init>(JarFile.java:65) at com.sap.engine.offline.JarFilter.<init>(JarFilter.java:30) at com.sap.engine.offline.FileClassLoader.openJar(FileClassLoader.java:1131) at com.sap.engine.offline.FileClassLoader.findClass(FileClassLoader.java:623) at com.sap.engine.offline.FileClassLoader.loadClass(FileClassLoader.java:600) at com.sap.engine.offline.FileClassLoader.loadClass(FileClassLoader.java :578) at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:79)Oct 14, 2010 4:20:52 PM Info: UME configurator (com.sap.security.tools.UMConfiguratorLoad) called for action "setup"PerfTimes : loadNativeLayer: loading jperflib failed. no jperflib in java.library.pathOct 14, 2010 4:20:53 PM Error: main() [EXCEPTION] com.sap.engine.frame.core.configuration.ConfigurationException: Error while connecting to DB. at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool .<init>(DBConnectionPool.java:115) at com.sap.engine.core.configuration.impl.persistence.rdbms.PersistenceHandler.<init>(PersistenceHandler.java:38) at com.sap.engine.core.configuration.impl.cache.ConfigurationCache .<init>(ConfigurationCache.java:149) at com.sap.engine.core.configuration.bootstrap.ConfigurationManagerBootstrapImpl.init(ConfigurationManagerBootstrapImpl.java:236) at com.sap.engine.core.configuration.bootstrap.ConfigurationManagerBootstrapImpl .<init>(ConfigurationManagerBootstrapImpl.java:60) at com.sap.security.tools.UMConfigModel.<init>(UMConfigModel.java:79) at com.sap.security.tools.UMConfiguratorLoad.main(UMConfiguratorLoad.java:179) at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke( Method.java:324) at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)Caused by: com.sap.sql.log.OpenSQLException: Error while accessing secure store: File "
ERPTRAINING/sapmnt/ER5/SYS/global/security/data/SecStore.properties" is invalid: record with key "$internal/mode" is missing.. at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:106) at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:145) at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:226) at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName (OpenSQLDataSourceImpl.java:197) at com.sa
p.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:112) ... 11 moreCaused by: com.sap.security.core.server.secstorefs.FileInvalidException : File "
ERPTRAINING/sapmnt/ER5/SYS/global/security/data/SecStore.properties" is invalid: record with key "$internal/mode" is missing. at com.sap.security.core.server.secstorefs.StorageHandler.openExistingStore(StorageHandler.java:391) at com.sap.security.core.server.secstorefs.SecStoreFS.openExistingStore(SecStoreFS.java:1946) at com.sap.sql.connect.OpenSQLConnectInfo.getStore (OpenSQLConnectInfo.java:802) at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783) at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209) ... 13 more
ERROR 2010-10-14 16:20:54
FCO-00011 The step runUMConfigurator with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|1|0|NW_CI_Instance|ind|ind|ind|ind|11|0|NW_CI_Instance_Configure_Java|ind|ind|ind|ind|4|0|NW_UME_Configuration|ind|ind|ind|ind|1|0|NW_UME_Configuration_Doublestack|ind|ind|ind|ind|1|0|runUMConfigurator was executed with status ERROR .Hi Basis,
Note 848950/851251 may solve your problems.
If problem persists, then try copying the CD again to dump location and restart the installation , it appears that sapinst is not able to open jar file.
Hope this is useful
Regards
Umesh -
DataSource and PreparedStatement
I am using DataSource and PreparedStatement in weblogic8.1 for a J2EE application.
It works if we use only EJB..but if we use enterprise app. i.e. servlets,jsp,ejb etc.. it does not work.
Can somebody tell the reason behind it??Why do you feel this is an issue with the PreparedStatements and not just the DataSource? Are you sure you have configured the DataSource correctly for your platforms outside your ejb container?
-
Error in UME configuration stage
Hi all,
I am installing SAP Netweaver with EHP1 Java application server as a central system.But I am stuck at the step UME Configuration .In UME congigration phase I 'am selecting option USE ABAP (so that administrators can manage users with transaction SU01 ) rather than JAVA Database ( default ).
At the next step of installation ,it is asking for ABAP connection and J2EE engine connection parameters like instance Host,communication user,Administratoe user,guest user.So after providing all these details when Iclick on next button ,it doesn't move to next stage ,also not throw any error message.
When I have checked sapinst_dev log in C:\Program Files\sapinst_instdir\NW701\AS-JAVA\ORA\CENTRAL directory ,its show me :
2011-05-20 11:50:27.939
CJSlibModule::writeWarning_impl()
Execution of the command ""C:\Program Files\sapinst_instdir\NW701\AS-JAVA\ORA\CENTRAL\install\jlaunch.exe" UserCheck.jlaunch com.sap.security.tools.UserCheck "C:\Program Files\sapinst_instdir\NW701\AS-JAVA\ORA\CENTRAL\install\lib;C:\Program Files\sapinst_instdir\NW701\AS-JAVA\ORA\CENTRAL\install\sharedlib;C:\Program Files\sapinst_instdir\NW701\AS-JAVA\ORA\CENTRAL\install" -c sysnr=00 -c ashost=SAPEBSA1 -c client=100 -c user=SAPJSF -c XXXXXX -a checkOnly -u SAPJSF -p XXXXXX -user_type system -message_file UserCheck.message" finished with return code -3. Output:
Usage : C:\Program Files\sapinst_instdir\NW701\AS-JAVA\ORA\CENTRAL\install\jlaunch.exe [-options] <arg0> <arg1> ... <argn>
Launch the specified java program
options : [-file=<property file>] (default=jlaunch.properties)
* [-nodename=<node name>] (default=jlaunch)*
* [-app=<application name>] Standalone application*
* -> <property file> = <application name>.properties*
* -> <SAP profile> = <application name>.pfl*
* [pf=<SAP profile>] (default=jlaunch.pfl)*
* [-parent=<pid of the parent process>] (default=0)*
* [-tracefile=<filename>] (default=dev_jlaunch)*
Critical Error
Can't read program properties
-> Internal program error (rc = -1)
INFO 2011-05-20 11:50:27.955 [synxcfile.cpp:427]
*CSyFileImpl::removeEx(ISyFSErrorHandler * pErrorHandler)*
lib=syslib module=syslib
Removed file C:\Program Files\sapinst_instdir\NW701\AS-JAVA\ORA\CENTRAL\dev_UserCheck.
TRACE 2011-05-20 11:50:27.955
NWException thrown: nw.ume.generalError:
. DIAGNOSIS: For more details see output of log file:
TRACE 2011-05-20 11:50:28.80 [iaxxdlghnd.cpp:131]
CDialogHandler::doHandleDoc()
Dialog validator of dialog : d_nw_ume_standalone_abap
called by :|NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|onehost|0|NW_CI_Instance|ind|ind|ind|ind|ci|0|NW_CI_Instance_Configure_Java|ind|ind|ind|ind|javaconfig|0|NW_UME_Configuration|ind|ind|ind|ind|ume|0|NW_UME_Configuration_Standalone|ind|ind|ind|ind|0|0|askPasswords
returns false without any additional information.
TRACE 2011-05-20 11:50:28.80 [iaxxgenimp.cpp:1248]
CGuiEngineImp::acceptAnswerForBlockingRequest
Waiting for an answer from GUI
UserCheck JLAUNCH file :
UserCheck.Name = UserCheck
UserCheck.ClassPath = C:\Program Files\sapinst_instdir\NW701\AS-JAVA\ORA\CENTRAL\install\sharedlib\launcher.jar
UserCheck.mainclass = com.sap.engine.offline.OfflineToolStart
UserCheck.rootPath = C:\Program Files/sapinst_instdir/NW701/AS-JAVA/ORA/CENTRAL/
UserCheck.JavaPath = C:/j2sdk1.4.2_30-x64
Plese give me your valuaable advice.
Many Thanks,
AmitHi,
Here is your options:
1. Login to SAPEBSA1 with SAPJSF and password you provided in the SAPinst. If you are not able to login ... login with any other user like DDIC.
Change user type of SAPJSF to Dialog ( if user not exist then create user SAPJSF) and assign role 1. SAP_BC_JSF_COMMUNICATION_RO and 2. SAP_BC_JSF_COMMUNICATION.
Once you are able to login, then change user type to system and then try to continue in SAPinst.
-Sanjay -
IdM 7.2 UI - link between UME "User ID" and MSKEYVALUE
Hello together,
if we provide somebody access to the user interface of the IdM the user has no permissions/can not see any tab in the Portal UI.
The user has the necessary UME actions/role in the portal and the corresponding identity has the nescessary MX_PRIV* privileges in IdM.
We are using generated MSKEYVALUEs in our IdM landscape which are not the user IDs of the employees. Therefore UME "User ID" and IdM "MSKEYVALUE" are not the same.
Example:
My user ID in the portal: micfra
My MSKEYVALUE in the IdM: 0123456
But there is another Z attribute which contains my user ID.
If I Change my MSKEYVALUE temporary to "micfra" everything is working fine.
Is there any possibility to configure the IdM so that another attribute will be used to link both systems? How can I provide user Access to UI when MSKEYVALUE do not contains user ID of portal?
Thanks and best wishes
MichaelHi Michael,
I've always had MSKEYVALUE and my UME ID match when using UME as the back end. It's just easier and provides a known, common link between my systems.
However it seems if you wish to use another value, you can change this by going to your Identity Store, General Tab, and change the value of Unique ID.
Hope this helps,
Matt -
BW install UME configuration error
Hi experts
we tring to install nw2004s sr2 on our windows2003 64bit server. at steps 34 of 49 configurate UME ,there is an error return code 0 .
i checked the log files. it says
Info: UME configurator
(com.sap.security.tools.UMConfiguratorLoad) called for action "setup"
PerfTimes : loadNativeLayer: loading jperflib failed. no jperflib in java.library.path
java.text.ParseException: cannot read MAC address from [
Windows IP Configuration
Host Name . . . . . . . . . . . . : BWSVR
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter ] using ipconfig /all
at com.sap.bc.krn.perf.PerfTimes.windowsParseMacAddress
(PerfTimes.java:1173)
at com.sap.bc.krn.perf.PerfTimes.getMacAddress(PerfTimes.java:289)
at com.sap.bc.krn.perf.PerfTimes.getMacAddress(PerfTimes.java:260)
at com.sap.tc.logging.UID.getnodeaddress(UID.java:303)
at com.sap.tc.logging.UID.<clinit>(UID.java:59)
at com.sap.tc.logging.GUId.toString(GUId.java:46)
at java.lang.String.valueOf(String.java:2131)
at java.lang.StringBuffer.append(StringBuffer.java:370)
at com.sap.tc.logging.ListFormatter.format(ListFormatter.java:216)
at com.sap.tc.logging.Log.writeInt(Log.java:864)
at com.sap.tc.logging.Log.writeInternalByAPI(Log.java:930)
at com.sap.tc.logging.LogController.writeToLogs(LogController.java:3171)
at com.sap.tc.logging.LogController.messageInternal
(LogController.java:2291)
at com.sap.tc.logging.LogController.logInt(LogController.java:2488)
at com.sap.tc.logging.LogController.logInt(LogController.java:2443)
at com.sap.tc.logging.LogController.logIntByAPI(LogController.java:2242)
at com.sap.tc.logging.APILogger.instrumentIntByAPI(APILogger.java:74)
at com.sap.tc.logging.LogController.addLog(LogController.java:1331)
at com.sap.tc.logging.PropertiesConfigurator.configure
(PropertiesConfigurator.java:1119)
at com.sap.engine.core.configuration.impl.Logging.<init>(Logging.java:57)
at com.sap.engine.core.configuration.bootstrap.ConfigurationManagerBootstrapImpl.init
(ConfigurationManagerBootstrapImpl.java:176)
at com.sap.engine.core.configuration.bootstrap.ConfigurationManagerBootstrapImpl.<init>
(ConfigurationManagerBootstrapImpl.java:60)
at com.sap.security.tools.UMConfigModel.<init>(UMConfigModel.java:79)
at com.sap.security.tools.UMConfiguratorLoad.main
(UMConfiguratorLoad.java:179)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
getMacAddress() failed **
trying to get mac address from **
file C:\Program Files\sapinst_instdir\SOLMAN\SYSTEM\ORA\CENTRAL\AS\MAC_ADDRESS
Exception : CreateProcess: cat MAC_ADDRESS error=2
getMacAddress() failed **
failed to get mac address with Runtime.getRuntime().exec( cat MAC_ADDRESS )
java.text.ParseException: cannot read MAC address for SAPSOL from [] using cat
MAC_ADDRESS
at com.sap.bc.krn.perf.PerfTimes.voidParseMacAddress(PerfTimes.java:1326)
at com.sap.bc.krn.perf.PerfTimes.getMacAddress(PerfTimes.java:571)
at com.sap.bc.krn.perf.PerfTimes.getMacAddress(PerfTimes.java:260)
at com.sap.tc.logging.UID.getnodeaddress(UID.java:303)
at com.sap.tc.logging.UID.<clinit>(UID.java:59)
at com.sap.tc.logging.GUId.toString(GUId.java:46)
at java.lang.String.valueOf(String.java:2131)
at java.lang.StringBuffer.append(StringBuffer.java:370)
at com.sap.tc.logging.ListFormatter.format(ListFormatter.java:216)
at com.sap.tc.logging.Log.writeInt(Log.java:864)
at com.sap.tc.logging.Log.writeInternalByAPI(Log.java:930)
at com.sap.tc.logging.LogController.writeToLogs(LogController.java:3171)
at com.sap.tc.logging.LogController.messageInternal
(LogController.java:2291)
at com.sap.tc.logging.LogController.logInt(LogController.java:2488)
at com.sap.tc.logging.LogController.logInt(LogController.java:2443)
at com.sap.tc.logging.LogController.logIntByAPI(LogController.java:2242)
at com.sap.tc.logging.APILogger.instrumentIntByAPI(APILogger.java:74)
at com.sap.tc.logging.LogController.addLog(LogController.java:1331)
at com.sap.tc.logging.PropertiesConfigurator.configure
(PropertiesConfigurator.java:1119)
at com.sap.engine.core.configuration.impl.Logging.<init>(Logging.java:57)
at
com.sap.engine.core.configuration.bootstrap.ConfigurationManagerBootstrapImpl.init
(ConfigurationManagerBootstrapImpl.java:176)
at
com.sap.engine.core.configuration.bootstrap.ConfigurationManagerBootstrapImpl.<init>
(ConfigurationManagerBootstrapImpl.java:60)
at com.sap.security.tools.UMConfigModel.<init>(UMConfigModel.java:79)
at com.sap.security.tools.UMConfiguratorLoad.main
(UMConfiguratorLoad.java:179)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke
(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke
(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
Suggested workaround: **
create file C:\Program
Files\sapinst_instdir\SOLMAN\SYSTEM\ORA\CENTRAL\AS\MAC_ADDRESS
with hostname and mac address in the following format: **
BWSVR xx:xx:xx:xx:xx:xx
we have tried sap's suggestion. create a file MAC_ADDRESS like that
however, it doesn't work. and also we have tried to off the network card and restart many times. it have no use either.
now what should i do let the installation go on
thanks
ying xieHi,
sorry it is not dev_col
exact file name is
dev_coll
open that file and check is there any error like mac_address fail.
if there is no any error , then retry your installtion .
Thanks
Anil -
hi,
We've installed NW04s for Portal Usage with ABAP+Java Stack together.
Default installation UME configuration is dataSourceConfiguration_abap.xml and by this, users can only be created, maintaned (name, logon lang,...) in ABAP stack, even newly created users need to login first to ABAP stack to take new password before able to login to Portal.
This is not feasible, if we're going to use Portal at Internet.
We need, user may be created within ABAP, but should be maintained within Portal as well.
For this purpose, <b>do we need to switch to another UME Configuration (dataSourceConfiguration_r3_rw.xml or dataSourceConfiguration_database_only.xml)? Or there is an option to enable this need.</b>
RegardsSadly the only option when you install the ABAP stack as part of the portal is that you can only select the ABAP users as a data source. In order to use the portal database as the UME source you need to install the JAVA stack on its own. See the following SAP link help for an explanation - <a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/f5/8fdc3fca21eb06e10000000a1550b0/frameset.htm">SAP help UME link</a>
-
UME Configuration - Abap System as userstore, can it be reversed?
Hi,
according to SAP note: 718383 (Supported UME datasources and change options), you cannot change the datasource once you start to use dataSourceConfiguration_abap.xml (Abap system) as datasource.
Is this correctly understood? Does this mean I could never change back to i.e. "Database only" or any LDAP alternative?
I would thus have to do a fresh portal installation?
Best Regards
OlofHI,
Once I planned to do the same, chnaging my Data Source from ABAP, but dropped my plan after analysis.
Please check this link,
[http://help.sap.com/saphelp_nw04s/helpdata/en/45/af3ac012d32e78e10000000a155369/frameset.htm]
also this the following link might be useful,
[http://help.sap.com/saphelp_nw04s/helpdata/en/b7/14d43f2dd44821e10000000a1550b0/frameset.htm]
Thanks,
Vamshi
Maybe you are looking for
-
Prior to this, I installed newest version of Adobe App Mgr as suggested by pop up note.
-
Steps to create tabstrip for subscreen in selection screen
hi, can let me know the steps taken to create subscreen in selection screen and put in tabstrip? i need to have 3 screens. 1000 being the tabstrip, 2000 being first subscreen and 3000 being the second subscreen. i have the abap code but i do not know
-
Defining a recursive view in SAP HANA
Hi All, Currently SAP HANA does not support defining recursive views as already mentioned in Tals discussion as per the following link: Defining a recursive view in SAP HANA I would like to ask again if this limitation is still exist in latest SAP HA
-
How to transfer photos between albums?
I am a new user, I loaded many old photos and want to move them into smaller albums,
-
Load cube data at multiple levels
Hi All, I have a time dimension with following hierarchies. all_time --> Year --> Quarter -->Month all_time -->Week My fact table contains data at week and month level. I mapped my fact table time_key to both levels(Week and month) in AWM but when I