Work Portal Authentication with MSAD
Hi,
I have followed the document "Fuego Enterprise 5.1 and 5.5 Work Portal Authentication using microsoft Acive directory".
I am using Aqualogic 5.7 Standalone.
I have problems to log into the work portal with a MSAD user. Tomcat performs authentication against MSAD but after that it returns a Http 403 error (Access denied).
I have created a participan in aqualogic msad structure directly with the same id as msad user because I can not add participants through the process administrator but still the same problem.
In the document above in the paragraph "Configuring Fuego Directory service repository" it tells how to configure to automatic login to work portal after authenticating by tomcat with a fuego directory service deployed in an RDBMS (inserting two rows in a table) but it does not say anything if it is deployed in MSAD (We don´t have such table). Perhaps this is my configuration problem.
Any help would be appreciated.
Thanks in advance.
If you configured ALBPM Directory on MSAD (and not a RDBMS), then ALBPM will
naturally use MSAD for authentication.
You shouldn't need to do anything described in that document (no need for
special Tomcat configuration, no need to configure the Workspace either)
Fernando
Rub?n Vidaurre <> wrote:
Hi,
I have followed the document "Fuego Enterprise 5.1 and 5.5 Work Portal
Authentication using microsoft Acive directory". I am using Aqualogic 5.7
Standalone. I have problems to log into the work portal with a MSAD user.
Tomcat performs authentication against MSAD but after that it returns a
Http 403 error (Access denied).
I have created a participan in aqualogic msad structure directly with the
same id as msad user because I can not add participants through the
process administrator but still the same problem. In the document above in
the paragraph "Configuring Fuego Directory service repository" it tells
how to configure to automatic login to work portal after authenticating by
tomcat with a fuego directory service deployed in an RDBMS (inserting two
rows in a table) but it does not say anything if it is deployed in MSAD
(We don??t have such table). Perhaps this is my configuration problem. Any
help would be appreciated. Thanks in advance.
Similar Messages
-
Not Working-central web-authentication with a switch and Identity Service Engine
on the followup the document "Configuration example : central web-authentication with a switch and Identity Service Engine" by Nicolas Darchis, since the redirection on the switch is not working, i'm asking for your help...
I'm using ISE Version : 1.0.4.573 and WS-C2960-24PC-L w/software 12.2(55)SE1 and image C2960-LANBASEK9-M for the access.
The interface configuration looks like this:
interface FastEthernet0/24
switchport access vlan 6
switchport mode access
switchport voice vlan 20
ip access-group webauth in
authentication event fail action next-method
authentication event server dead action authorize
authentication event server alive action reinitialize
authentication order mab
authentication priority mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
spanning-tree portfast
end
The ACL's
Extended IP access list webauth
10 permit ip any any
Extended IP access list redirect
10 deny ip any host 172.22.2.38
20 permit tcp any any eq www
30 permit tcp any any eq 443
The ISE side configuration I follow it step by step...
When I conect the XP client, e see the following Autenthication session...
swlx0x0x#show authentication sessions interface fastEthernet 0/24
Interface: FastEthernet0/24
MAC Address: 0015.c549.5c99
IP Address: 172.22.3.184
User-Name: 00-15-C5-49-5C-99
Status: Authz Success
Domain: DATA
Oper host mode: single-host
Oper control dir: both
Authorized By: Authentication Server
Vlan Group: N/A
URL Redirect ACL: redirect
URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
Session timeout: N/A
Idle timeout: N/A
Common Session ID: AC16011F000000490AC1A9E2
Acct Session ID: 0x00000077
Handle: 0xB7000049
Runnable methods list:
Method State
mab Authc Success
But there is no redirection, and I get the the following message on switch console:
756005: Mar 28 11:40:30: epm-redirect:IP=172.22.3.184: No redirection policy for this host
756006: Mar 28 11:40:30: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
I have to mention I'm using an http proxy on port 8080...
Any Ideas on what is going wrong?
Regards
NunoOK, so I upgraded the IOS to version
SW Version: 12.2(55)SE5, SW Image: C2960-LANBASEK9-M
I tweak with ACL's to the following:
Extended IP access list redirect
10 permit ip any any (13 matches)
and created a DACL that is downloaded along with the authentication
Extended IP access list xACSACLx-IP-redirect-4f743d58 (per-user)
10 permit ip any any
I can see the epm session
swlx0x0x#show epm session ip 172.22.3.74
Admission feature: DOT1X
ACS ACL: xACSACLx-IP-redirect-4f743d58
URL Redirect ACL: redirect
URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
And authentication
swlx0x0x#show authentication sessions interface fastEthernet 0/24
Interface: FastEthernet0/24
MAC Address: 0015.c549.5c99
IP Address: 172.22.3.74
User-Name: 00-15-C5-49-5C-99
Status: Authz Success
Domain: DATA
Oper host mode: multi-auth
Oper control dir: both
Authorized By: Authentication Server
Vlan Group: N/A
ACS ACL: xACSACLx-IP-redirect-4f743d58
URL Redirect ACL: redirect
URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
Session timeout: N/A
Idle timeout: N/A
Common Session ID: AC16011F000000160042BD98
Acct Session ID: 0x0000001B
Handle: 0x90000016
Runnable methods list:
Method State
mab Authc Success
on the logging, I get the following messages...
017857: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
017858: Mar 29 11:27:04: epm-redirect:epm_redirect_cache_gen_hash: IP=172.22.3.74 Hash=271
017859: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: CacheEntryGet Success
017860: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: Ingress packet on [idb= FastEthernet0/24] matched with [acl=redirect]
017861: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Enqueue the packet with if_input=FastEthernet0/24
017862: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_process ...
017863: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Not an HTTP(s) packet
What I'm I missing? -
SAPGUI and Portal Authentication using AD Credentials with usr/passw prompt
Hi Experts,
We have the following requirements:
1. Portal/EP has UME set to ABAP (in other words using ECC6 system's user/password).
2. ECC6 user-id's differ from Active Directory user.
3. User logs in to Active Directory.
4. User wants to log on to SAPGUI (ECC6 system), with a user-name password prompt, using the Active directory Credentials.
5. User wants to log on to Portal/EP, with a user-name password promt, using the Active Directory Credentials.
The following suggested solution was the closest to the requirement (without to much technical detail):
1. For SAPGUI, implement SSO on the workstation GUI's and maintain the Active Directory user in transaction SU01 in the ALIAS field.
This should enable the user to, after having logged onto the Active Directory, to open the SAPGUI and WITHOUT user-name password prompt, be authenticated and logged into SAP. This would entail settings to be done on each workstations GUI.
2. For the Portal/EP, implement Kerberos on the portal, setting it to authenticate to the AD. As per note 935644 maintain an additional attribute on the UME, to enable the mapping between the UME and the AD users.
This should enable the user, after having logged onto the Active Directory, to open Internet Explorer, go to the Portal URL, and be authenticated and logged into the portal, without WITHOUT user-name password prompt.
Do you know the viability of this solution, or whether there is any better suggestion (especially to keep the user-name password prompt, and without changing the ECC6 or Active directory users).
Regards.AJP,
The description you have given is an exact description of the capability of our product. I represent a company called CyberSafe, and our products are designed and sold to SAP customers for integrating the SAP user authentication with Active Directory authentication. We have some unique features in our product which you could benefit from, e.g. our SAP GUI SNC library has the ability to popup a logon screen asking user for Active Directory account and password before it logs the user onto SAP. Also, when the SAP system has authenticated the user, either via the Web browser or via SAP GUI their Kerberos principal name (determined from AD account name and domain) is mapped onto a SAP user using a table in the ABAP system. The browser authentication even uses this same table for mapping so that an authenticated account name does not need to be same as the SAP user they log onto.
If you would like to discuss our product more, and/or arrange a free evaluation please contact me using the email address in my SDN business card.
Thankyou,
Tim -
SiteMinder Authentication with Portal
Hi,
We are implementing CA's SiteMinder Login Module for Portal Authentication. In the Login Modules configurations, if I assign
SiteMinder Login Module - REQUISITE
CreateTicket Login Module - REQUIRED
we are able to authenticate through Site Minder Policy server.
What I want is,
if I use reverse proxy of SiteMinder; login through SiteMinder.
If I use direct link of the portal; login through BasicPasword Login Module.
I tried :
SiteMinder Login Module - OPTIONAL
CreateTicket Login Module - SUFFICIENT
Basic Password Login Module - REQUISITE
CreateTicket Login Module - OPTIONAL
In this configuration if I use Site Minder authentication, it is ok but if I use direk link to portal it gives error.
I want to be sure that above configuration is ok or not
Thanks in advance
Abdul.Hi Shobit,
Check this link:
Cookies Problem with 3 tiered SSO
Thanks and Regards,
Shyam. -
I have a very similar problem in that I changed my appleID loginid and now none of my home shares work (5506) . All itunes have been re-authorized/authenticated with the new appleID string. Yet I still receive this error. I too am looking for suggestions.
If you no longer have the computer(s) you want to deauthorise,
Log in to iTunes, go to "view your account info" on the itunes store, deauthorise all five, (Please Note: this can only be done Once every 12 months) and then re-authorize your current Computer(s) one at a time.
Authorise / Deauthorise About
http://support.apple.com/kb/HT1420 -
Policy agent 2.2 amfilter local authentication with session binding failed
Hi All,
I have policy agent 2.2 for weblogic 8.1 sp4 installed on redhat linux. All are working fine in my development box. But I was running all the process under user root, so today I decided to change it to a regular user, joe. I changed all the files' owner for weblogic server and policy agent from root to joe, and restart server as user Joe. After the change, I can not access the application on Weblogic server. I changed file ownership back to root and restart weblogic server as root, still same error.
Here is the error I got:
10.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.
Here is the error I found from agent log file, amFilter:
AmFilter: now processing: SSO Task Handler
05/24/2006 06:27:08:127 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
SSOTaskHandler: caching SSO Token for user uid=amAdmin,ou=People,dc=etouch,dc=net
05/24/2006 06:27:08:127 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
AmBaseSSOCache: cached the sso token for user principal : uid=amadmin,ou=people,dc=etouch,dc=net sso token: AQIC5wM2LY4Sfcx4XY/x/M7G1Y3ScVjFj8E3oT0BV45mh0Q=@AAJTSQACMDE=#, cache size = 1
05/24/2006 06:27:08:127 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
SSOTaskHandler: SSO Validation successful for uid=amAdmin,ou=People,dc=etouch,dc=net
05/24/2006 06:27:08:128 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
AmFilter: now processing: J2EE Local Logout Task Handler
05/24/2006 06:27:08:128 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
AmFilter: local logout skipped SSO User => amAdmin, principal =>null
05/24/2006 06:27:08:128 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
AmFilter: now processing: J2EE Local Auth Task Handler
05/24/2006 06:27:08:128 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
LocalAuthTaskHandler: No principal found. Initiating local authentication for amAdmin
05/24/2006 06:27:08:128 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
LocalAuthTaskHandler: doing local authentication with session binding
05/24/2006 06:27:08:129 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
LocalAuthTaskHandler: Local authentication failed, invalidating session.05/24/2006 06:27:08:129 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
WARNING: LocalAuthTaskHandler: Local authentication failed for : /portal/index.jsp, SSO Token: AQIC5wM2LY4Sfcx4XY/x/M7G1Y3ScVjFj8E3oT0BV45mh0Q=@AAJTSQACMDE=#
05/24/2006 06:27:08:129 PM PDT: Thread[ExecuteThread: '14' for queue: 'weblogic.kernel.Default',5,Thread Group for Queue: 'weblogic.kernel.Default']
AmFilter: result =>
FilterResult:
Status : FORBIDDEN
RedirectURL : null
RequestHelper:
null
Data:
null
-----------------------------------------------------------Hi,
I'm having the exact same problem in the Prod environment, but on a Sun App Server. In development all is fine, in prod we now have:
ERROR: AmFilter: Error while delegating to inbound handler: J2EE Local Auth Task Handler, access will be denied
java.lang.IllegalStateException: invalidate: Session already invalidated
at org.apache.catalina.session.StandardSession.invalidate(StandardSession.java:1258)
at org.apache.catalina.session.StandardSessionFacade.invalidate(StandardSessionFacade.java:164)
at com.sun.identity.agents.filter.LocalAuthTaskHandler.doLocalAuthWithSessionBinding(LocalAuthTaskHandler.java:289)
at com.sun.identity.agents.filter.LocalAuthTaskHandler.authenticate(LocalAuthTaskHandler.java:159)
at com.sun.identity.agents.filter.LocalAuthTaskHandler.process(LocalAuthTaskHandler.java:106)
at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:185)
at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:152)
at com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:38)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:161)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:263)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:225)
FilterResult:
Status : FORBIDDEN
RedirectURL : null
RequestHelper:
null
Data:
null
Also, we I debug I see:
LocalAuthTaskHandler: No principal found. Initiating local authentication for ...
Did you receive any solution for this?
Many, many thanks,
Philip -
EP Sneak Preview - Moving from Portal Authentication to LDAP
Has anyone used the EP sneak preview, configuring first against portal authentication alone and then moving users to LDAP and leaving just the roles in the portal db, without having disaster strike and have to reinstall, etc.?
Thanks in advance.hi,
according to the Quick Install Guide
<i>(url: https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/documents/a1-8-4/Quick%20Installation%20Guide%20for%20SAP%20NetWeaver%20EP%20on%20MaxDB,%20Developer%20Edition%20Sneak%20Preview.htm)</i>
first i installed the latest JDK, which is 1.4.2_08
manually i set the following environment variables (like i read a few threads before):
CLASSPATH =
%JAVA_HOME%lib;%JAVA_HOME%jrelib;
JAVA_HOME = C:j2sdk1.4.2_08
Path = %JAVA_HOME%bin;c:j2sdk1.4.2_08bin;c:j2sdk1.4.2_08jrebin;...
when clicking sapinst.exe it says: <i>latest JRE 1.4.2 with latest Patch level could not be found.</i>
then i checked startinstgui.bat and get the following error:
the system cannot find the path.
Starting SAPinst GUI with local Java Runtime
Java Runtime found in JAVA_HOME environment variable
Java path: C:j2sdk1.4.2_08binjava.exe
a logon screen appears for sagui installation, which wants to logon to localhost and port 21212. this does not work as i have no webserver running...
i am riding xp - maybe the whole thing really works only on win2000 or win server 2003?
any comments apreciated.
Matthias -
Caching for Web Portal Authenticated clients
Reading CUWN documentation, Sticky Key Caching works only on WPA2-enabled WLANs. Is it possible to enable a caching to help Web Portal Authenticated clients perform intra-controller roaming faster?
Ok, so here's how it works:
When the client gets on the network, the controller contacts the DHCP server and hands the client back its IP (as with any helper address).
In order for web auth to work, you need to open a browser on the client.
When you go to a page (say www.google.com) your browser does a DNS query for the IP address of the site (www.google.com), the controller intercepts the query.
Since you have not been authenticated yet, the controller does not allow the query directly, but it proxies the query to the DNS server you were trying to resolve against. It sources this query from its interface that is on the VLAN the SSID your client is on maps to.
That reply is proxied back to your computer, and then your browser does its normal request to Google?s IP.
The controller then intercepts that request, and sends a reply back redirecting the browser to the controller login page (usually https://1.1.1.1).
Once you log into the web page, you will be redirected back to your original page (www.google.com).
I hope I explained it well. If I wasn't clear, please let me know.
-Eric -
Creation of Portal iview, with BSP on internal server, call portal external
Hi all,
folowing issue:
we have a test portal link with the internet via apache reverse proxy:
e.g. http://www.xxx.at/irj is linked with http://cscinternal.csc.com:51000/irj
The portal can be started without any problem.
further we have a bsp applikation on an other internal SAP Server which can be reached with
http://cscinternal02.csc.com:8047.
the server is also listed in the apache reverseproxy list as http://www.xxx.at/its
The bsp application link: http://www.xxx.at/its/sap/bc/bsp/sap/y_test_pdf_01/main.htm
can be reach via internet without any problem.
The bsp shows an radiobutton list + button, with the button one can show a list in an second window.
so, now i will call this bsp in an iview via portal
01. i tried the "URL iview", result: i can reach the html but on any action the side do nothing
02. i tried to config "iview BSP" BUT .... i have now idea what system i should put in,
the second sap system is configured but there is the internal name in (i guess) ...
so i'm newbee in portal things, so i don't know where i can configure a system ...,
BUT beside this, PLEASE can anyone describe me how i can manage this internal BSP
in the portal to call it from external?
thanks a lot
bye MikeHi Mike,
Try below steps to make sure your have proper connection between Portal and back end SAP system.
1) Create a system object , Enter required details for "Web Application Server" Properties with below two options
A) Enter Direct SAP Server details
Web AS Host Name : cscinternal02.csc.com:8047
Web AS Path: /its/sap/bc/bsp/sap
Web AS Protocol: http
B) Enter apache reverseproxy
Web AS Host Name : www.xxx.at/its
Web AS Path:/sap/bc/bsp/sap
Web AS Protocol: http
2) Create a Alias . Run the connection test for Web Application Server (WAS). Make sure connection tests are successfull
3) Create a BSP Iview ,
BSP Definition Type: Application
Selct System Alias
Customer Namespace: sap
Application NameSpace: sap
Business Server Page (BSP) Application: y_test_pdf_01
Start Page: main.htm
Let me know if it works.
Thanks
Aravind
Intelligroup -
Certificate based authentication with sender SOAP adapter. Please help!
Hi Experts,
I have a scenario where first a .Net application makes a webservice call to XI via SOAP Adapter. Then the input from the .Net application is sent to the R/3 system via RFC adapter.
.Net --->SOAP -
>XI -
>RFC -
R/3 System
Now as per client requirement I have to implement certificate based authentication in the sender side for the webservice call. In this case the .Net application is the "client" and XI is the "server". In other words the client has to be authenticated by XI server. In order to accomplish this I have setup the security level in the SOAP sender channel as "HTTPS with client authentication". Additionally I have assigned a .Net userid in the sender agreement under "Assigned users" tab.
I have also installed the SSL certificate in the client side. Then generated the public key and loaded it into the XI server's keystore.
When I test the webservice via SOAPUI tool I am always getting the "401 Unauthorized" error. However if I give the userid/password for XI login in the properties option in the SOAPUI tool then it works fine. But my understanding is that in certificate based authentication, the authentication should happen based on the certificate and hence there is no need for the user to enter userid/password. Is my understanding correct? How to exactly test certificate based authentication?
Am I missing any steps for certificate based authentication?
Please help
Thanks
Gopal
Edited by: gopalkrishna baliga on Feb 5, 2008 10:51 AMHi!
Although soapUI is a very goot SOAP testing tool, you can't test certificate based authentication with it. There is no way (since I know) how to import certificat into soapUI.
So, try to find other tool, which can use certificates or tey it directly with the sender system.
Peter -
Regarding : How to add a user to portal group with the help of webdynpro .
Hii ,
I am working on an application in which with the help of an action( Button) we r adding a user in Ztable in R/3 , as well as group in portal.
The user r successfully creating in Ztable but from portal side No user is assigned to Portal group.
I need coding solution for " How to add a user to portal group with help of webdynpro"
Any usefull link will also do.
Pls anyone have any solution ??
Thnks in advance.
Rewards r waiting for u .Hi,
Use UME api to add user to portal group.
Using UME API:
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/40d562b7-1405-2a10-dfa3-b03148a9bd19
Regards,
Naga -
LDAP authentication with MD5 passwords
Hi,
in one of our Linux servers we have MD5 passwords stored in /etc/shadow. We want to implement pam_ldap on that machine, and move passwords to an LDAP database.
I know it is to be done with {crypt} storage scheme.
This works with DS 5.2 running on a Linux box, but under Solaris 8 I couldn't get it working. I know that Solaris 8 doesn't support MD5 passwords in its crypt(3) function, and I suppose Directory Server uses that. Somewhere I read that, however crypt() in Solaris 9 does support MD5.
Can you confirm that after upgrading to Solaris 9, authentication with MD5-hashed passwords will be possible? Has anyone tried it?
Thanks in advance,
KristofThanks you for your reply.
Our openldap version is openldap-2.3.39
And all passwords are encrypted with : Base 64 encoded md5
Below is a sample password:
{md5}2FeO34RYzgb7xbt2pYxcpA==Thanks again for any help.. -
How to work on SDK with SAP B1 2005
hi all,
its too urgent, if you have any information about it, kindly help me.
1. i need some details related to SDK. what are the tools needed for working on SDK with SAP B1 2005,
2. how to get the "microsoft visual studio" for writing code for sdk.is there any seperate tool available with SDK for that or we have to use the general " microsoft visual studio" for VB and VC++.
3. how to work on Screen painter add-on, able to design the forms,but how and where to write the code to make it work, or is there any tool kit for generating the code.
4. pls give the link in the SAP portal for downloading the " tools and software needed for working on SDK with SAP B1 2005.
if you have any tools, software and guide files related to sdk kindly please send me to my gmail address " [email protected] ".
it is very urgent, if you have any resources regarding this then kindly send me as soon as possible.
regards
sandipSandip,
The forum that you have posted your question in is for questions related to the SAP Business One Integration for SAP NetWeaver. Your question is SDK related and should be posted in the SAP Business One SDK Discussion forum.
That being said ... here are the answers to your questions ...
1. As far as the SDK goes, it does not provide an IDE. Since the API's are COM, then you can use any IDE that can communicate with COM objects such as VB6, VB.Net, C#, C++, etc.
2. As stated above, the SDK does not provide an IDE. You would need to purchase one or you can get a free one from Microsoft on there website such as Visual Basic 2005 Express Edition.
3. The Screen Painter is an SAP tool (independant of any IDE) that allows you to graphically create new SAP Business One looking forms and then save them to an XML format. You would then in your code use the LoadBatchActions method to load your XML form. Documentation on the Screen Painter and the LoadBatchActions method is in the SAP Business One SDK Help Center Documentation that comes with the SDK as well as there is eLearning available for the SDK on this portal as well as the SAP PartnerEdge Portal if you are an SAP Business One partner.
4. If you are an SAP Business One partner and have an "S" number, you can log into the SAP PartnerEdge Portal and then under SAP Business One and "Installations & Updates" you can download the SAP Business One product as the SDK installation is part of the overall installation package. If you are not a partner you would need to contact your local SAP Business One sales representative.
Other tools available that work with the SAP Business One SDK are located on the SDN Portal under this link ...
SAP Business One Tools [original link is broken]
HTH,
Eddy
P.S. please give points for helpful answers! -
RSA authentication with LDAP group mapping
Greetings,
I'm trying to set up RSA authentication with LDAP group mapping with ACS Release 4.2(1) Build 15 Patch 3.
The problem I'm having is that my users are in multiple OU's on our AD tree. When I only put our base DN in for User Directory Subtree on ACS, it fails with a "External DB reports about an error condition" error. If I add an OU in front of it, then it will work fine.
As far as I know, you can only use one LDAP configuration with RSA.
Any thoughts on this?@Tarik
I believe your suggestion is the only way i'm going to get this to work. I ran across a similar method just this week that I have been working on.
I was hoping for dynamic mapping with the original method, but I haven't found any way to make it happen. I have resorted to creating a Radius profile on the RSA appliance for each access group I need. Using the Class attribute, I then pass the desired Group name to the ACS, i.e. OU=Admins, and that seems to work.
Thankfully, I have a small group of users that I am attempting to map. I will only map those who need elevated priviliges to narrow down how many profiles I will have to manually create. Likewise, our Account Admin will have to determine who gets assigned a particular access group.
I would still prefer to do this dynamically.
Scott -
Is there a problem using popup LOVs in a portal form with a bind variable?
I have a portal form with 2 LOVs. The second LOV is a dependent LOV whose bind variable can be NULL. I have read Note 263923.1, "How To Create Dependent Lovs In Forms", and my form works as long as I use combo boxes to display the LOVs. I need to use popups so the user can search the LOVs as they are quite lengthy. Plus I want to be able to pick a value from my second LOV without selecting a value from the first LOV -- hence, my bind variable can be null and that is where my problem lies. As long as I select a value from the first LOV, the second LOV popup will work. If I click on the icon to display the second LOV without pre-selected a value from the first LOV, I get the following error:
POPUP LOV ERROR:
LOV: "9A17692880B6B8509F514F5B9CA9EC808DD403218B3CF19A33C04CD1FAB0ADE17ADC33E6B67998A933357CE5264D204E"
Parse Message: Parse as pre-set global: "TORE".
Find Message: LOV is of type DYNAMIC (LOV based on SQL query).
Query: "SELECT ...."
wwv_bind.prepare_bind: ORA-01403: no data found
My form is based on a table with a custom layout. The sql for the second LOV is similar to: SELECT ENAME, EMPNO FROM SCOTT.EMP WHERE (DEPTNO = :DEPT AND :DEPT IS NOT NULL) OR :DEPT IS NULL.
Thanks in advance for any help,
CarolDon't use EPS any more! It does not support transparency nor color management.
If you save vector files from Illustrator, use AI with PDF compatiblity.
If you save image files from Photoshop, use PSD.
If you save image files combined with vector forms and/or text from Photoshop, use PDP which is a Photoshop PDF.
For vectors from Illustrator use CMYK files.
For images use RGB, conversion to CMYK should never done before PDF export, better, if the printer allows it, is to export a PDF with live transparency as it is PDF/X-4
If the printer requires a PDF with CMYK only export a PDF/X-1a.
Maybe you are looking for
-
I don't understand why my code is not working please help!
import(flash.events.MouseEvent);{ stop(); button1.addEventListener(MouseEvent.CLICK,showpic1); button1.addEventListener(MouseEvent.CLICK,showpic2); button1.addEventListener(MouseEvent.CLICK,showpic3); button1.addEventListener(MouseEvent.CLICK,showpic
-
I was given an iPhone 4 from a friend and I was trying to reset it to factory settings but it won't let me. It's keeps popping up with a box to put in my friends iCloud account password in but I don't know it. How can i delete their iCloud account wi
-
HT1459 how do i reset an ipod i bought that has a passcode on it?
I bought an Ipod touch 2nd generation used and it has a passcode on it. How do I get this off of there so I can use it?
-
How can i get help with my email.
I can't get anything of my email via firefox ... I can read my email via yahoo app or i have to go to inter explorer .. I need help with this problem please . The option are there but once I click on any of them nothing cones up. Can someone please h
-
Digital camera/iPod question
Today I travel with my family from Honolulu to Puna, Hawaii to look at the possibility of buying a home there. I was wondering if it is possible to transfer pics from digital camera to iPod directly without the use of a my Mac? I'm not sure I want to