XMII SSO with Sharepoint

Similar Messages

• SSO with Sharepoint and BO

  Hi ,
  We have BO XI 3.0 installed on Windows server 2003 system and Sharepoint also installed on the same system. We need to do the SSO between Sharepoint and BO XI 3.0.
  Is it posible with this version, if so could anyone share your experience ? I saw the product documentation which is only for BO XI 3.1, but ! my environment is BO XI 3.0.
  Regards,
  Jyothi

  Hi Tim Ziemba,
  Thanks for the response.
  Yes, we are planning to upgrate the system soon. Now this is a POC for checking the functionality. Could you please share what are the prerequsites and where can i get the BO XI 3.0 with Sharepoint Integration Kit ?
  When i try to install Integration Kit of 3.1, it is asking to have Enterprise .Net SDK.  Where can i get it ?
  Regards,
  Jyothi

• Integrate SAP Netweaver 7 with SharePoint 2013 for SSO

  We are planning to Integrate SAP Netweaver 7.0 with SharePoint 2013 for SSO using SAML 2.0
  Would like to know what 3rd Party IDM tools are supported by SharePoint 2013  apart from ADFS
  Regards
  Mirza
  FBM

  This should help you Faheem
  http://scn.sap.com/community/interoperability-microsoft/blog/2011/01/31/installing-duet-enterprise-the-sap-side--a-video-guide
  Please remember to click 'Mark as Answer' on the answer if it helps you

• AD-RMS with SharePoint Document Access from Internet

  Hi Guys,
  I have a single AD-RMS Server running on 2008 R2 and SQL 2008 R2
  I have sharePoint 2010 Published to Internet.
  I need to integrate AD-RMS with SharePoint instep to provide access for my docuements through SHarepoint internet.
  My Questions:
  Using my single AD-RMS Server with SharePoint Intergration can all AD users access SharePoint from outside to be able to open encrypted documents?
  Is this artical (http://technet.microsoft.com/en-us/library/ee259515(WS.10).aspx) also work on SP 2010? is it the same steps?
  Do I need AD FS in my case?
  Do I need SSO in my case?
  Thanks

  Hi Jean,
  1. to make that working the Internet users need to authenticate against the RMS server as well. So you need to publish this server. Depending on your network policy you can just reverse proxy the RMS server or in a more complex scenario to have another server
  in a DMZ AD to facilitate that. Because you publish the Sharepoint Server to the Internet I assume you do not have a complex scenario.
  I hope you have chosen the URL for the RMS cluster wisely, so that it can be address from the Internet.
  2. I am not a big Sharepoint guy, but it looks familiar.
  3. No, you don't.
  4. No, but would be nice if the users do not have to authenticate twice. Will require a reverse proxy, e.g. TMG (what is discontinued) or similar.
  Hope it helps,
  Lutz

• Yammer Integration with SharePoint 2010

  Hello Team
  We integrated Yammer with SharePoint 2010 and everything were working properly, since we updated embeded code with latest yammer its not working properly-
  http://success.yammer.com/integrations/yammer-embed/ 
  Following issues are occured-
  • In the new yammer feed, I couldn’t find a way to add an attachment or photo to the post. This is a vital component to the functionality of the feed
  • In the previous version the feed also had tabbed areas to show different Yammer Areas: ‘My Feed’, ‘Private Messages’, ‘Notifications’, and ‘More >’. Is there any way to keep this functionality.
  We also wanted to integrate SSO with our FBA SharePoint 2010 site. But could not found any good article so far. Is there any option by which we can do SSO and all above functionlaity. 
  Thanks Ranveer Katiyar

  Hi,
  According to your description, my understanding is that when you add the Yammer feeds app to SharePoint page, it occurs "The
  page or app using unsupported version of yammer platform" error.
  This  maybe related to the Yammer API version has been updated, the solution is to update the Yammer app in site contents.
  Here is a similiar thread for your reference:
  Yammer App for SharePoint – unsupported version
  Here is a detailed useful article for your reference:
  "This page or app is using an unsupported version of the Yammer platform" error message when you use the Yammer App for SharePoint
  If the issue still exists, I suggest you can check the ULS log error message for more detailed information. By default, the ULS log for SharePoint 2010 is located at the path:
  C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\LOGS
  Thanks
  Best Regards
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• Collaborate on Excel workbooks with Sharepoint Foundation

  My company recently implemented SharePoint Foundation 2013 and our shared Excel workbooks are no longer allowing multiple users to collaborate at the same time. We have verified that all the settings and permissions are correct and that checking in and
  checking out is not required. Is this something that is not available with SharePoint Foundation? We are using Office 2013 installed on the clients, not Office online. Thank you.

  Co-authoring of Excel workbooks is only supported when all the editors are using the Excel web application, not the Excel client application.
  From
  Microsoft's overview of co-authoring in SharePoint 2013:
  >"Co-authoring is easy to use from the end user’s point of view. When a user wants to work on a document in Word 2013, PowerPoint 2013, OneNote 2013, Visio 2013 or one of the Office Web Apps, he or she merely opens it from SharePoint 2013 or SharePoint
  Online, as usual. If another user already has the document open, both users can edit the document at the same time.
  One exception to this is that users can co-author in Excel Web App only if everyone uses the Excel Web App to access the workbook. If anyone uses Excel 2013 or Excel 2010 (the client application)
  to access the workbook, co-authoring in Excel Web App will be disabled for that workbook while it is open in the client application."
  >"The Excel 2013 client application does not support co-authoring workbooks in SharePoint 2013 or SharePoint Online. But, the Excel client application uses the Shared Workbook feature to support non-real-time co-authoring workbooks that are stored
  locally or on network (UNC) paths."

• Using Office Web Apps Server with SharePoint Foundation 2013

  I want to know whether I can configure Office Web Apps server to edit Excel documents on a SharePoint Foundation 2013 site.
  I came across a TechNet article that states that "When used together with SharePoint Server 2013, Office Web Apps Server provides updated versions of Word Web App, Excel Web App, PowerPoint Web App, and OneNote Web App".
  However, later in the same article, it states "If your organization licenses Office 2013 through a Volume Licensing program, you can enable Office Web Apps editing for SharePoint 2013 on-premises" (without mentioning Foundation or Server).

  Hi Lemesnil,
  The Office Web App server should support the Edit licenses for SharePoin Foundation 2013, Office Web App is free to
  download, you can also try installing and configuring in a test environment, see more from the below article applied to SharePoint Foundation 2013.
  http://support.microsoft.com/kb/2886404/en-us
  http://blogs.technet.com/b/speschka/archive/2012/12/31/enabling-licensing-and-editing-for-office-web-apps-in-sharepoint-2013.aspx
  Anohter useful article aobut how to license Office Web App server, you can take a look.
  http://blogs.technet.com/b/volume-licensing/archive/2013/05/22/how-to-license-office-web-apps-server.aspx
  Thanks
  Daniel Yang
  TechNet Community Support

• 10g - how to configure sso with iis-

  hi, experts, I have followed Oracle® Business Intelligence Enterprise Edition Deployment Guide to configure SSO with IIS.
  but I always meet this message.
  Not Logged In
  You are not currently logged in to the Oracle BI Server.
  If you have already logged in, your connection might have timed out, or a communications or server error may have occurred
  what steps are missing?
  how to check?

  hi, experts,
  I checked C:\OracleBIData\web\log\sawlog0.log on the obi server (windows server 2003 standard).
  at Thu Feb 17 14:48:46 2011 , I logined OBI on another machine (not via the browser on the obi server).
  however, the log shows the login user is the administrator of the obiserver (obiserver\administrator ).
  any setup on IIS are wrong? thank you very much!
  =========================================================================================
  Running job 'MinutelyMonitor' took 7422 milliseconds, 12.3% of job's frequency (60 seconds).
  Type: Error
  Severity: 40
  Time: Thu Feb 17 14:48:46 2011
  File: project/webodbcaccess/odbcconnectionimpl.cpp Line: 371
  Properties: ConnId-1,1;ThreadID-1796
  Location:
       saw.odbc.connection.open
       saw.connectionPool.getConnection
       saw.subsystem.security.checkAuthenticationImpl
       saw.threadPool
       saw.threads
  Odbc driver returned an error (SQLDriverConnectW).
  State: 08004. Code: 10018. [NQODBC] [SQL_STATE: 08004] [nQSError: 10018] Access for the requested connection is refused.
  [nQSError: 43001] Authentication failed for obiserver\administrator in repository Star: invalid user/password. (08004)
  Type: Error
  Severity: 42
  Time: Thu Feb 17 14:48:46 2011
  File: project/webconnect/connection.cpp Line: 276
  Properties: ThreadID-1796
  Location:
       saw.connectionPool.getConnection
       saw.subsystem.security.checkAuthenticationImpl
       saw.threadPool
       saw.threads
  Authentication Failure.
  Odbc driver returned an error (SQLDriverConnectW).
  ---------------------------------------

• SSO with Logon Ticket to non-SAP Unix based application

  Hi all,
  Anyone has implemented SSO with Logon Ticket to a Unix box ?
  We need to achieve Single Sign On between our EP5.0 SP5 Portal and a third-party web application with a front-end on a Unix AIX machine with Apache.
  We achieved SSO with non-SAP applications with Logon Tickets, but one was to an IIS system in another domain (we therefore used the standard Web Filter for IIS and declared it in usermanagement for cross-domain support) and another one running on Windows platform (we used the C libraries provided in the "Logon Ticket Toolkit": NT or Linux only).
  From what we understand and found on the web sites, we cannot reuse any standard web filter (none for Unix, am I correct ???) and want to implement custom code using SAP libraries, if possible using Java
  -> Are there any Java libraries that are available to both:
  . verify the logon ticket with the deployed Portal public key
  . decrypt/extract the authenticated username from this ticket ??
  I've seen a mention of Java libraries, and Unix, in a SAP EP 6.0 document but I'm not sure where to find them...
  Is the SAP Logon Ticket issued the same way in EP 5.0 and EP 6.0 ?
  I managed to find something called SAPSSOEXT, for AIX, which contains some partial library and a sample, but it is dated 2000 !! Anyone has more information about this ?
  Any hint is very much appreciated.
  Thanks a lot
  Olivier

  Check these links for reference regarding AIX and Apache using X.509 certificates:
  http://publib16.boulder.ibm.com/pseries/en_US/aixbman/security/cas_pki.htm
  And just using cookies -
  http://forums.devshed.com/archive/t-105611 (perl based)
  You can also use mod_ssl built into your Apache to facilitate both certificate based authentication as well as encryption.
  The mod_ssl route is most secure (because of the encryption), the IBM link is comprehensive but requires extra infrastructure (LDAP).
  Nick
  Nick

• SSO with KRB/ADS on Enterprise Portal 7

  Dear All
  while i am trying to configure SSO with KRB/ADS on Enterprise Portal 7 i am getting this on the trace file..completed the configuration through SpNego and when i try to log in its promting for user name password..
  i have attched the trace file extract for  your advice..
  Regards
  Buddhike
  #1.5 #001CC45E6DA0008000000004000054FC00044F76844D9013#1213270351029#com.sap.engine.services.security.authentication.logincontext#
  sap.com/com.sap.security.core.admin
  #com.sap.engine.services.security.authentication.logincontext#Guest#0####3e642d50387311ddc2a0001cc45e6da0#Thread[Thread-110,5,SAPEngine_Application_Thread[impl:3]_Group]#
  #0#0#Error#1#/System/Security/Authentication#Plain###
  LOGIN.FAILED User:N/A Authentication Stack:com.sun.security.jgss.accept
  *Login Module                                                               Flag        Initialize  Login      Commit     Abort      Details*1. com.sun.security.auth.module.Krb5LoginModule                            OPTIONAL    ok          exception             false      null#
  #1.5 #001CC45E6DA0006E00000029000054FC00044F76844D95C5#1213270351029#com.sap.engine.services.security.authentication.loginmodule.spnego.SPNegoLoginModule#sap.com/com.sap.security.core.admin#com.sap.engine.services.security.authentication.loginmodule.spnego.SPNegoLoginModule#Guest#0####3e669e50387311dda053001cc45e6da0#SAPEngine_Application_Thread[impl:3]_2##0#0#Error##Java###Acquiring credentials for realm KEELLS.INT failed
  [EXCEPTION]
  #1#GSSException: No valid credentials provided (Mechanism level: Attempt to obtain new ACCEPT credentials failed!)     at sun.security.jgss.krb5.Krb5AcceptCredential.getKeyFromSubject(Krb5AcceptCredential.java:189)
       at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Krb5AcceptCredential.java:80)
       at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:75)
       at sun.security.jgss.GSSManagerImpl.getCredentialElement(GSSManagerImpl.java:149)
       at sun.security.jgss.GSSCredentialImpl.add(GSSCredentialImpl.java:334)
       at sun.security.jgss.GSSCredentialImpl.<init>(GSSCredentialImpl.java:44)
       at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
       at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentialsInCurrentThread(ConfigurationHelper.java:236)
       at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:29)
       at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:337)
  Caused by: com.sap.engine.services.security.exceptions.BaseLoginException: Access Denied.     at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:297)
       at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:324)
       at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
       at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
       at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
       at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
       at sun.security.jgss.LoginUtility.run(LoginUtility.java:57)
       at java.security.AccessController.doPrivileged(Native Method)
       at sun.security.jgss.krb5.Krb5AcceptCredential.getKeyFromSubject(Krb5AcceptCredential.java:186)
       ... 9 more
  Caused by: com.sap.engine.services.security.exceptions.BaseSecurityException: Internal server error. An error log with ID [001CC45E6DA0008000000001000054FC00044F76844D8A3F] is created. For more information contact your system administrator.
       at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:156)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:181)
       ... 23 more

  Hi,
  please check if the options defined in the KRB5LoginModule are correct.
  First of all check for the option prinicpal. Did you provide this option and also provided the correct value?
  This error often occurs if you provided a wrong value for option prinicpal
  Cheers

• SSO with ITS & Webenabling WEBGui

  Hello,
  We have configured SSO with R/3 system. It works fine.
  The requirement is, we have to webenable R/3 system thru SAP GUI For Windows and SAP GUI For HTML.
  We are able to do both on developement environment where both R/3 and portal has got the same host names.
  But in the qa environment, we are able to webenable R/3 with SAP GUI For Windows and the SSO also works fine. But when we try to using SAP GUI For Html, it asks for the username and pwd again. Here the portal and R/3 has different host names.
  Otherwise the settings in dev and test are exactly the same. Has anybody got a clue why is it not working?
  Regards,
  Rukmani

  Hi all,
  it is always good to start with a good checklist. Here is probably the best one: https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/documents/a1-8-4/sso checklist.html
  My suggestion is: do not skip even simple steps, sometimes problem appears there
  Regards,
  Pavol

• SSO with EP 6.0 and R/3 as backened not working

  Hi , 
      I am implementing ESS in EP 6.0 and r/3 4.7c as backend. SSO is working with UIPWD. but when I try with LogonTickets it does not work.
  I tried with ordinary SAP transaction SSO with logon tickets works. But through ITS if I call a ESS transaction service It asks me for login user and password.
  What are the setting to be done in ITS for SSO towork. I have set the parameter
  msapcomusesso2cookie = 1 in the global.svrc file.
  I do not know what is wrong. Please help.
  Regards,
  Ramesh

  Hi,
    I am using a standalone ITS for a R/3 4.7 system.
  How should I maintain a FQDN for ITS?
  You are right,
  now it is not of the format hostname.domain.com:port format. It is of the format hostname:port.
  But where should I change this format. The host name of the system where the ITS is setup is <hostname> only.
  can you please tell me as to where should I maintain the FQDN as the specific format you suggested.
  Regards,
  Ramesh

• SSO with SAP logon tickets to non-SAP web app

  I am trying to implement SSO to an oracle portal based web application using SAP logon tickets, but can't seem to find a way for it to work.  I thought maybe it would be a web server filter, but am unsure if this would work for oracle portal.  Anyone tried similar?
  Cindy

  Hi Cindy,
  If it is EP6 SP2 probably you can checkout the following document.
  http://service.sap.com/ep60
  Go to Documentation Help>How-To-Guides>Current How To Guides section.
  checkout the following how to guide.
  Perform Cross Domain SSO with SAP Logon tickets zip file.
  If you want the zip file please send an e-mail to
  [email protected]
  Regards
  -Venkat Malempati

• SSO with XI 3.1

  I have BO XI 3.1 SP3 installed on a Windows 2008 4 bit server. I enabled SSO with Tomcat, it is working but not all the times.
  I configured SSO, when users go to Infoview it dosen't prompt them for user credentials but this is not happening all the time. I would say 50% it doesn't, 50% it does prompt, it is not consistent. Any one has seen this problem.
  Thanks.

  What documentatin are you using, also what are the desktop OS's? SSO occurs on the client workstation and when intermittent issues occur usually it's the client however their are some best practices that are in the current documentation. KB 1483762 should be used if possible.
  Regards,
  Tim

• SharePoint 2010 search webservices compatibility with SharePoint 2013

  Please let us know whether the SharePoint 2010 search webservice is compatible with SharePoint 2013.
  When we try to hit the SharePoint 2013 search service with the query developed in the Sharepoint 2010 , we are getting "System.Not supported" exception as response from server.
  Below is the search query we are using:
  "<soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">"
              + "<soap:Body>"
              + "<Query xmlns=\"urn:Microsoft.Search\">"
              + "<queryXml>"
              + "&lt;QueryPacket xmlns=\"urn:Microsoft.Search.Query\"&gt;"
              + "&lt;Query&gt;"
              + "&lt;Range&gt;&lt;StartAt&gt;1&lt;/StartAt&gt;&lt;Count&gt;50&lt;/Count&gt;&lt;/Range&gt;"
              + "&lt;SupportedFormats&gt;"
              + "&lt;Format&gt;urn:Microsoft.Search.Response.Document:Document&lt;/Format&gt;"
              + "&lt;/SupportedFormats&gt;"
              + "&lt;Context&gt;"
              + "&lt;QueryText type=\"MSSQLFT\"&gt; SELECT fileName,Title,Path,Write,SiteName,URL,FileExtension,isDocument,contentClass FROM scope() WHERE CONTAINS(Path, SITE_PORT)
  and (contentClass = 'STS_Web' OR contentClass = 'STS_ListItem_DocumentLibrary' OR contentClass = 'STS_List_DocumentLibrary') ORDER BY lastModifiedTime DESC &lt;/QueryText&gt;"
              + "&lt;/Context&gt;"
              + "&lt;/Query&gt;"
              + "&lt;/QueryPacket&gt;"
              + "</queryXml>"
              + "</Query>"
              + "</soap:Body>"
              + "</soap:Envelope>";
  Please  help

  Hi Raghuramk,
  is the web service is a search query web service? if yes, i suppose sharepoint 2013 already deprecated,
  Search Query web service
  Description: The Search Query web service is deprecated in SharePoint 2013.
  In SharePoint Server 2010, the Search Query web service exposes the SharePoint Enterprise Search capabilities to client applications. This enables you to access search results from client and web applications outside the context of a SharePoint site.
  Reason for change: The Search Query web service is deprecated because the client object model (CSOM) and a new REST-based web service are available for developing Office-wide extensibility scenarios. The CSOM exposes the same functionality
  as the Search Query web service, and a larger set of functionality for stand-alone client applications.
  http://technet.microsoft.com/en-us/library/ff607742.aspx#section2
  Regards,
  Aries
  Microsoft Online Community Support
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.