Quantcast
Channel: SCN: Message List - SAP Single Sign-On
Viewing all 2732 articles
Browse latest View live

Re: Secure Login Administration Console

November 20, 2014, 3:57 am
$
0
0

Hi Sam,

 

How did you enabled the https on the server.

 

Thanks,

Abdul

Search

SAP GUI SSO with MSADS

November 20, 2014, 7:28 am
$
0
0

Hi,

We have ECC 6.0 on NW 7.31 on Linux platform. End-users use Windows 7 and SAP Gui to login to ECC. At present users log-into their desktops and then again login to SAP though GUI using there respective passwords.

I am looking for some solution to configure SSO on SAP Gui with MSADS. So that once the user logs on the desktop, he does not have to re-authenticate on sap gui to connect ECC. I want some solution where we don't have to install any tool/library on user desktop and there is minimum foot prints on user machines.

I heard that NW 7.31 SP-15, SAP Gui can have SSO with MSADS using SPNEGO etc.

Please suggest some solution.

 

Thanks

Vik

Re: SAP GUI SSO with MSADS

November 20, 2014, 7:41 am
$
0
0

If you don't want to install anything on users workstations, you can use web browser and logon to Web GUI or NWBC instead of using SAP GUI for Windows.

 

Normally SSO for SAP GUI for Windows is implemented using SNC libraries, where a library needs to be installed on both the workstation and the servers where ABAP application servers are running. For Web GUI and NWBC there is no need to install anything on workstations since you can setup SSO with just server side changes.

 

Thanks

Tim

Re: SAP GUI SSO with MSADS

November 20, 2014, 8:48 am
$
0
0

Hi Vik,

 

we have a lot of content available at http://scn.sap.com/community/sso , including overview documents and videos. Looking at your request SPNEGO- / Kerberos-based SSO for Internet Explorer would be an option, or the Secure Login Web Client for SAP GUI for Windows.

 

Best regards,

Christian

Re: Assistance with SingleSignOn for BusinessObjects BI Platform 4.0

November 20, 2014, 10:55 am
$
0
0

Thank you, Mike.  Glad you got it working!

Re: Assistance with SingleSignOn for BusinessObjects BI Platform 4.0

November 20, 2014, 10:58 am
$
0
0

Dimitar:

 

That is good to know.  I may go that direction if I can not get this working.

 

Thank you!

Mary

Re: Assistance with SingleSignOn for BusinessObjects BI Platform 4.0

November 20, 2014, 11:14 am
$
0
0

Tim A:

 

I received an email response from you concerning this but I don't see it here.

 

My response:  Yes, if you would please.  It would be greatly appreciated.

 

Thanks,

Mary

Re: Assistance with SingleSignOn for BusinessObjects BI Platform 4.0

November 20, 2014, 11:53 am
$
0
0

You cannot see my response since it was removed by a moderator :-( They didn't like me saying I can help without giving any specific details.

Search

Re: How to trace browser logon process (ABAP, SPNEGO, SNC)

November 20, 2014, 2:24 pm
$
0
0

Sure. Use report SEC_TRACE_ANALYZER.

 

Its functionality is described for instance in note 1732610 or note 1688545.

 

It's a small report that integrates ICF http user tracing, ICM traces and the ICF Recorder in one tool to avoid clicking over and over.

Re: How to trace browser logon process (ABAP, SPNEGO, SNC)

November 20, 2014, 10:17 pm
$
0
0

Just what I needed - thanks a lot :-)

Best regards

Peter Michael

Re: Assistance with SingleSignOn for BusinessObjects BI Platform 4.0

November 21, 2014, 1:29 am
$
0
0

If you already have an AS Java 7.30 (or higher) system then you can simply install the BI Platform on it.

 

Regards,

 

Dimitar

JCo connector connection test is failing in all Portal systems

November 21, 2014, 7:28 am
$
0
0

Hi,

We are getting the error in JCO connector connection test. The first and second connection test i.e. SAP WEB AS connection& ITS connection are working fine but the third connection test->connection test for connector is failing in all the EP system.

 

in the test result its showing Connection failed. Make sure SSO is configured correctly.

 

We tried all the possible solutions modifying object details checking in portal, re-configuring SSO but nothing works.

 

Also we tried checking the error in DIAG tool as per sap Note. but the diag tool doesn't give any specific logs for this particular error.

 

The error that we get in dev_jrfc.trc when we do the connection test is-

 

Error> occured  >Fri Nov 21 20:17:31,982<    >RfcGetException rc (7) message: Name or password is incorrect (repeat logon)

<RfcGetException

 

 

 

Important Point to note:

The logon method that we use in the object is "SAPLOGONTICKET" when we change this to "UIDPW" and maintain the user details in user administration for this connection ,the connection test seems to work fine. but we cannot proceed with UIDPW option.

 

Now the issue stands here that we are not getting which user is maintained and where it is maintained when we use the logon method SAPLOGONTICKET in object details.

 

Please advice and help us on this as due to this our production EP migration is getting delayed, it is a big show stopper and issue needs to be fixed immediately.

 

Thanks & Regard,

Rajdeep

Re: Secure Login Web Client - SPNegoLoginModule

November 22, 2014, 8:29 am
$
0
0

hi samuli,

 

Please tell me the procedure for configuring the Secure Login Webclient.for AS ABAP systems. we are going to configure SAP NW SSO using x509 certification method.

 

i read the configuration document but in that not explained clearly.

 

one more question is

if the user login with the URL with his AD/ID then it will prompt to the SAPGUI or not

 

 

Please help me

Re: JCo connector connection test is failing in all Portal systems

November 24, 2014, 4:59 am
$
0
0

Dear Safter,

If i change the connection details LOGON Method from SAPLOGONTICKET to UIDPW in connector details & maintain some UID/PWD it works fine.The Joc connector test only fails with SAPLOGONTICKET logon method with error "Name or password incorrect".It has got to be doing some thing with any UID/PWD.So i just want to know where is this UID/PWD maintained in case of SAPLOGONTICKET just like for UIDPW the UID/PWD is maintained in user administration->identity management.

 

Thanks & Regards,

Rajdeep

Re: JCo connector connection test is failing in all Portal systems

November 24, 2014, 5:20 am
$
0
0

Hi again,

 

if you wanna use SAPLOGONTICKET, than you need to complate sso configuration on SAP ECC, you may make a research on t-code STRUSTSSO2 , this transaction provides configuration sso between systems,

 

NOTE :  SAPLOGONTICKET needs some userId's at both systems;

 

options

1- you should use abap stack as user data source.

2- you should use some userID's at Java stacj& Abap stack

3- if user sources are sperated and userID's are different : you should map users(Thats mean using UID/PWD. Ex : goto User Admin. select a user, goto select user-mapping for sys. access tab and enter mapped user informations.

 

Best regards.

Search

Re: JCo connector connection test is failing in all Portal systems

November 24, 2014, 5:22 am
$
0
0

Hello Rajdeep,

 

If  you are trying to test JCo connector in Web dynpro administrator , then try logging to the backend from the Id which you tried to login in Portal.Your Id must be locked at backend.

 

 

Regards,
Am

Re: JCo connector connection test is failing in all Portal systems

November 24, 2014, 10:38 am
$
0
0

Dear Safter,

I have already done the strustsso2 certificate exchange to configure SSO. Even to resolve this issue I have tried re-installing the certificate again on both side but still getting the same error.Even SSO2 transaction is also showing fine in both the ABAP side as well as in EP..

 

regarding the option you mentioned.

1.the ECC system connected to EP is the source UME for the EP so we are using the same UID and PWD at both ECC and EP.

2.Thats what exactly i am trying for where to maintain this user ID in case of SAPLOGONTICKET.

 

Thanks & Regards,

Rajdeep

Re: JCo connector connection test is failing in all Portal systems

November 24, 2014, 10:42 am
$
0
0

Dear Am,

I was trying to check it from irj/portal->system administration->system configuration->system landscape.

But even from Webdynpro tool its showing the same error.

I have tried logging in from different user and checking but all are showing the same error of "name or password incorrect" & these UIDs are not locked in backed ECC system.

 

this error in connection test is occurring for all the JAVA and DUAL STACK system connection in whole landscape with this same error for all systems. :-(

 

Thanks & Regards,

Rajdeep

Re: SSO (MSAD PKI) X.509 certificate attributes for user mapping in Secure Login Client

November 24, 2014, 6:20 pm
$
0
0

Hi Stanislaw

 

As far as I know VUSREXTID is the only option for mapping certificates when on NW701.

Later releases allow for mapping of certificates against other attributes i.e. alternative name. This is what we use with certs issued by SAPSSO 2.0.

 

Rule-Based Certificate Mapping (Transaction CERTRULE)

https://help.sap.com/saphelp_nw74/helpdata/en/c8/30fd902dc8473b9e59db1576cc784b/frameset.htm 

login/certificate_mapping_rulebased = 1

 

Rule-Based Certificate Mapping.png

Not the answer your are after, but hope it helps.

 

Rgrds
Craig

Re: SSO (MSAD PKI) X.509 certificate attributes for user mapping in Secure Login Client

November 24, 2014, 11:25 pm
$
0
0

Thanks a lot, Craig. I'm aware of CERTRULE tcode and it's functionality and sadly, as you've mentioned, NW701 is too low to get my hands on it... Rule-Based Certificate Mapping should be available as a BASIS component upgrade rather then bumping the whole EHP, but it's just me complaining.

 

Thanks ones again.

Viewing all 2732 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>