SSO 2.0 SP04 Assistance
Dear Guru, We have been trying to configure Secure Login Client (SSO 2.0 SP04). Upon installation of the Secure Login Client, we were able to acquire Kerberos Tokens, but none for SPNEGO (X.509...
View ArticleRe: SSO 2.0 SP04 Assistance
Hello 1. Check SLC and SLS traces file (after reproducing the issue)? If you can't identify root cause, you can attach the logs here. 2. Which version of NWSSO you're currently using (SP and PL from...
View ArticleRe: SSO 2.0 SP04 Assistance
Hello, this type of error is typical a misconfiguration on the Domain setup :Please check with tools like setspn -q and klist : 1. The service principal name has correct format like HTTP/<Service...
View ArticleRe: SSO 2.0 SP04 Assistance
Hi Tapan, Thank you for the response. (1) Below are the entries (complete) from the SLC trace file. ----------------------------------------------------------------------------Version :...
View ArticleRe: SSO 2.0 SP04 Assistance
Hi Alexander, Thank you for the response. We already double checked on the following. (1)SPN format is correct (2)SPNEGO configuration is green (3)No duplicate SPN As for the trace file, we...
View ArticleRe: SSO 2.0 SP04 Assistance
Hello, unfortunately the trace is too short and does not contain the Kerberos request.I want to see if the client gets a Kerberos ticket or not for the given Service.Could you please make a developer...
View ArticleRe: SSO 2.0 SP04 Assistance
Hi Alexander, Thank you for the tip, please see developer trace below. It seems to be looking for a missing base.xml, which when I confirmed was really missing. Please advise. Thank you. [2014.11.26...
View ArticleClik here to view.
Unable to Start Up ABAP Instance due to snc/enable=1
Hi All, I'm having some issue on starting my ABAP instance due to tryout of the SSO.the error as such how do I configure this credential SAPKerberosABC in my ABAP instance?My environment is ECC6 EPH7,...
View ArticleRe: Unable to Start Up ABAP Instance due to snc/enable=1
Hi Ura, To disable parameter snc/enable = 0 try to search under profile at OS level and change the value from 1 to 0.Share the results after re check if any. Regards,Gaurav
View ArticleRe: SSO 2.0 SP04 Assistance
Hello You can check sap note: 1996839 - Configuration Files for SNC on CommonCryptoLib Cheers,Tapan
View ArticleRe: Unable to Start Up ABAP Instance due to snc/enable=1
Hi Ura, Hope you are doing good. I think I know what the issue is. Are you using SSO encryption? If not, could you please set the parameter snc/data_protection/min to 1 and see if the issue persists?...
View ArticleRe: SSO 2.0 SP04 Assistance
Hello, please ignore the missing base.xml/pkcs11.xml files in the trace. This is a false positive (its not needed), the Secure Login Client installations is fine and complete.The SAP note is for a...
View ArticleRe: SSO 2.0 SP04 Assistance
Hi Alexander, As seen in the logs, I am getting lines such as like "got kerberos ticket for 'HTTP/sapsecu01.maynilad.com.ph" in the traces. I have also checked for duplicates of SPN but there are none,...
View ArticleRe: SSO 2.0 SP04 Assistance
Hello, this means that the AS Java can not verify the SPNEGO token send by the client. Please check the SPNEGO configuration. You can use the troubleshooting wizard to get a clue what is going wrong....
View ArticleRe: Unable to Start Up ABAP Instance due to snc/enable=1
Did you set you SECUDIR environment to $(DIR_INSTANCE)/sec? **If you are using SAP NW AS ABAP 7.0, you need to set the environment variable <SECUDIR> to $(DIR_INSTANCE)/sec. Otherwise SAP NW AS...
View ArticleRe: Unable to Start Up ABAP Instance due to snc/enable=1
Hi Ura, the Server SNC Name you configure is: "p:CN=CN=SAP..."Actually it should be "p:CN=SAP..."You have one "CN=" too much. KRValerie
View ArticleRe: SSO 2.0 SP04 Assistance
Hello In addition to capturing Security Troubleshooting Wizard trace, also capture HTTPWatch trace.Install the free basic edition of Httpwatch that can be downloaded from:...
View ArticleIs it possible to use SSO between web browser and ABAP without SSO 1 and sso...
Hallo Is it possible to use any of SSO methods between web browser from desktop or android mobile device and ABAP without product SSO 1 and sso 2 installed?
View ArticleRe: SSO 2.0 SP04 Assistance
Hi Alexander, I have already checked on the pitfalls that you have mentioned. Except for the last one, are you referring to the service user or a common user? (user mapping with mapping mode Principal...
View ArticleRe: SSO 2.0 SP04 Assistance
Hello, if you have user mapping with mapping mode Principal and Realm, and source ADS Data Source, then each authentication user must be a valid user in the UME. Do you have bind the UME to the same...
View Article