Clik here to view.
Re: SSO with IE to NW ABAP 7.31 with SAML 2.0 and ADFS
I just got mine to work too. I also had to reimport my metadata.xml a second time. Curious .... when you go to SICF to enable a Service (ie NWBC), you select the [Alternate Logon Procedure] and then...
View ArticleRe: ADFS/SAML 2.0 for ABAP AS - Java needed?
I'm glad to hear that - especially that you've managed to configure everything without external help.It proofs that it's less complicated than most fellows are afraid of.Yes, SAML 2.0 is powerful and...
View ArticleClik here to view.
Re: SSO with IE to NW ABAP 7.31 with SAML 2.0 and ADFS
Hi Richard, i also first tested to move SAML Logon up, but i end up with standard configuration at the moment.SAML is active because from a superordinate node SAML 2.0 is inherited. btw. did you add...
View ArticleRe: ADFS/SAML 2.0 for ABAP AS - Java needed?
Hello Richard, Just a small clarification:SAP offers SAML Identity Provider as part of these two products:SAP Single Sign-On (license required)SAP Identity Management (license required)The SAP SAML...
View ArticleRe: SSO with IE to NW ABAP 7.31 with SAML 2.0 and ADFS
Nope. I didn't use IntegratedWindowsAuthentication in my config. The one thing that I did that was not in the guides: I added a Default Path to my ACS. Local Provider > Service Provider Settings...
View ArticleRe: SPnego on ABAP -- SICF services - Alternative Logon Procedure
Hey Thomas, for me, on 731 SP07, we ended up not messing with any of that, and taking the default "Standard" procedure. Like I said in my original post, you could change these for a CRM system:...
View ArticleRe: ADFS/SAML 2.0 for ABAP AS - Java needed?
Thanks Donka. You have touched on the core of my confusion that led to this thread. Can we take this one step further to really understand your statement? Our implementation partner for the GRC...
View ArticlePassword Expiration and SSO AD/Sapgui
Hello!!!!!I had set SSO between AD and SAPGUI (ERP systems), our parameters ood password expiration are inactive but we want to set the following values: login/password_max_idle_initial =...
View ArticlePassword Manager - what if you forget both master and security questions???
SCN pals, BACKGROUNDWe have SAP Password Manager 2.0 SP 3.We are on Windows7 enterprise SP1 on both 32bit and 64bit OS.We have IE9 as our primary browser.I have read the SAP Password manager guide...
View ArticleRe: Password Expiration and SSO AD/Sapgui
Hey AnDy, You need this parameter: login/password_change_for_SSO = 0 You can set "on the fly" in RZ11 and permanently in RZ10 DEFAULT.PFL NICK
View ArticleRe: ADFS/SAML 2.0 for ABAP AS - Java needed?
Hello Team It is very nice and simply explain blog. Kudos !!! Apparently, I have SAML configured with FIORI using Siteminder IdP. I would say, the configuration part is very easy and quick. But we...
View ArticleRe: ADFS/SAML 2.0 for ABAP AS - Java needed?
Hello Richard, The note, mentioned by you, describes an SSO implementation based on SAP SSO ticket. Please, find a document regarding SAML for Fiori Apps: Using SAML 2.0 Authentication to Access Fiori...
View ArticleRe: Password Manager - what if you forget both master and security questions???
Hello Nick, You are right. Personal data is stored by Password Manager in a data storage directory. You can read more about that in the "Data Storage Security" section of the Password Manager guide....
View ArticleRe: Password Manager - what if you forget both master and security questions???
Thanks Lyubomir , that is exactly what I needed to know. I tried and sure enough, that works! --Nick
View ArticleRe: SSO for Single Fiori & Multiple ECC systems
Amer, Does the PC for the JV Company have the secure login client installed? You can use the secure login client to also confirm the correct AD userID/pass for the JV company. Try that and see what...
View ArticleRe: ADFS/SAML 2.0 for ABAP AS - Java needed?
Santosh Lad wrote:But we have been struggling to get the best setup for Timeout across the environment such like 1. Timeout for SM Sessions between Siteminder and FIORI Gateway2. Timeout for...
View ArticleRe: SSO for Single Fiori & Multiple ECC systems
The technical user which represents the ABAP system (in your case: "SL-USER") needs to reside in every user domain (in your case: "ABC.COM" and "XYZ.COM") and a service principal name (SPN) needs to be...
View ArticleRe: SPnego on ABAP -- SICF services - Alternative Logon Procedure
Clear answer: no you should not - you should stay with "Standard".We've intentionally added "SPNego" to the list of "Standard" logon mechanisms.Once you've chosen to use "Alternative" you'll not...
View ArticleRe: GSS-API(maj): No credentials were supplied Unable to establish the security
Hi Diana,I have the same problema with multiple domains, I think!BR and bowieresources are UPN? is the domain that to needed different? best regards, Yorleni
View ArticleRe: SSO not working when VMC is activated
The incident is on "customer action" since July 10th.It seems that you are using an outdated SNC library version.The current processor has requested to update the library and to create traces if the...
View Article