Scribd Logo
Upload

Welcome to Scribd!

  • Unable To Access Logon Page LDAP

    Uploaded by

    andersomwss
    74 views2 pages
    Portal runtime error when calling the logon page in the browser. The problem occurs when the portal uses an 'anonymous' user as logon ID. If more than one user with the same logon ID exists, logon page cannot be called.

    Original Description:

    Original Title

    Unable to Access Logon Page LDAP

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Portal runtime error when calling the logon page in the browser. The problem occurs when the portal uses an 'anonymous' user as logon ID. If more than one user with the same logon ID exists, logon page cannot be called.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    74 views2 pages

    Unable To Access Logon Page LDAP

    Uploaded by

    andersomwss
    Portal runtime error when calling the logon page in the browser. The problem occurs when the portal uses an 'anonymous' user as logon ID. If more than one user with the same logon ID exists, logon page cannot be called.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    SAP Note

    Page 1 of 2

    Back

    SAP Note Number: 728075 EP 6.0: Unable to access logon page


    Version: 14, Note Language: EN, Released on: 25.10.2005 Symptom
    Portal runtime error when calling the logon page in the browser

    Other terms
    iView Error, authentication, logon, LDAP, datasource, log in, login, data source

    Reason and Prerequisites


    One of the following situations apply: 1) Anonymous user definition You have configured the portal to use two user management data sources, for example a database and a LDAP directory. On both data sources there are users with 'anonymous' as logon ID (the logon ID is defined by the j_user attribute in the data source configuration), and the parameter Pcd.Gl.PermissionCheck = true is set in /WEBINF/portal/system/pcd/pcdStartup.installer.properties or usr/sap/global/config/pcd/pcdStartup.installer.properties (depending on the patch level). 2) Parameter ume.login.anonymous_user.mode The parameters ume.login.anonymous_user.mode = 0 is set in the usermanagement configuration under System Administration -> System Configuration -> UM Configuration-> Direct Editing and in the file system the parameter Pcd.Gl.PermissionCheck = true is set in /WEB-INF/portal/system/pcd/pcdStartup.installer.properties or usr/sap/global/config/pcd/pcdStartup.installer.properties (depending on the patch level).

    Solution
    1) Anonymous user definition If the Permission check is set to true the portal uses per default a service user whose login ID (j_user) is equal to 'anonymous' for the logon page. If more than one user with the same logon ID exist, the logon page cannot be called. You can use any of the following possibilities to resolve the problem: Delete the 'anonymous' user from one of the data sources. Caution: The 'anonymous' user in the portal database is recreated after deletion during the next restart of the J2EE Engine. Therefore deleting the 'anonymous' user from the database does not resolve the problem. Specify a different anonymous user for the logon page as follows: 1. To be able to log on to the portal, follow the procedure described in note 713210. 2. Log on to the portal and navigate to User Administration -> Users. 3. Create a new user with unique attributes. Do not assign any roles to this user. 4. Choose System Administration -> System Configuration -> UM Configuration-> Direct Editing and change the following properties: ume. login.guest_user.uniqueids=<add uid of new anonymous user> ume. login.guest_user.defaultid=<uid of new anonymous user> 5. Change the ACL settings back as described in note 713210. 6. Restart the J2EE Engine. If you are using NetWeaver '04 with database and LDAP directory as data sources, you can prevent the anonymous user from being read from the LDAP directory as follows: 1. Start the J2EE Engine Config Tool. 2. Choose UME LDAP Data. 3. On the 'Additional LDAP Properties' tab, add the 'anonymous' user to the blocked users: ume.ldap. blocked_users(global)=Administrator,Guest,anonymous ume.ldap. blocked_accounts(global)=Administrator,Guest,anonymous 2) Parameter ume.login.anonymous_user.mode

    https://websmp202.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=...

    26/1/2006

    SAP Note

    Page 2 of 2

    If the Permission check is set to true the portal logon page needs a named service user for the ACL permissions checks. In order to make this named user available to the logon page, set ume.login.anonymous_user.mode = 1

    Released on Priority Category Primary Component Secondary Components

    25.10.2005 Correction with medium priority Installation information EP-PIN-SEC-AUTH EP-PIN EP-PIN-USM BC-JAS-SEC-UME

    No attributes available

    Soft. Component EP-PSERV SAP-JEECOR

    Release Track 6.0 6.40

    From Release 6.0 6.40

    To Release 6.0 6.40

    And Successors

    No correction instruction available

    No data available

    Number

    Short Text

    0000713210 Restrictive ACL settings can block access to portal 0000669848 Unlocking the Administrator User on the SAP J2EE Engine 0000589012 EP 6.0 SP2 on WAS 6.20: Central Note for EP-BC-UME

    No attachments available

    SAP Notes / Patches corrected by this Note No entries available

    The following SAP Notes correct this Note / Patch No entries available

    Back

    https://websmp202.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=...

    26/1/2006

    You might also like