Scribd
Upload
243 views2 pages

Unable To Access Logon Page LDAP

This SAP note describes an issue where users are unable to access the logon page in SAP Enterprise Portal due to a portal runtime error. This can occur when there are multiple users defined with the logon ID "anonymous" across different user management data sources or when the parameter ume.login.anonymous_user.mode is incorrectly configured. The note provides solutions such as deleting the duplicate "anonymous" user, specifying a unique anonymous user, or changing the configuration parameter to resolve the issue.

Uploaded by

andersomwss
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
243 views2 pages

Unable To Access Logon Page LDAP

This SAP note describes an issue where users are unable to access the logon page in SAP Enterprise Portal due to a portal runtime error. This can occur when there are multiple users defined with the logon ID "anonymous" across different user management data sources or when the parameter ume.login.anonymous_user.mode is incorrectly configured. The note provides solutions such as deleting the duplicate "anonymous" user, specifying a unique anonymous user, or changing the configuration parameter to resolve the issue.

Uploaded by

andersomwss
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

SAP Note

Page 1 of 2

Back

SAP Note Number: 728075 EP 6.0: Unable to access logon page


Version: 14, Note Language: EN, Released on: 25.10.2005 Symptom
Portal runtime error when calling the logon page in the browser

Other terms
iView Error, authentication, logon, LDAP, datasource, log in, login, data source

Reason and Prerequisites


One of the following situations apply: 1) Anonymous user definition You have configured the portal to use two user management data sources, for example a database and a LDAP directory. On both data sources there are users with 'anonymous' as logon ID (the logon ID is defined by the j_user attribute in the data source configuration), and the parameter Pcd.Gl.PermissionCheck = true is set in /WEBINF/portal/system/pcd/pcdStartup.installer.properties or usr/sap/global/config/pcd/pcdStartup.installer.properties (depending on the patch level). 2) Parameter ume.login.anonymous_user.mode The parameters ume.login.anonymous_user.mode = 0 is set in the usermanagement configuration under System Administration -> System Configuration -> UM Configuration-> Direct Editing and in the file system the parameter Pcd.Gl.PermissionCheck = true is set in /WEB-INF/portal/system/pcd/pcdStartup.installer.properties or usr/sap/global/config/pcd/pcdStartup.installer.properties (depending on the patch level).

Solution
1) Anonymous user definition If the Permission check is set to true the portal uses per default a service user whose login ID (j_user) is equal to 'anonymous' for the logon page. If more than one user with the same logon ID exist, the logon page cannot be called. You can use any of the following possibilities to resolve the problem: Delete the 'anonymous' user from one of the data sources. Caution: The 'anonymous' user in the portal database is recreated after deletion during the next restart of the J2EE Engine. Therefore deleting the 'anonymous' user from the database does not resolve the problem. Specify a different anonymous user for the logon page as follows: 1. To be able to log on to the portal, follow the procedure described in note 713210. 2. Log on to the portal and navigate to User Administration -> Users. 3. Create a new user with unique attributes. Do not assign any roles to this user. 4. Choose System Administration -> System Configuration -> UM Configuration-> Direct Editing and change the following properties: ume. login.guest_user.uniqueids=<add uid of new anonymous user> ume. login.guest_user.defaultid=<uid of new anonymous user> 5. Change the ACL settings back as described in note 713210. 6. Restart the J2EE Engine. If you are using NetWeaver '04 with database and LDAP directory as data sources, you can prevent the anonymous user from being read from the LDAP directory as follows: 1. Start the J2EE Engine Config Tool. 2. Choose UME LDAP Data. 3. On the 'Additional LDAP Properties' tab, add the 'anonymous' user to the blocked users: ume.ldap. blocked_users(global)=Administrator,Guest,anonymous ume.ldap. blocked_accounts(global)=Administrator,Guest,anonymous 2) Parameter ume.login.anonymous_user.mode

https://websmp202.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=...

26/1/2006

SAP Note

Page 2 of 2

If the Permission check is set to true the portal logon page needs a named service user for the ACL permissions checks. In order to make this named user available to the logon page, set ume.login.anonymous_user.mode = 1

Released on Priority Category Primary Component Secondary Components

25.10.2005 Correction with medium priority Installation information EP-PIN-SEC-AUTH EP-PIN EP-PIN-USM BC-JAS-SEC-UME

No attributes available

Soft. Component EP-PSERV SAP-JEECOR

Release Track 6.0 6.40

From Release 6.0 6.40

To Release 6.0 6.40

And Successors

No correction instruction available

No data available

Number

Short Text

0000713210 Restrictive ACL settings can block access to portal 0000669848 Unlocking the Administrator User on the SAP J2EE Engine 0000589012 EP 6.0 SP2 on WAS 6.20: Central Note for EP-BC-UME

No attachments available

SAP Notes / Patches corrected by this Note No entries available

The following SAP Notes correct this Note / Patch No entries available

Back

https://websmp202.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=...

26/1/2006

You might also like