cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Client Tool not logging onto BI4.1

Go to solution
Former Member

on ‎10-17-2013 2:25 PM

0 Kudos

Hello Experts,

I have recently installed BI4.1 SP1 on Win 2008 R2 server and implemented Windows AD authentication along with Single Sign On.

I'm able to logon to the BI LaunchPad and CMC using Win AD authentication/SSO from the server as well as client machine.

I'm able to logon to the server through the client tool using Win AD authentication/SSO when I'm on the Server.

But when I try to login to the Client Tool on the Client Machine, I'm not able to login using Win AD authentication.

I'm not able to understand why. I follow the Win AD and SSO steps from the Admin guide. What else do I need to configure to connect to the servers using the client tools?

Thanks in advance.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎10-17-2013 3:44 PM
0 Kudos

  1. Edit the file: install_dir\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win32_x86\InformationDesignTool.ini.

  2. Add the following lines to the end of the file:
    -Djava.security.auth.login.config=path-to-bsclogin/bscLogin.conf
    -Djava.security.krb5.conf=path-to-kerberos/krb5.ini

  3. Copy the two files bscLogin.conf and krb5.ini from the server or the other Working Client Machine.

  4. Now try login to IDT with AD Authentication.

Show replies
Show replies
Former Member
‎10-17-2013 8:27 PM
0 Kudos

We have 4.0 environment  and  we have not done anything for windows  AD authentication. I guess same would work on 4.1 as well ( in process of implementing 4.1).

Make sure windows firewall is disabled or set correctly

make sure  to login with user@domain_name

Is it working fine with enterprise id ?

Thanks!

Former Member
‎10-17-2013 10:25 PM
0 Kudos

Yes, I tried logging in using Enterprise Admin account but it cannot log me in.

I get a error "Server cannot be found or CMS may be down".

My CMS is running on port 6400.

How do I make sure if the windows firewall settings are set correctly?

Thanks,

Former Member
‎10-17-2013 10:26 PM
0 Kudos

Hi Jawahar,

Thanks for the reply.

Let me take a step back..

I'm not able to login using my Enterprise Admin account. Any suggestion on how do I go about debugging or fixing it?

Thanks again

former_member136842
Employee
Employee
‎10-18-2013 9:55 AM
0 Kudos

Hi,

can you logon on the Server with an Enterprise User?

I guess we have a Firewall issue here. Please consider also the Windows Firewall if your BI 4.1 is running on Windows.

Go to the CMC and assign the CMS a request Port (Lets say 6401). Open Port 6400 and 6401 on all Firewalls betwees your Client and the BI 4.1 Server. If you are now able to logob continue with the Request Port assignment on all BI 4.1 Services. Also let these Ports open.

Regards

-Seb.

Former Member
‎10-18-2013 10:21 AM
0 Kudos

Go to Control Panel and look out for firewall. Check whether its ON. Look into the settings for network. Select OFF and find whether it works out.

Look for alternatives such as Anti-virus. Ensure that the site has been updated on exception list. This should help.

Do update the hosts file to ensure proper communication.

In addition to this, now that you mentioned Enterprise login is not working, can we confirm that the CMS Db is available and you are able to login at server level.

The steps mentioned above should help to resolve the communication problem.

Message was edited by: Arvind Pandalai

janata
Explorer
‎11-12-2013 3:18 PM
0 Kudos

Hi Jawahar,

We have same problem with SAP BI4.1 SP01.

After using your recommendations I got the AD working and I can log in with AD user.

The problem is non working SSO connection.

For example: every time when I want to open session, I have to provide password.

Does anyone have solution for this problem?

BR,

Jana

Former Member
‎11-12-2013 3:24 PM
0 Kudos

Hi Izak,

Definitely it seems to be a firewall blockage issue. Make sure that the ports to be opened bi-directional for both incoming and outgoing requests.

Please share the findings.

Thanks,

Arun

Former Member
‎11-14-2013 6:56 PM
0 Kudos

Hi Seb,

What are the ports that needs to be opened inorder for the client tools to communicate with the servers?

I cannot even login using my enterprise account from the client machine.

Thanks for the help.

Izak

Former Member
‎11-14-2013 6:57 PM
0 Kudos

Hi Arun,

What are the ports that are needed to be opened inorder for the client tools to communicate with the servers?

Thanks for the help

Izak

Answers (5)

Answers (5)

former_member1352156
Explorer
‎12-13-2014 6:51 AM
0 Kudos

This message was moderated.

Show replies
Show replies
former_member1352156
Explorer
‎12-13-2014 5:59 AM
0 Kudos

Hello Experts,

Please help me, as when i restart my CMS server it is showing me on Stopping state since last night.

Please suggest me with the steps.

Show replies
Show replies
Patrick_Perrier
Contributor
‎11-15-2013 12:42 PM
0 Kudos

This post should be closed.  What this user wants is SSO with IDT and as mentioned above by myself and supported by Arvind this is not possible currently as of SAP BI 4.1 SP1.

Mr Izak, could you please mark the replies as correct answer so this post can be closed?

Thanks!

Show replies
Show replies
Former Member
‎11-15-2013 5:19 PM
0 Kudos

Patrick,

My issue is not yet resolved and please dont close it.

Jana,

Please open a new post as your issue is with regards to SSO.

Thanks,

Izak

Patrick_Perrier
Contributor
‎11-15-2013 5:27 PM
0 Kudos

Ha I see, seems to be a two different cases here.

Mr. Izak: In your case, if I read the above properly, the IDT is not working either for AD or Enterprise is that correct?

I guess IDT is working fine on the server?

Here is an easy test you can do to see if there are any firewall issues:

1- On the workstation, try to do this in the command prompt:

telnet server_name 6400

telnet server_name XXXX (that port is the requestport.  You can find it in the Metrics of the CMS in the CMC.

If telnet returns an error, then there is no communication.

If telnet goes to a black screen and does nothing, then it's working.

Let me know and sorry for the confusion with Jana.

Former Member
‎11-15-2013 6:26 PM
0 Kudos

I believe that the issue would be with firewall / antivirus as communication is occurring from other client tools.

You will need to put the client installation directory in exception list, which is extremely essential for IDT presently.

Former Member
‎11-19-2013 8:03 PM
0 Kudos

Hi Patrick,

It is not just IDT, but all the client tools....I can login to any client tools on the server but not on the client machine..

I did the telnet command and it returned blank screen...Still not able to log on to client machine..

It errors out with message " Server servername not found or server may be down".

I even tried adding the IP address and Server name of the BOE Server on my local machine in the host file...But still no luck...

Neither the Enterprise authentication nor the win AD is working..

any idea?

Former Member
‎11-19-2013 8:04 PM
0 Kudos

Hi Arvind,

It is not just the IDT but all the client tools...I can log on the client tools from the server but not from the client machine...I can telnet from my client machine to the server though.

And all the port from 6400 to 6410 are opened for TCP only.

Any idea ?

Former Member
‎11-19-2013 8:52 PM
0 Kudos

Can you clarify whether the issue is specific to your machine and nott with all systems having BO client configured.

As mentioned earlier check whether the issue is with firewall / antivirus. As a test turn-off the firewall / antivirus and observe whether you can login perfectly or not.

Former Member
‎11-19-2013 9:45 PM
0 Kudos

If those 6400-6410 ports are opened, you will still need to do what Seb suggested: go to CMC > Servers > CMS > Properties and change the reply port to, say, 6401 and restart the CMS. As you authentication process from the client will call on 6400 and do a handshake on 6401. If you dont set that port, it will a random different port which will be blocked by the firewall.

The above will just confirm that you can log on.

Do not try to import or export anything from the FRS as they have their own ports which will need to be set to a unique value - say 6402 for the input FRS and 6403 for the output FRS.

Former Member
‎11-22-2013 8:44 PM
0 Kudos

Have you been able to find out more on your issue? Has any of the suggestions worked for you?

Former Member
‎11-25-2013 2:49 PM
0 Kudos

Hi Berend,

Yes, after opening the ports from 6400 to 6410 and specifying the request ports for CMS, I/O FRS servers, I'm now able to log in via client tools from the client machines...

Thank you all for your help...

Thanks again,

Izak

Former Member
‎11-26-2013 9:09 AM
0 Kudos

good to hear that the client tools login is working now...

former_member1352156
Explorer
‎12-12-2014 9:30 PM
0 Kudos

Hi Berend,

I followed the above mentioned steps, CMC>Servers>CMS>Properties and restart the CMS.

when i clicked on the restart the status of the CMS is in Stopping state since 1 hour, Can you please suggest me what i can do.. Please as this is very urgent.

Former Member
‎12-12-2014 9:57 PM
0 Kudos

Hi Varsha,

Go to Task Manager and try killing the BOE services.

If it is still in the stopping state, try closing the CCM.

If it is still the same, try rebooting the server

former_member1352156
Explorer
‎12-13-2014 5:47 AM
0 Kudos

Hi llyas,

Thanks alot for your reply.

Can you please guide me with the steps.

former_member262506
Discoverer
‎11-15-2013 12:29 PM
0 Kudos

This message was moderated.

Show replies
Show replies
Patrick_Perrier
Contributor
‎11-13-2013 6:44 PM
0 Kudos

Hi,

Which client tools do you have problem with?

Some are JAVA: IDT, RCT, more

Some are Web Services: Widgets, QAAWS, Live Office, more

Some are Windows: Designer, more

If they all fail they I agree with Arun, it's likely a firewall issue.

If some do work, then let's take it from there!

Thanks,

Pat

Show replies
Show replies
janata
Explorer
‎11-14-2013 8:37 AM
0 Kudos

Hi,

We have problem only with IDT.

Regards,

Jana

Patrick_Perrier
Contributor
‎11-14-2013 10:21 AM
0 Kudos

Unfortunately, you can't have silent AD SSO with the IDT.

You will have to write your AD username / password manually.

Somebody has already created a post on SAP Idea Place.  Let's see where that takes us!

Former Member
‎11-15-2013 4:36 AM
0 Kudos

I found a note which mentions that AD SSO in IDT is not supported presently.

Refer: 1865952 - Unable to perfrom a Windows AD Single Sign-On login to
Information Design Tool

The note was created in May '13. You may raise a ticket with SAP support with the latest inputs for this issue.

Ask a Question