on 01-17-2006 10:19 AM
Hi,
Are there any specific settings to be made to enable SSO for Integrated ITS.
We have configured the ECC backend system to accept tickets.
The profile parameters have been set. Certificate for EP has been added to ACL.
But when we create transaction iViews (which in turn use ITS) I am getting a screen, SSO is not active in the system.
Are there any settings other than this,specific to ITS that have to be done.
Thanks and Regards
Bharathwaj
you need the following in ECC
login/accept_sso2_ticket to 1
login/create_sso2_ticket to 2
and in portal - > system deifnition you need to maintain ITS host, path and protocol details.
make sure FQDN is implemented for WAS server and the same in used in system definition .
make sure that icm/host_full_name parameter is maintained in RZ10
Regards
Raja
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Durairaj,
<b>FQDN </b> ? What is that ?
And icm/host_full_name = localhost ?
i also found a forum discussion saying..
<i>I found out the setting in a integrated ITS need not to be setup : mysapcomusesso2cookie
You need to activate a service mysso2control (or similar...) on the client site.
Also make sure that you have the logon group PUBLIC on the backend system ! Otherwise it gives you "Username or password incorrect", because the R/3 / ECC gets an empty username string.</i>
Is group PUBLIC necessary ?
Thanks and Regards
Bharathwaj
Message was edited by: Bharathwaj R
> Dear Durairaj,
>
> <b>FQDN </b> ? What is that ?
FULLY QUALIFIED DOMAIN NAME instead of just host:port your should use host.domain.com:port for SSO to work
> And icm/host_full_name = localhost ?
it should be hostname.domainname.com
>
> <i>I found out the setting in a integrated ITS need
> not to be setup : mysapcomusesso2cookie
no need in integrated ITS
> You need to activate a service mysso2control (or
> similar...) on the client site.
>
> Also make sure that you have the logon group PUBLIC
> on the backend system ! Otherwise it gives you
> "Username or password incorrect", because the R/3 /
> ECC gets an empty username string.</i>
I am not aware of this
> Is group PUBLIC necessary ?
I am not aware of this
Regards
Raja
Hi Durairaj,
Am configuring the ECC system to accept tickets. If i give create ticket parameter to 2, its saying "System SID is creating logon tickets THAT DO NOT INCLUDE ITS CERTIFICATE" when executing transaction SSO2.
Is this correct.
<i>And icm/host_full_name = localhost ?
it should be hostname.domainname.com</i>
Is this the ECC system hostname or the portal system name.
Regards
Bharathwaj
HI Durairaj,
After i set the create_sso2_ticket = 2 and set the hostname to the domain name as in the system properties,
i get the error <b>" Invalid host name for issuing SSO ticket ".</b>
Can you help me resolve this issue.?
The hostname i have given is of the form <b><system name>.<domain name>.<company name>.net.</b>Thanks and regards
Bharathwaj
Message was edited by: Bharathwaj R
for the system to accept SSO cookie and create SSO cookie both has to be on same domain and you should use FQDN to access the application.
may be search the weblog section on SSO there are quiet a few weblogs on this topic and make sure you have done all of what is explained in those weblogs.
Regards
Raja
Hi Durairaj,
1. They are both in the same domain.
2. I have done every setting as per help.sap, weblogs, note 701205 and other related notes.
3. Raised a OSS note.
4. Checked SM50 security level 2 trace.
5.Checked SSO2 transcation.
But i am still not able to find out why its not working.
When i ping with FQDN it works. But in the browser FQDN does not work.
May be if this is solved, the SSO might work.
Any help will be greatly appreciated.
Thanks and Regards
Bharathwaj
Hi Durairaj,
Hmmm.Probably the remote connection is the last option.
Till now they were also not able to solve this issue..
Looking forward to solve this somehow.. !
The only problem is i have done the same settings for another system in the customer landscape.. which had an add-in installation.. that worked..
I guess there is some issue while connecting across different physical systems
Regards
Bharathwaj
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.