on 09-14-2017 4:23 PM
Hello Friends,
Since migration from Windows to Linux, I'm facing issue. System is asking for OS Credentials when I am trying to go into start and stop in NWA.
It is not clear that this is default behavior of Linux.
Best regards,
Moreshwar
SAP Security was implemented even stronger, and now the previously available SAPControl Web methods are no longer available without authorization.
SAPControl is operating as Linux/UNIX deamon and as Windows service.
In both cases, it is an OS level module which requires specific OS level credentials to be provided. For more details, check the relevant SAP Note 1439348 and SAP Note 927637.
One possible workaround is to make SAPControl Web methods accessible ...
1. Change the protection level to "DEFAULT" instead of "SDEFAULT".
Execute: service/protectedwebmethods = DEFAULT
2. Restart the service. Execute:
/usr/sap/<SID>/<Instance>/exe>sapcontrol -nr <instance number> -function RestartService
or
<Drive>:\usr\sap\<SID>\<Instance>\exe>sapcontrol -nr <instance number> -function RestartService
3. If you now call the "GetInstanceProperties" Web method, it should return much smaller list with protected methods than before. Execute:
<Drive>:\usr\sap\<SID>\<Instance>\exe>sapcontrol -nr <instance number> -function GetInstanceProperties
Yet, please keep in mind that the above workaround decrease the security level of SAP Instance Agent (SAPControl) web service interface!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello All,
We can disable it by changing parameter "service/protectedwebmethods" to NONE but it is not recommended.
Best regards,
Moreshwar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Milen,
Thanks a lot for information you shared. I will try to implement this workaround and will get back to you.
Best regards,
Moreshwar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Moreshwar,
To answer your main question, This is default behavior of NWA. Whenever we try to start/stop system from NWA, It asks for sidadm credentials.
Thanks,
Shivam
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey Isaías,
Thanks for your reply!
Nothing was changed during migration.
Is it normal behavior of systems running on Linux?
Best regards,
Moreshwar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Moreshwar,
During the migration, was anything else changed?
Like SAP upgrade, SAP kernel update / upgrade, ...
I made a test at an internal test system here (running on Linux), and it asks for the OS credentials.
Best regards,
Isaías
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.