cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO does not work even after everything is configured correctly!!

former_member190996
Participant

on ‎01-03-2019 8:30 AM

0 Kudos

Hello,

I have configured the SSO successfully between portal and ECC several times before but not this time. Though I have maintained all the parameters correctly I could not get the system object to connect successfully. Below is what I have done:

  • Maintained the services files on both portal (SID: DP4) and ECC (SID: PS1) servers with the below entries:
sapmsPS13600/tcp
sapmsDP43901/tcp
  • Registered the JCo RFC provider on Portal and created the RFC destination (PS1_DP4_Connector) on ECC. Also tested successfully:

  • Exchanged the certificates between Portal and ECC:

Portal Certificate in ECC:

ECC certificate in Portal:

  • System Object connection tests fails as below. All the ports are opened, and the telnet is working fine on 8001 and 3600.

  • I see the below errors on the diagtool trace:

The message server is not reached and complaining about the logon group as well. Any ideas on what am I missing here?

Regards,

SB

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

nickrankin
Contributor
‎01-04-2019 2:11 PM
0 Kudos

Please check SAP Note: 2037383 which deals with error "ERROR Group PUBLIC not found"

Nick

Show replies
Show replies
former_member190996
Participant
‎01-07-2019 7:15 AM
0 Kudos

The logon groups were maintained in the SMLG and also in the SLD for the technical system. Still the error persists. I guess there is an issue with the gateway/load balancing configuration.

former_member190996
Participant
‎01-04-2019 12:46 PM
0 Kudos

Any suggestions on further debugging the issue?

Show replies
Show replies
nickrankin
Contributor
‎01-03-2019 11:22 AM
0 Kudos

Hi SB,

The stack trace you attach is referencing a WebDynpro and may not be related to your SSO issue. Are there any Security errors written to the backend Work Processes trace? AL11 transaction -> work folder. You can use transaction SM50 to set Security component tracing severity to "3", to get more detailed Security traces

Nick

Show replies
Show replies
former_member190996
Participant
‎01-03-2019 9:01 PM
0 Kudos

Hi Nick,

The trace is after replicating the SSO issue by accessing the webdynpro java application that uses the JCOs to access the data from the backend. Those JCOs are using the SSO as logon method, but failing with the below error. I do not see anything in the SM50. Can you please be more specific?

Error:

com.sap.mw.jco.JCO$Exception: (102) RFC_ERROR_COMMUNICATION: Connect to message server host failed Connection parameters: TYPE=B DEST=<Java Rfc client> MSHOST=ecerpp00 R3NAME=PS1 GROUP=PUBLIC PCS=1

LOCATION CPIC (TCP/IP) on local host with Unicode ERROR Group PUBLIC not found TIME Thu Jan 03 22:54:30 2019 RELEASE 721 COMPONENT LG VERSION 5 RC -6 MODULE lgxx.c LINE 5351 DETAIL LgIGroupRereadMs COUNTER 82

Ask a Question