on 01-06-2011 3:29 PM
Dear expert,
I have server SNC error between BW and BOE. BW user is already assigned as alias to AD user.
The PSE file of BOE is already readable to my AD service account user running SIA (only 1 SIA, so split scenario or multiple SIA is not used here). Below is the RFC trace.
rfcOpenHooked
destination <unknown>
mode 3
conopt 3 hostname MYBWSERVER.MYORGUNIT.MYORG.MYCOUNTRY
conopt 3 sysnr 0
conopt 3 use_l_bal 0
conopt 3 use_sapgui 0
client 200
language E
trace 0
L-GetCodePage (DEFAULT-CP) rc = 0: 4103
L-GetCodePage (PCS-CP) rc = 0: 1100
resize I/O buffer to 16000 bytes
>>>> [5] <unknown> : EXT <ac: 9> L MYBWSERVER.MYORGUNIT.MYORG.MYCOUNTRY >>> OPEN
UUID: ab_drvstate create uuid {909719E0-9481-F12F-AEB8-005056BB5FE7}
{ }_{ }_0-
0 { }_{ }_0- __0 Error in program 'crproc': ======> SAP_CMINIT3 : rc=20 > Connect to SAP gateway failed Connect_PM GWHOST=MYBWSERVER.MYORGUNIT.MYORG.MYCOUNTRY, GWSERV=sapgw00, SYSNR=00 LOCATION CPIC (TCP/IP) on local host with Unicode ERROR SNCERR_GSSAPI TIME Thu Jan 06 21:19:18 2011 RELEASE 710 COMPONENT SNC (Secure Network Communication) VERSION 5 RC -4 DETAIL An operation failed at the GSS-API level COUNTER 10 >>>> [5] <unknown> : EXT <ac: 10> L MYBWSERVER.MYORGUNIT.MYORG.MYCOUNTRY >>> CLOSE abrfcio.c 628 -{909719E0-9481-F12F-AEB8-005056BB5FE7} { }_{ }_0- __0
==== Delta 0 0 LOG DROPPED
>>> RfcOpenEx ...
Got following connect_param string:
CLIENT=200 LANG=EN ASHOST=MYBWSERVER.MYORGUNIT.MYORG.MYCOUNTRY SYSNR=00 SNC_MODE=1 SNC_QOP=1 SNC_LIB=C:\sapcrypto\sapcrypto.dll SNC_PARTNERNAME=p:CN=MYBWSERVER,OU=MYORGUNIT,O=MYORG,C=MYCOUNTRY
SNC_MYNAME=p:CN=MYBOESERVER,OU=MYORGUNIT,O=MYORG,C=MYCOUNTRY EXTIDDATA=... EXTIDTYPE=UN
>>> RfcLastErrorEx
<<< RfcLastErrorEx
<<< RfcOpenEx failed
My questions are:
1.
If you notice, the EXTIDDATA is '...'. What could be the reason for this?
Someone solved this problem on this link below, but i'm still having the problem though i've done it like what he did.
In CMC tab 'Authentication > SAP > Entitlement System':
i already left SNC name blank and use BW username 'CRYSTAL' and put the password.
I gave role CRYSTAL_ENTITLEMENT to that BW user 'CRYSTAL'. This role is created as per PDF Integration Kit given by Business Objects.
2. Do i need to run Tomcat using this service account as well? Currently only SIA is run using AD service account, Tomcat is run using local system account.
3. Is the SNC name below case-sensitive? Do we have to make the uppercase/lowercase exactly the same as in Private and Public Key?
And also not to put ' ' (space) after ',' (comma) as what we typed?
Because in tcode STRUST they always show it having ' ' (space), though i actually didn't put space when generating using sapgenpse.exe.
p:CN=MYBOESERVER,OU=MYORGUNIT,O=MYORG,C=MYCOUNTRY
Thank you very much.
Kind regards,
aswin
Dear all,
I've found the solution for those problems. It's all due to case-sensitivity of the SNC ID. We need to be careful with using upper/lowercase as SNC ID and when generating PSE.
Make sure the upper/lowercase letters are all consistent.
Thank you.
Kind regards,
aswin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.