on 02-09-2009 6:07 AM
We are trying to establish an external authentication for ITS using LDAP.
Our Ticket issuing server will be a R/3 server.
We have installed SAP Cryptographic Library on the application server.
Now when trying to create a SNC(SAPCryptoLib) Pse, it fails to create giving the error.
"Error While creating PSE"
On the help of the error message we have "message no. trust040:"
Also in the profile parameters we have set all the values as given for having the snc, expect
snc/enable=1
as soon as we set the parameter as 1, the application server refuses to start and gives the following error
"Initialization SNC Failed, Return Code -000019"
What are we missing out??
The version of our ITS is 6.20
The version of our R/3 is 4.7X110
The ldap server is a Lotus Domino Directory.
Hopefully this is the correct place to post for this error
Thanks in advance
Abhishek
Edited by: Abhishek Sen on Feb 9, 2009 7:08 AM
Hai,
Check the document 'Using the SAP Cryptographic Library for SNC' in the below link.....
https://websmp103.sap-ag.de/%7Eform/sapnet?_SHORTKEY=01100035870000668370&;
Regards,
Yoganand.V
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for your reply.
We have followed the instruction as given in the pdf exactly, but still its the same error
the error log on dw_0 is as follows
N SncInit(): Initializing Secure Network Communication (SNC)
N PC with Windows NT (mt,ascii,SAP_UC/long/void* = 2/4/4)
N SncInit(): found snc/data_protection/max=1, using 1 (Authentication Level)
N SncInit(): found snc/data_protection/min=1, using 1 (Authentication Level)
N SncInit(): found snc/data_protection/use=1, using 1 (Authentication Level)
N SncInit(): found snc/gssapi_lib=C:\usr\sap\C12\SYS\exe\run\sapcrypto.dll
N File "C:\usr\sap\C12\SYS\exe\run\sapcrypto.dll" dynamically loaded as GSS-API v2 library.
N The internal Adapter for the loaded GSS-API mechanism identifies as:
N Internal SNC-Adapter (Rev 1.0) to SECUDE 5/GSS-API v2
N SncInit(): found snc/identity/as=p:CN=C12,O=XYZ
N *** ERROR => SncPAcquireCred()==SNCERR_GSSAPI [sncxxall.c 1223]
N GSS-API(maj): No credentials were supplied
N GSS-API(min): No credentials found for this name (not logged on) (USER=SAPServiceC12)
N Could't acquire ACCEPTING credentials for
N
N name="p:CN=C12, O=XYZ"
N SncInit(): Fatal -- Accepting Credentials not available!
N <<- SncInit()==SNCERR_GSSAPI
N sec_avail = "false"
M ***LOG R19=> ThSncInit, SncInitU ( SNC-000004) [thxxsnc.c 223]
M *** ERROR => ThSncInit: SncInitU (SNCERR_GSSAPI) [thxxsnc.c 225]
M in_ThErrHandle: 1
M *** ERROR => SncInitU (step 1, th_errno 44, action 3, level 1) [thxxhead.c 8437]
The user SAPServiceC12 is the one by whom the sap services are running.When checking his credentials, it shows that the SapService can read the pse.
But as soon as we set snc/enable =1
The application server gives the same error as above.
What setting are we missing out, cause we have followed all the steps as given in the pdf.
Thanks in advance
Abhishek
User | Count |
---|---|
98 | |
11 | |
11 | |
10 | |
10 | |
8 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.