03-31-2010 8:59 AM
Dear Experts,
I'm trying to disable password based log on for certain users in Portal and Portal uses the ABAP Stack as the repository (IT is a dual stack system).
But when i log in as j2ee_Admin user and try to do this in the "Identity Management" section, i get the following error message
"An error occurred in the persistence. The original message (possibly not translated) was: "Cannot update user UACC.R3_DATASOURCE.USER3 in ABAP backend system. Reason: The UME/ABAP adapter has recognized that the communication user is only assigned to the read-only role SAP_BC_JSF_COMMUNICATION_RO (or no role at all) in the backend system. Therefore UME was set to read-only mode for users from the backend system. See SAP Note 908911 for further information.". Contact your system administrator"
I have checked the SAPJSF Roles too and i see the following there under "Assigned groups"
Everyone
SAP_BC_JSF_COMMUNICATION_RO
SAP_BC_JSF_COMMUNICATION
Authenticated Users
Please let me know the way to overcome this problem.
Regards,
Karthik
03-31-2010 9:10 AM
Hi Karthikeyan
When you login with j2ee_Admin user in "Identity Management" section, when you are getting error message.
I think SAPJSF user should have two roles: SAP_BC_JSF_COMMUNICATION and SAP_BC_USR_CUA_CLIENT_RFC
Thanks & Regards
Arun Jaiswal
03-31-2010 10:27 AM
Dear Arun,
I did this, but i still see the same error message.
Regards,
Karthik
03-31-2010 12:00 PM
Hi Karthikeyan,
Can you check if these SAP roles are generated or not? Also check out the help.sap link and check if you have missed out any step while creating SAPJSF user:
http://help.sap.com/saphelp_nw04/helpdata/en/d6/225f3ce4dd3370e10000000a114084/frameset.htm
04-05-2010 6:31 PM
Hello Karthik
According the SAP note 905188 - "Password change for ABAP users fails"
"If the communication user (default name: SAPJSF) has the 'read-only'
role (SAP_BC_JSF_COMMUNICATION_RO) in the ABAP system, users are no
longer able to change their own password.
This error is corrected with the following Support Packages:
o NetWeaver 2004: Support Package 16
o NetWeaver 2004s : Support Package 07
Until the corrections are available, the following workaround is
possible: Assign the additional role SAP_J2EE_GUEST to the communication
user in the ABAP system and restart the J2EE Engine.
This does not affect the authorizations of the communication user in the
ABAP system."
Please try to apply the note quoted above. I hope to help you!
Álvaro Ferreira Raminelli
04-05-2010 8:58 PM
A double-stack system is not recommended, let alone portal component Java Stack and ABAP user store.
Anyway, if you are disabling the password then you can do this in the ABAP logical system, either via RSUSR200 or via the "idle" parameters for password login or via the "password for SSO" mechanism.
See transaction RZ11 for login/* parameters.
Cheers,
Julius