cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

User name/Password in CRM & DOE

former_member745479
Participant

on ‎05-10-2012 12:49 PM

0 Kudos

Dear forum members,

We will deploy Mobile Sales 2.0 application into production in few weeks/months. In Mobile Sales 2.0 application, the application expects "User name and Password" to be consistent between CRM and DOE.

Ideally, the application authenticates in DOE system and then the communication flows on "Trusted RFC" connection.

We have a problem here.

In the production, none of the real users will have access to DOE system. We cannot ask the users to log in to DOE and maintain the same password what they maintain in CRM. We would need a mechanism in which when CRM password is changed it automatically changes in DOE.

Has anyone came across this scenario ?

Regards,

Viju

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

masa_139
Product and Topic Expert
Product and Topic Expert
‎05-10-2012 1:07 PM
0 Kudos

The password can be different and it does not need to sync.

Just User ID have to be in both CRM and DOE.

System Admin creates users in DOE with same CRM user ID and notify the password to business users. Business users subscribe with info from system admin.

Show replies
Show replies
former_member745479
Participant
‎05-10-2012 2:17 PM
0 Kudos

Dear Masayuki,

When the user logs in to mobile sales application, the user enters SAP CRM User name and Password. This user credential will be authenticated by DOE system.

Therefore, it is imperative for both CRM and DOE systems to have same User name and Password. If the password is different in CRM and DOE, the mobile application cannot sync.

I tested this particular scenario. 

regards,

Viju

masa_139
Product and Topic Expert
Product and Topic Expert
‎05-10-2012 2:33 PM
0 Kudos

For example,

CRM: User ID = 1000077, Password = abcdefgh

DOE: User ID = 1000077, Password = stuvwxyz

Device subscription: User ID = 1000077, Password = stuvwxyz

DOE user logs on to CRM without password because it is trusted RFC.

If this case does not work, you need to check trusted RFC setting.

Details:

https://service.sap.com/sap/support/notes/128447

http://help.sap.com/saphelp_nw04/helpdata/en/22/042671488911d189490000e829fbbd/frameset.htm

former_member745479
Participant
‎05-10-2012 2:43 PM
0 Kudos

Dear Masayuki,

I am aware of this architecture. I am aware that DOE makes a Trusted call to CRM.

But, what I want to convey is when we roll out the Mobile Sales application, we ask the users to enter SAP CRM user credentials in the mobile sales application.

The basic assumption is Mobile Sales application is same as CRM Sales application. It starts from log-in till log-out.

Assume, the following scenario happens:

(a) First roll out - I maintain user credentials in CRM and DOE.

CRM: User ID = 1000077, Password = abcdefgh

DOE: User ID = 1000077, Password = abcdefgh

I ask the mobile user to login to mobile sales application using his CRM credentials and not DOE credentials ( in which user name is same but password is different).

(b) After 3 months, password gets changed in CRM system

In this case, there is a mismatch with respect to password and data sync will give an error.

Therefore, the postulate is when we ask the mobile users to login to mobile sales application, they should use CRM credentials and not different credentials ( password differentiation).

Hope I am able to convey my point.

Regards,

Viju


masa_139
Product and Topic Expert
Product and Topic Expert
‎05-10-2012 3:17 PM
0 Kudos

>(b) After 3 months, password gets changed in CRM system

>In this case, there is a mismatch with respect to password and data sync will give an error.

We can find a solution for this. Do you have detail error information?

former_member745479
Participant
‎05-10-2012 3:31 PM
0 Kudos

Hi Masayuki,

I get the below error in DOE system.

I would be happy to hear your opinion about the User credentials defined for Mobile Sales application.

Regards,

Viju

masa_139
Product and Topic Expert
Product and Topic Expert
‎05-10-2012 4:28 PM
0 Kudos

I think it is SMQ2 and DOE_Q is for from DOE distribution to device queue.

Error message looks like DOE ->(SOAP)-> SUP DOE Connector connection issue.

Here is my guess.

Initial:

CRM:    User ID = 1000077, Password = abcdefgh

DOE:    User ID = 1000077, Password = abcdefgh

Device: User ID = 1000077, Password = abcdefgh

3 month later: It still works.

CRM:    User ID = 1000077, Password = newpass

DOE:    User ID = 1000077, Password = abcdefgh  <-- you do not need to change the password

Device: User ID = 1000077, Password = abcdefgh

But,

CRM:    User ID = 1000077, Password = newpass

DOE:    User ID = 1000077, Password = newpass  <-- you have changed password. This brings issue.

Device: User ID = 1000077, Password = abcdefgh

former_member745479
Participant
‎05-11-2012 9:55 AM
0 Kudos

Dear Masayuki,

I have 2 major issues with this user credentials in the mobile sales application:

  1. In Production, the end users ( CRM users) won't have access neither to DOE nor to SAP Logon ( many a times). They will have only one web link ( CRM Web UI).
  2. So, we cannot ask users to maintain the CRM password in DOE for the first time as well
  3. Even when they define the CRM password = DOE password, it gets changed periodically.
  4. Therefore, need to find a way to sync CRM Password = DOE password whenever the user changes the password in CRM.

Does SAP has any strategy or mechanism to achieve this ?

Regards,

Viju

masa_139
Product and Topic Expert
Product and Topic Expert
‎05-11-2012 10:32 AM
0 Kudos

Mainly 2 options.

1. Using SSO Authentication. Please look at User Guide for each device type. Guides are available in SAP Service Marketplace.

2. System admin generates subscription password for users and sets no periodical password change. Business users enter the subscription password when they start using App. It is just one time action and users can forget the subscription password.

Users just need to remember the PIN only. In this context, system admin does not need to mention about DOE. Business users never log on to DOE and do not need to know the server.

Business users view is "one time password for subscription".

System admin view is "password in DOE".

former_member745479
Participant
‎05-12-2012 7:45 AM
0 Kudos

Help me with these points:

for option 01 - When we say as SSO, the user would use his AD/LDAP credentials to login, right ?

for option 02 - As far I understand, you are saying that , let the DOE user be "system user" in which the password will never change. In this case, send the generated password to the users for initial subscription. Is this right ?

Regards,

Viju

masa_139
Product and Topic Expert
Product and Topic Expert
‎05-17-2012 4:18 AM
0 Kudos

+ The iOS platform can handle both SSO2 Token and X.509 certificates as a means of authentication.

+ Please see password related profile parameter

http://help.sap.com/saphelp_nw73/helpdata/en/4a/c3f18f8c352470e10000000a42189c/frameset.htm

Former Member
‎07-25-2012 8:58 AM
0 Kudos

Hi Viju,


Since there is a trusted connection between CRM and DOE, both passwords don't need to be equals.

SUP performs user/password validation against DOE. Therefore, in CRM app you have to set DOE password.


CRM:    User ID = 1000077, Password = zyxwvtsr

DOE:    User ID = 1000077, Password = abcdefgh

Device: User ID = 1000077, Password = abcdefgh

 

If you change the password on CRM backend, it is not necessary to change it in DOE and Device.

Regards,

David.

former_member745479
Participant
‎07-25-2012 12:56 PM
0 Kudos

Thank you David.

Regards,

Viju

Ask a Question