cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Remote access to the NetWeaver Administrator is forbidden

Go to solution
former_member261631
Participant

on ‎07-31-2012 1:22 PM

0 Kudos

Hi All,

I have implemented SAP NetWeaver Portal 7.3 EhP1. After installing I am trying to access SAP NetWeaver Administrator through URL :

http://<Portal_Host_name>:50000/nwa

but getting below mention message :::

403   Forbidden
SAP NetWeaver Application Server

 

  Error: Remote access to the NetWeaver Administrator is forbidden. See SAP Note 1451753 for details.

   

I have referred the mention SAP Note 1451753, but no getting clearly where exactly icm_filter_rules.txt to be placed in the root access of the Portal 7.31 server.

Also no idea where actually the DEFAULT.PFL is located and how to make the required entries as mentioned.

1) add entry in default profile : icm/HTTP/mod_0 = PREFIX=/,FILE=$(DIR_GLOBAL)/security/data/icm_filter_rules.txt

2) add entry in icm_filter_rules.txt : if % !regimatch ...

RegIRedirectUrl ^/webdynpro/resources/sap. com/tclmitsamuimainframe~wd/(.)*$ /nwa/remote_access_error [QSA]

3) restart java stack

Regards,

Hanif

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎07-31-2012 1:38 PM
0 Kudos

Hi Hanif,

The default profile for the SAP loaded in the path /usr/sap/<your SID >/SYS/profile/DEFAULT.PFL

As my understanding what that note says is you need to edit the profile parameter in the default profile and then you need to maintain the values in the ICM_filter_rules.txt,

For finding the ICM filter file you need to go to the path $(DIR_GLOBAL)/security/data/icm_filter_rules.txt

Hope this helps and let me know if you have any queries.

Show replies
Show replies
former_member261631
Participant
‎08-01-2012 1:14 PM
0 Kudos

Hi Silambharasan,

thanks for the reply,

I  have made the required entries first in DEFULT.PFL file by adding entry ::

icm/HTTP/mod_0 = PREFIX=/,FILE=$(DIR_GLOBAL)/security/data/icm_filter_rules.txt

and then another entry from the file in $(DIR_GLOBAL)/security/data/icm_filter_rules.txt

 

#if %{REMOTE_ADDR} !stricmp 127.0.0.1 [AND]

#if %{REMOTE_ADDR} !stricmp ::1

#RegIRedirectUrl

^/webdynpro/resources/sap.com/tc~lm~itsam~ui~mainframe~wd/(.)*$

/nwa/remote_access_error [QSA]

but still gettnig the same error while accessing SAP Portal 7.31

Regards

Hanif

junwu
Active Contributor
‎08-01-2012 1:39 PM
0 Kudos

for me, it is working after the server restart.

former_member261631
Participant
‎08-03-2012 11:04 AM
0 Kudos

Issue resolved

Former Member
‎07-03-2013 3:14 PM
0 Kudos

How did you solved the problem. I followed the note, but still nothing.

Pls help

Answers (6)

Answers (6)

Former Member
‎07-04-2013 12:48 PM

I solved the problem by implemented the note and checked the proxy and the IE connection.

Show replies
Show replies
raj_sapbasis
Explorer
‎09-01-2013 2:42 AM
0 Kudos

Hi

I think many of you people may already solved this problem, but I have provided simple steps here to clear doubts of many people where, what and which files to change.

Please follow the steps mentioned below to solve this problem.

  1. Open DEFAULT file which is located in 'usr/sap/SAPSID/SYS/profile/' path
  2. Add the following line at the end of all lines
  3. icm/HTTP/mod_0 = PREFIX=/,FILE=$(DIR_GLOBAL)/security/data/icm_filter_rules.txt
  4. Click Save
  5. Open icm_filter_rules.txt file which is located in the path 'usr/sap/SAPSID/SYS/global/security/data/'
  6. Comment all the lines available as shown in the following point
  7. #if %{REMOTE_ADDR} !stricmp 127.0.0.1 [AND]
  8. #if %{REMOTE_ADDR} !stricmp ::1
  9. #RegIRedirectUrl ^/webdynpro/resources/sap.com/tc~lm~itsam~ui~mainframe~wd/(.)*$ /nwa/remote_access_error [QSA]
  10. Save file
  11. Restart the Java AS
  12. Now try http://host:port/nwa
  13. You should not get remote access error now.

I hope these steps are helpful.

Former Member
‎07-01-2014 9:28 AM
0 Kudos


Hi,

Thanks for the above detailed step by step explaination.

But its still not working for me.

I had this line "

icm/HTTP/mod_0 = PREFIX=/,FILE=$(DIR_GLOBAL)/security/data/icm_filter_rules.txt

already added to my DEFAULT.PFL  file.

And i commented all the lines in the " /security/data/icm_filter_rules.txt" file .

Then, I restarted the server machine and SAP MMC .

Still showing same message:-

  403   Forbidden
SAP NetWeaver Application Server

 

  Error: Remote access to the NetWeaver Administrator is forbidden. See SAP Note 1451753 for details.

Thank you

Muddassar

Former Member
‎07-01-2014 9:47 AM
0 Kudos

If you followed the note and it still doesnt works, open an OSS. There is no other possibility to activate remote access for NWA as far I know.

cheers

Former Member
‎07-01-2014 10:39 AM
0 Kudos

Hi,

After restarting the SAP MMC again. It worked.

Thanks

Muddassar

Former Member
‎07-01-2014 10:52 AM
0 Kudos

Muddassar, thats pretty strange. In fact there shouldnt be any connection between the MMC and remote accessing of NWA.

regards

former_member349907
Member
‎06-08-2016 8:58 PM
0 Kudos

Thanks bro .. very helpful. issue fixed ..

Former Member
‎05-20-2015 1:09 PM
0 Kudos

Hi Hanif


The correct SAP Note number is 1451753. It is available after the upgrade of  LMNWAUIFRMRK SCA. For more information, see the SP Patch Level section of this SAP note.


Show replies
Show replies
Former Member
‎12-09-2014 1:26 PM
0 Kudos

Besides these suggestions, i think you should also restart Windows Services.

Hope this helps too.

Show replies
Show replies
Former Member
‎10-01-2014 8:27 PM
0 Kudos

Hi,

Does anyone find a solution for this?
I'm facing that same error.

I've done restart of MMC, SAP, Windows... but the problem stills the same.

Kind regards,
RM

Show replies
Show replies
Former Member
‎10-22-2014 10:21 AM
0 Kudos

Hi Rogerio Matos,

Please follow the SAPNote 1451753, still not getting try with downloading the attached file with the note  copy the same content to the original rule file and save.

Restart the sap and try now.

I hope it will work fine for you also.

Points are welcome.

Thanks & Regards,

Praveen

Former Member
‎07-03-2013 3:15 PM
0 Kudos

This message was moderated.

Show replies
Show replies
junwu
Active Contributor
‎07-31-2012 8:30 PM
0 Kudos

it's the default behavior, just follow that note to open the remote access

Show replies
Show replies
Ask a Question