cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

End User Logon Accepts any user and password combination

Go to solution
Former Member

on ‎08-06-2013 4:13 PM

0 Kudos

GRC 10 Sp10

When we access the End User logon page. I can type any random username and password and it logs in. We are authenticating against LDAP.

I can type user name - askdjakA and Password - sknadld and it works.

We implemented note# 1775107 which did not fix the issue.

Thank you for the help

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎08-06-2013 6:45 PM
0 Kudos

Maintain logon information for following services in SICF:

1.)GRAC_OIF_MY_PROFILE_EU

2.)GRAC_GAF_NAME_CHANGE_SERV_EU

3.)GRAC_POWL_REQUEST_STATUS_EU

4.)GRAC_GAF_PWD_SELFSERVICE_EU

5.)GRAC_OIF_USER_REGISTER_EU

6.)GRAC_GAF_ACCREQ_WITH_REQREF_EU

7.)GRAC_OIF_REQUEST_SUBMISSION_EU

8.)GRAC_GAF_ACCREQ_WITH_TEMPL_EU

9.)GRAC_GAF_ACCREQ_WITH_USEREF_EU

10.)GRAC_UIBB_END_USER_LOGIN

To maintain the logon information, do the following:

1. Execute transaction SICF.

2. In the Service Name, enter the name of the service mentioned above.

3. Click the Execute button.

4. Under the Virtual Hosts / Services column you will see the service

selected service. Double click on this service name.

5. Click on the Logon Data tab.

6. Click on the Pencil icon to go to change mode.

7. Enter the information for the client, shared user, language and

password.

8. Click on the floppy icon to save.

Do the same procedure for all the services mentioned above. Maintain

same user details in all the services and the user should be of type

communication user.

PS: The shared user should also be assigned the following roles:-

SAP_GRAC_ACCESS_REQUESTER and SAP_GRAC_END_USER

Regards,

Amit

Show replies
Show replies
Former Member
‎08-14-2013 1:49 PM
0 Kudos

Thank you for the responses. I have done the suggestions above but they did not work. I doubled checked and the services were maintained. And I added the LDAP Parameter mapping in spro.

Answers (2)

Answers (2)

Former Member
‎09-05-2013 3:04 PM
0 Kudos

It turned out our LDAP setup stopped working because we did a system copy. So we implemented

snote 816861 and that fixed our issue.

Show replies
Show replies
Former Member
‎08-07-2013 5:08 AM
0 Kudos

Hi Algayer,

Please check that the Parameter "End User Verification" under Maintain Datasource Configuration in SPRO is "YES".

Try maintaining the following settings-

1. Please go to IMG Node:Governance, Risk and Compliance -> Access
Control -> Maintain Mapping for Actions and Connector Groups.

2. Select on "Assign default connector to connector group"

3. Choose the required LDAP target connector with Action as 4,
andselect "Assign group parameter mapping"

4. Enter a new mapping:
     Parameter: LDAP_END_USER_AUTH_SUFFIX
     value: <your AD login suffix> (ex. @emea.corpdir.net )
   Note: With suffix will be used for login into LDAP, ex.
"myUser@emea.corpdir.net" with above example.

5. Save the settings

Please also review the sap note-1776100.

Best Regards,

Nandita

Show replies
Show replies
Ask a Question