on 08-06-2013 4:13 PM
GRC 10 Sp10
When we access the End User logon page. I can type any random username and password and it logs in. We are authenticating against LDAP.
I can type user name - askdjakA and Password - sknadld and it works.
We implemented note# 1775107 which did not fix the issue.
Thank you for the help
Maintain logon information for following services in SICF:
1.)GRAC_OIF_MY_PROFILE_EU
2.)GRAC_GAF_NAME_CHANGE_SERV_EU
3.)GRAC_POWL_REQUEST_STATUS_EU
4.)GRAC_GAF_PWD_SELFSERVICE_EU
5.)GRAC_OIF_USER_REGISTER_EU
6.)GRAC_GAF_ACCREQ_WITH_REQREF_EU
7.)GRAC_OIF_REQUEST_SUBMISSION_EU
8.)GRAC_GAF_ACCREQ_WITH_TEMPL_EU
9.)GRAC_GAF_ACCREQ_WITH_USEREF_EU
10.)GRAC_UIBB_END_USER_LOGIN
To maintain the logon information, do the following:
1. Execute transaction SICF.
2. In the Service Name, enter the name of the service mentioned above.
3. Click the Execute button.
4. Under the Virtual Hosts / Services column you will see the service
selected service. Double click on this service name.
5. Click on the Logon Data tab.
6. Click on the Pencil icon to go to change mode.
7. Enter the information for the client, shared user, language and
password.
8. Click on the floppy icon to save.
Do the same procedure for all the services mentioned above. Maintain
same user details in all the services and the user should be of type
communication user.
PS: The shared user should also be assigned the following roles:-
SAP_GRAC_ACCESS_REQUESTER and SAP_GRAC_END_USER
Regards,
Amit
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
It turned out our LDAP setup stopped working because we did a system copy. So we implemented
snote 816861 and that fixed our issue.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Algayer,
Please check that the Parameter "End User Verification" under Maintain Datasource Configuration in SPRO is "YES".
Try maintaining the following settings-
1. Please go to IMG Node:Governance, Risk and Compliance -> Access
Control -> Maintain Mapping for Actions and Connector Groups.
2. Select on "Assign default connector to connector group"
3. Choose the required LDAP target connector with Action as 4,
andselect "Assign group parameter mapping"
4. Enter a new mapping:
Parameter: LDAP_END_USER_AUTH_SUFFIX
value: <your AD login suffix> (ex. @emea.corpdir.net )
Note: With suffix will be used for login into LDAP, ex.
"myUser@emea.corpdir.net" with above example.
5. Save the settings
Please also review the sap note-1776100.
Best Regards,
Nandita
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.