on 05-04-2014 11:48 AM
We are getting the Yellow (Warning ) Status in EWA and wanted to green ,,,As we can,t take risk with production , we wanted to apply the soluion plz reply the exact solution to remove the warning.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
The parameter GW/REG_NO_CONN_INFO controls the activation of certain security properties of the SAP gateway. It is defined as a bit mask with one bit per property.
SAP Note 1298433 “Bypassing security in reginfo & secinfo” is not activated in your system. The bit mask value for bit 1 is not set.
Recommendation: Enable the missing property by adding the bitmask value to the current value of GW/REG_NO_CONN_INFO. For more information about GW/REG_NO_CONN_INFO, see SAP Note 1444282.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Regards,
Rableen
Dear All,
Please provide some solution so that i can give full points.
RK
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi RK,
Gateway security can be activated by setting the paramter gw/acl_mode =1 and GW/REG_NO_CONN_INFO. If you activate the gateway security features, you need you have a registered program id information in the reginfo (gw/reg_info) and secinfo (gw/sec_info) file. If you are not sure about the program id, you can make use of the simulation mode at gateway i.e ge/sim_mode =1 this will log all the connection entries in the log file gw/logging.
to activate message server security refer below link,
Regards,
Shanthosh
Dear Santhosh,
We have already set parameter gw/acl_mode =1 and set GW/REG_NO_CONN_INFO =2 but still we are getting the
yellow rating , but our management is asking to make
green, now i am struggling to make it green, please help me to make it green.
Regards,
Rk
Dear Gagan,
if possible please send the reginfo/secinfo files you mention to rableenkhurana@gmail.com ,,,,
I have not set any of reg file and sec file may be thats y it is coming yellow ...
RK
Hello Rableen,
The SAP notes 1629598 and 1636252 have the documentation on the syntax and format of the reginfo/secinfo files.
Here are some general tips about them:
A general reginfo rule definition would be (note that I had to break the rule for it to be more easily understood):
P TP=<program name>
HOST=<comma separated list of hosts that can register the program>
ACCESS=<comma separated list of hosts that can communicate with the program>
CANCEL=<comma separated list of hosts that can cancel this registration>
Usually, ACCESS is a list with at least all SAP servers from this SAP system. This can be
replaced by the keyword "internal".
CANCEL is usually a list with all SAP servers from this system (or the keyword "internal"), and
also the same servers as in HOSTS (as you must allow the program to de-register itself).
A general secinfo rule definition would be (note that I had to break the rule for it to be more easily understood):
P USER=<comma separated list of users allowed to start the program>
USER-HOST=<comma separated list of hosts from where the users can trigger the program>
HOST=<comma separated list of hosts where the program can be started>
TP=<program name>
Regarding the parameter gw/reg_no_conn_info, please refer to the following WIKI page:
http://wiki.sdn.sap.com/wiki/x/jw1dDw
I hope this information helps.
Cheers,
Isaias
Hi,
Please reply any solution.
RK
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello
Just process as stated in note 1444282 - gw/reg_no_conn_info settings
Set a value for parameter gw/reg_no_conn_info to activate Gateway security options.
You can check the here under wiki for more information
Regards
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.