on 09-09-2014 10:32 PM
Hi SAP Gurus,
We recently changed the password of the user j2ee_admin in our dual stack system where our UME is ABAP.
Now, we have made changes in the su01 and configtool but after the system restart, the user id j2ee_admin is getting intermittently locked.
On starting the the JSPM/SDM, we found it still uses the old password so wanted to know that from where does the user SDM picks up the password and starts.
Searched few blogs and found that it reads from secstore of configtool. Could you please help.
Regards,
Himanshu
Hi Himanshu,
Password for SDM is stored in secure storage if the parameter
sdm/password is maintained in secure storage.If this parameter is not maintained then it uses the password of j2ee_admin/administrator from the parameter maintained in admin/password/<SID>.
If the parameter sdm/password is not maintained then you need to maintain the same password for j2ee_admin user present in secure storage while reseting the SDM password.
Then take a restart of Java system and continue with the password.
follow the sapnote
1910179 - How to change password of SDM
With Regards
Ashutosh Chaturvedi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Ashu.
My question now is i want to check whether the password of j2ee_admin which we updated is updated correctly or not. In order to check this, i thought of starting SDM using new password but still it is taking the previous password. Since, SDM password should mathc in secore store,this got me confused.
Could you please help.
Regards,
Himanshu
Yes i can see the below entry in secstore.properties file:-
sdm/password=kB9szqC6Q/12EJ3fkrkmZmhR1i5TmjSYIsnx4xqvzwh0Ik4im6LmVw\=\=
$internal/mode=encrypted
What does that mean?
Does that mean if i am starting SDM using old password then the password maintained in secstore is the still the old one and not the new one?
Regards,
Himanshu
Thanks Roman. Now the issue is that user j2ee_admin is getting locked intermittently after we updated the new password in our UME(ABAP) and secstore(configtool) and the system log(SM21) says:-
DIA 013 001 J2EE_ADMIN SESS US 1 User J2EE_ADMIN locked due to incorrect logon
Any help on this?
Regards,
Himanshu
Try with audit logs and lock time from su01 you can get last changed time.
Filtering can get you more details on it.
If you have changed the password of the J2EE_ADMIN then you should update that in the securestore of Configtool and restart the J2EE stack.
When you start JSPM it asks for the SDM password and not the J2EE_ADMIN user password.
Regards
RB
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes correct RB.
Done what you have mentioned. Now the issue is the password of SDM. It take s the old one not the new one. As per my understanding it should take the new one as the secure storage is updated with the new password.Could you please help me with the concept of user SDM and its password repository.
Regards,
Himanshu
Hi Himanshu,
SDM uses encrypted administrator credentials stored which are stored secure store to use deploy service.
If you have changed the password, updated in secure store and is correct, the you should be able to logon to VA.
If not, then
Goto /usr/sap/SID/DVEMBGSXX/SDM/program/config and open sdmrepository.sdc file to see the values of SecStore.properties and SecStore.Key are pointing to correct path. You can verify this from configtool or config.properties in configtool folder.
If you are not able to save this password in configtool, then refer 1228507 - Config Tool does not properly save password in Secure Store
Regards,
Divyanshu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Divyanshu for the reply.
After changing the password for j2ee_admin in secstore(config tool) and restart of system, I am able to open VA in my system. My issue is that user j2ee_admin is getting locked intermittentlyin 001 client for which we checked all the RFC's and sld, but nowhere j2ee_admin is mentioned.
Also, when i tried to open SDM i could not open it with the new password. It opened with the old password,so thus got confused whether the password got updated in secstore properly or not.
Please help.
Regards,
Himanshu
Hi Himanshu,
What is have said above is for administrator/j2ee_admin user not sdm gui user.
You open SDM with it own password however it uses j2ee_admin or administrator for the deploy service. If j2ee_admin password in not updated you get errors during deployment.
However, if you have problem with SDM user itself, you can reset the password using below process
Reset SDM Password in Unix and Windows Environment - Portal - SCN Wiki
Also, you don't need to restart j2ee engine after updating the password in configtool.
Refer 701654 - Deployment aborts due to wrong J2EE Engine login information
Regards
User | Count |
---|---|
83 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.