cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

WE21 Access Test

Go to solution
Former Member

on ‎04-23-2007 11:47 PM

0 Kudos

Hello all,

We are running transaction WE21 and trying to test under “outbound file” the Access Test to a physical directory. The directory we are testing is a mapped drive in windows to a network drive letter called “T:\”

The test shows successful on our DEV and QAS systems but not the newer PRD systems. The DEV and QAS systems are Windows 2000 Server. The PRD server is Windows 2003 Server. If I test a local drive letter the test is successful. However when I enter T: in the physical directory field to test I get a “File cannot be opened” message.

We also tried an ABAP program using the open dataset command with same results. In both cases the ABAP command issues an error as “No such file or directory”. All the permissions at the OS level are correct and set to Everyone Full Control. Also, I can browse to the network share just fine via the operating system level.

The main difference is that the DEV and QAS servers are Windows 2000 Server and the newer servers are Windows 2003 Server. Is there some sort of security permissions that are denying SAP access to a network drive letter? Thoughts?

Thank you,

Jason

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎04-24-2007 12:24 PM
0 Kudos

because a network drive letter is only visible in the same Windows Session where it was created in.

As the interactive desktop session of <sid>adm is a different one as the SAP Kernel is using (started under a Windows Service in a different session) he is not able to see the SAME network drive letter. (each session has it's own set of drive letters).

so now way to create a driveletter in an interactive session of <sid>adm and use it within the kernel (user SAPService<sid>

regards

Peter

Show replies
Show replies
Former Member
‎04-24-2007 4:06 PM
0 Kudos

Thank you for your input. This does seem to work if I map a drive on the server itself that the instance is running from but ONLY the Windows 2000 servers (Which are DEV and QAS) logged in as <sid>adm. This will not work on the Windows 2003 servers. Is there something different on Windows 2003?

Former Member
‎04-25-2007 7:43 AM
0 Kudos

for my oppinion it was a big security bug in Windows 2000 that this was working and I also did not understand why Microsoft did not eliminate it.

In Windows 2000 you are able to use a Network Driveletter created by a different user with an unknown authentication (sidadm was however authenticating, SAP Kernel runs under SAPServiceSID and is able to access the driveletter).

The only way to get around this is to use directly UNC pathes WITHOUT explicit authentication. Explicit authentication means running a command which allows you to authenicate with a different username/password at the other computer (like net use
unchost\share /u:domain\user password).

If your SAPServiceSID user is able to use implicit authentication you can use the uncpath based file access (
destinationcomputer\networkshare\more\directories\file_of_interest).

Implicit authentication is possible if the other computer is based in the same domain or in a trusted domain or if both computers are located in the same workgroup and SAPServiceSID exists on all computers in the workgroup with the same password).

regards

Peter

Answers (1)

Answers (1)

Former Member
‎04-24-2007 9:05 AM
0 Kudos

If your testing to a local drive letter is successful then there is problem with permission only. try to give access to <SID>adm user and check the result.

cheers,

-Sunil

Show replies
Show replies
Ask a Question