cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Cannot login into Visual Admin...Please guide

Go to solution
Former Member

on ‎12-31-2007 1:10 PM

0 Kudos

Hello All,

I am not able to login into Visual Administrator.

Version = NW04s SP9

Exception message = Error while connecting com.sap.services.security.exceptions.BaseLoginException ; Access Denied

Tried the below options but in vain:

1. Reset of 'administrator' user-account.

2. Followed all the steps as mentioned in SAP Note - 957355

3. Followed the steps as mentioned in this link -> http://help.sap.com/saphelp_nw04/helpdata/en/99/281540bf1af72ee10000000a1550b0/frameset.htm

Please guide me as to how can I resolve this issue.

I was attempting to setup the Kerberos configuration..and since then this issue arose.

Awaiting Reply.

Thanks and Warm Regards,

Ritu

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

cathal_ohare
Employee
Employee
‎07-13-2011 2:27 PM
0 Kudos

Hi All,

If you started getting this error after configuring some sort of SSO, then it is most likly that you have altered the authentication stack for the visual administrator buy mistake (as it can't use sso, login to it will fail). To fix this you need to follow the solution on note 957355, which sets the stack back to the basic password module.

Kind regards,

Cathal

Show replies
Show replies

Answers (2)

Answers (2)

Former Member
‎02-22-2008 4:29 PM
0 Kudos

Hi,

Have you resolved this problem? I am getting the same error. I can login to Portal with Administrator user, but can't login to VA.

I have successfully configured SPNego with Active Directory as UME Datasource.

I have opened an OSS message with SAP as well.

Regards

Chandu

Show replies
Show replies
Former Member
‎03-04-2008 3:58 PM
0 Kudos

Hi All,

did you have any solution for this problem? I have the same problem as well. We have never done any kind of spnego or other certification checks.

I can logon to webbased things with the Administrator account, but cannot logon to Visual Admin.

The whole problem emerged from SMD installation. The wizard reported a problem with when tried to login to the target system with the Administrator account to the P4 port. So I checked if I can logon with the Administrator account. I could to e.g. SystemInfo page or e.g. NWA. But I could not logon to Visual Admin.

Cheers

Former Member
‎03-04-2008 4:50 PM
0 Kudos

I could solve this problem by simply restarting the cluster.

Hope this helps

Former Member
‎07-12-2011 4:51 PM
0 Kudos

I had the same problem, couldn't login. After a restart, worked fine again.

Former Member
‎12-31-2007 1:25 PM
0 Kudos

Hi Ritu

I see you already have taken the correct steps, so i cannot give you a quick solution.

1. Do you have a java-only system, or is it dualstack (abap + j2ee)?

2. Where are your users stored (abap ume, java db, ldap)?

3. Did you use spnego for the kerberos configuration?

Can you please check, if you can logon to the j2ee in your browser. For example to http://<yourhost>:<http_port>/nwa

Please try your adminstrator and if you have another user with admin rights.

Best regards, Michael

Show replies
Show replies
Former Member
‎01-02-2008 4:12 AM
0 Kudos

Hello Michael,

Wish you a very Happy New Year

Regarding your queries:

1. Do you have a java-only system, or is it dualstack (abap + j2ee)?

--> Portal us running on Java stack only.

2. Where are your users stored (abap ume, java db, ldap)?

--> UME is connected with LDAP...(MS ADS)

3. Did you use spnego for the kerberos configuration?

---> Yes we did configure SPNego but it did not work.

So to confirm the configurations done (especially kerberos Login Module) I wanted to access Visual Admin

I am able to login into Portal + NWA using the administrator useraccount.

Please guide....

Warm Regards,

Ritu

Former Member
‎01-02-2008 12:00 PM
0 Kudos

Hi, Ritu,

Happy New Year!

I saw that in the help page you have followed it is not said that you need to restart the engine after changing administrator's password.

Anyway, I think you need to restart after the new password is stored.

Galya

Former Member
‎01-03-2008 8:52 AM
0 Kudos

Hi Ritu

Wish you a very Happy New Year

--> Thanks, i wish you the same

Sorry for the large post, i am guessing a bit here.

First, you can check your login module in the configtool:

which login stack is used?

Buttton "switch to configuration editor mode" -> configurations -> cluster_data -> server -> persistent -> com.sap.security.core.ume.service -> authschemes.xml

There is an entry called default, pointing to an authscheme, uippwdlogon in my example:

<authscheme-ref name="default">
     <authscheme>uidpwdlogon</authscheme>
  </authscheme-ref>

and uipwdlogon points to the login stack ticket:

<authscheme name="uidpwdlogon">
     <authentication-template>
        ticket
      </authentication-template>

To see the login stack, in my example ticket, go back to:

configurations -> security -> configurations -> ticket -> ...

Second, if you can logon to nwa/irj with your administrator then you should be able to logon to the visual admin tool as well ...

- unless you have a local administrator (stored in j2ee user db) and one stored in the MS ADS, this could be seen in irj -> User Administration (select all data sources)

- unless you did authenticate with another method than basic authentication (kerberos ticket?) to nwa/irj, this can be checked with the diagtool, see sap note 982127

- (any other i forgot)

Further things you can try:

- if you have another user with admin rights, try to login to the visual admin with this user

- disconnect the MS ADS temporarily and try to login then

- i think you also should open a OSS message to get input from SAP support

Just come back, if you need further clarifications.

Best regards, Michael

Ask a Question