Hi Kevin,

I already checked all that you told me and the same error. The only thing I didn't found is that of kerberos and DNS.

Is kind of wierd because I acan access the files from al11 but I can't from Windows using sapmnt.

If I try to import the profiles files from rz10 I'm receiving this error:

Instance profile
SPRODUCCION\sapmnt\PRD\SYS\profile\PRD_DVEBMGS02_sproducci

Could not be read. The import is therefore not possible.

Start profile
SPRODUCCION\sapmnt\PRD\SYS\profile\START_DVEBMGS02_sproduc

Could not be read. The import is therefore not possible.

Instance profile
SPRODUCCION\sapmnt\PRD\SYS\profile\PRD_DVEBMGS02_sproducci

Could not be read by file; Therefore could not be checked.

(Server = sproduccion1_PRD_02 )

Thanks,

Wadih

AL11 works but RZ10 doesn't, now that really confuses me. Because both transaction are accessing the files using the credential running the SAPPRD_02 NT service.

have you tried logging into the server as the user running the NT service and try accessing the share?

Hi Kevin,

I found the kerberos and DNS but nothing happened. Same error.

Wadih

I know, is a very weird error.

With a user named clustermanager, the one I believe you are telling me, I can access without any problem the files, also from sapmnt

I'm out of ideas, I don't know what else I can do.

Wadih

Is that a local user or a domain user?

A domain admin user.

Othe thing I believe is kind of weird is that the prdadm user can open some files of the profile directory like old versions of instance profile. All the files that has any kind of extension it can be opened by prdadm. But is that file doesn't has an extension, is where the problem occurs. All from Windows and sapmnt resource, because if you acces the file from the shared disk, prdadm can open all kind of files.

Did you try logging into the server where SAP is running with the domain user, then try to open the files using explorer?

Yes and I can.

Like I told you befores, the clustermanager user is a domain admin user and I dont have any problem with that user.

I believe the problem is with the user prdadm and not with the files. But I don't know why prdadm can open some files of the same directory and other don't. I have checked teh security settings of the 2 files and are the same, the only difference I have detected is that one has extension and the other one don't.

Sorry, I meant logging in as prdadm. Let's forget about the cluster for now and just talk about SAP. When I say domain user, I mean the user running the SAP service.

Have you checked to see if there are open handles on the file? Try using notepad, does it work?

Accessing from the shared disk without any problem, from sapmnt I cant.

Also I did the following test. I created a file named test the one I couldn't open. Afte rthat I rename it with test.1 and I was able to open it with any problem.

wow ... sorry man, never seen this before. Why would renaming a file lock it from access, man ... that sounds buggy. Maybe try posting this on msdn.com?

http://forums.msdn.microsoft.com/en-us/Forums

Thanks I would do that.

If later you have any more idea please tell me and I'll test it.

Thanks for your help,

Wadih

One question Kevin:

When I do a check profile from rz10, where I can find the file with that information because from SAP GUI I cannot see the full information.

Thanks!

Wadih

RZ10 when you import the profiles it reads it from the profile directory. This is set by your SID and drive where the instance is configured to run.

It then takes the start profile to determine where the instance profile is.

When RZ10 does a check, it checks the instance, default, and start profiles.

We solved the problem. One windows component was causing all the problems, the name of the component is: Internet Explorer Enhanced Security Configuration

You have to uninstall it and after that everything worked right.

Wow ... never ever seen that before, I've always thought that only controlled IE and not explorer...