Hi All,
Went through the docs + forums & even in the midst of OSS support but without any luck. Any insight will be much appreciated.
As per topic attempting to make use of SAP SNC with SLL without SSO. SAP ABAP on Unix & Active directory on Windows. Below config
Setspn command
setspn -S SAP/LDOWNIHRSADM DOMAINCONTROLLER\LDOWNIHRSADM
Registering ServicePrincipalNames for CN=LDOWNIHRSADM,CN=Users,DC=TST,DC=DOMAIN,DC=COM
SAP/LDOWNIHRSADM
Updated object
snc status -v
------------------------------------------------------------------------------
------------ status -------------------------------------------------------
------------------------------------------------------------------------------
Product version : Secure Login Library 1.0 SP 4 Patch 3
: CryptoLib 8.3.7.12
: aix-6.1-ppc-64
GSS library : available
GSS library name : libsecgss.so
PSE directory : (existing) /usr/sap/SM1/DVEBMGS00/sec
PSE file : (existing) /usr/sap/SM1/DVEBMGS00/sec/pse.zip
STRUST cred file : (missing ) /usr/sap/SM1/DVEBMGS00/sec/cred_v2
SNC config file : (existing) /usr/sap/SM1/DVEBMGS00/SLL/gss.xml
PSE accessible : yes
PSE logged in : yes
PSE credentials : MasterPassword SystemDefault
Kerberos keyTab : 4 entries
1: LDOWNIHRSADM@TST.DOMAIN.COM (KeyType DES)
2: LDOWNIHRSADM@TST.DOMAIN.COM (KeyType AES128)
3: LDOWNIHRSADM@TST.DOMAIN.COM (KeyType AES256)
4: LDOWNIHRSADM@TST.DOMAIN.COM (KeyType RC4)
------------------------------------------------------------------------------
SNC keys registered : 0 entries
Trusted certificates:
log from dev_w0
N SncInit(): Initializing Secure Network Communication (SNC)
N IBM RS/6000 with AIX (st,ascii,SAP_UC/size_t/void* = 16/64/64)
N UserId="sm1adm" (5180), envvar USER="sm1adm"
N SncInit(): found snc/data_protection/max=3, using 3 (Privacy Level)
N SncInit(): found snc/data_protection/min=1, using 1 (Authentication Level)
N SncInit(): found snc/data_protection/use=1, using 1 (Authentication Level)
N SncInit(): found snc/gssapi_lib=/usr/sap/SM1/DVEBMGS00/SLL/libsecgss.so
N File "/usr/sap/SM1/DVEBMGS00/SLL/libsecgss.so" dynamically loaded as GSS-API v2 library.
N The internal Adapter for the loaded GSS-API mechanism identifies as:
N Internal SNC-Adapter (Rev 1.0) to SAP Netweaver Single Sign-On v1.x
N SncInit(): found snc/identity/as=p:CN=LDOWNIHRSADM@TST.DOMAIN.COM
N
N Thu Apr 17 10:52:21 2014
N SncInit(): Accepting Credentials available, lifetime=Indefinite
N SncInit(): Initiating Credentials available, lifetime=Indefinite
M ***LOG R1Q=> p:CN=LDOWNIHRSADM@TST.DOMAIN.COM [thxxsnc.c 265]
M SNC (Secure Network Communication) enabled
Instance Profile for SNC
snc/permit_insecure_start = 1
snc/data_protection/use = 1
snc/data_protection/max = 3
snc/data_protection/min = 1
snc/accept_insecure_r3int_rfc = 1
snc/accept_insecure_gui = 1
snc/accept_insecure_rfc = 1
snc/accept_insecure_cpic = 1
snc/enable = 1
snc/gssapi_lib = /usr/sap/SM1/DVEBMGS00/SLL/libsecgss.so
snc/identity/as = p:CN=LDOWNIHRSADM@TST.DOMAIN.COM
ssf/ssfapi_lib = $(ssl/ssl_lib)
sec/libsapsecu = $(ssl/ssl_lib)
SAP Logon Entry
Error when logging on.
If you have read this far thanks!
- SAP Managed Tags:
Accepted Solutions (0)
Answers (2)
Hi Alexander Gimbel,
I'm on SAP Logon 730. Will look at SLL library as you mentioned. Thanks
| User | Count |
|---|---|
| 93 | |
| 10 | |
| 10 | |
| 9 | |
| 9 | |
| 7 | |
| 6 | |
| 5 | |
| 5 | |
| 4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.