cancel
Showing results for 
Search instead for 
Did you mean: 

SSO don't working between SAP CRM IC and ERP

Former Member
0 Kudos

Hi all,

I'm now configuring a connection between SAP CRM 7.0 IC Web UI and ERP 6.0 using transaction laucher.

Everything is working fine in the communication but, we need to fill the ERP logon on each transaction launcher. For avoid this scenario we go for the SSO configuration but after the configuration we cannot see any imporvements and the logon screen still present on each transaction launcher.

Things that we already done:

-Configure both systems in tcode SSO2 till getting all options green .

-Configure both systems in tcode STRUSTSSO2, fill the ACL and certificate lists for the used clients(100 in CRM and 200 in ERP)

-RZ10 parameters login/create_sso2_ticket=2 and login/accept_sso2_ticket = 1 in both systems

-We already test in both http and https services.

-The cookie mysapsso2 is created with success when we logon to CRM Web UI and with sap tools we can decrypt it with succes and check the data with success.

-The user credentials are the same in both systems.

After doing this we cannot surpass this problem. It is any problem with the transaction launcher?

Anyone already have this situation or have some tips about it?

Kind Regards,

Filipe

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
0 Kudos

Hi,

Sorry for the delay.

The thing missing in my configuration is about a external alias on SICF in my ERP system, which don't have the properly logon procedures maintained and the logon procedure is configured as default.

After this change the SSO is working properly.

Thanks for your guidance.

Filipe

0 Kudos

Hi Filipe,

how do you can solve it?Which is the correct logon procedures on SICF in ERP?

Regards.

Former Member
0 Kudos

Hello Filipe,

Please check the below information at your end.

1>Does SSO2 tests show accepted certificates?

2>verify the certificates in STRUSTSSO2 in the ECC system

3>Go to your Internet Explorer, tools->internet options-> security ->Custom level-> goto User authentication

Select the "automatic logon with current user name & password"

4>Check for fully qualified domain name in the ITS Server

Please also have a look at SAP note :

https://service.sap.com/sap/support/notes/654982

(URL requirements due toInternet standards), point 2.

https://service.sap.com/sap/support/notes/1055856

https://service.sap.com/sap/support/notes/1257108

Regards,

Reshma Rao

Former Member
0 Kudos

Hello Filipe,

Check for two things

1. The transaction launcher uses a generic user to launch the ECC transaction (like RFCUSER this is available in both systems with same id and password)

2. The user needs to exist in both systems as well (preferable same ID and password)

Regards

Raj