2024 Aug 05 10:30 AM - edited 2024 Aug 05 10:32 AM
Since the 4.2 version, we have been using a JAVA program with which we automatically assign the sap aliases from the BW roles to the appropriate WinAD user by querying the e-mail address.
apparently, something has been changed in the API or in the authorisations with the BI 4.3 version, which means that the SAP aliases are not assigned correctly.
The AddSapAlias job checks whether there are BW users without a WinAD account and then assigns them to the WinAD account via the e-mail comparison. So far so good.
The job is also carried out, but the BW account is not fully assigned and remains as an independent secSAPR3 user.
I also noticed that the SAP roles via whose sync the SAP account is imported are not assigned to the WinAD account. This means that the users do not have their authorisations from the BW roles when they access the BW system via OLAP.
If I assign the SAP aliases manually in the CMC, it works as usual. As a result, additional licences are consumed by the remaining secSAPR3 users. The programme runs via the SIA user account, with full rights on the Windows server.
Why are the BW roles suddenly no longer assigned to the WinAD account in BI4.3? Which authorisations may have changed so that the alias assignment is not complete?
Does anyone know the problem and have a solution?
Many thanks for your support.
Starting with patch 6, there are many changes in the JAR files, especially in the cryptographic libraries (sapjce.jar).
Therefore, check that you are using the correct JAR files with your Java program.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
81 | |
11 | |
10 | |
10 | |
10 | |
8 | |
7 | |
7 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.