Symptom:
In Disclosure Management, when user trying to perform content refresh for any document for the BW , the following SAML prompt appears upon connect to BW asking for username password:
Technical Environment:
DM Version – SAP Disclosure Management 10.1 Stack 1202
OS/DB Version- Microsoft Windows 2012 R2/ MSSQL 2012 SP4
DM Application server .Net Version- 4.6.1055.0
SSO/SAML Configuration – Across EP+BPC+DM
Affected CVE/.Net Framework KB
**Only applies to customer who have patched recently the Microsoft windows environment and currently running .Net on 4.6.1 with “
Update for Microsoft Windows (KB4514364)” **
Cause:
Due to Security enhancement with regards to elevation of privilege in the .Net Framework patches from version 4.6.1 update which causes this issue. DM 1202 compliant client version is Microsoft .Net Framework 4.6.1 or above & even though this is a patch update to 4.6.1 version still customers may face this issue.
Hence, can be considered as a bug in “
Update for Microsoft Windows (KB4514364)” package.
Resolution:
In a nutshell, try to uninstall
“Update for Microsoft Windows( KB4514364)” from control panel if exists from DM Application Server & reboot the Application server or upgrade DM to Stack 1300 or higher to resolve the issue. If need to stay on Stack 1202 after patch removal for whatsoever reasons impact analysis needs to be performed for every .Net packages upgrade (if any) beforehand. In addition, Microsoft Patches for any monthly maintenance activity needs to be reviewed as well if there is any impact on .Net packages until further updates from SAP KBA’s /PAM & Microsoft .