Symptom
- When a user from outside the default AD forest attempts to login to CCM>Manage Servers as DOMAIN\username they get the following error: "Internal error"
-
The same user receives the following error in the WEBI Rich Client: Logon failure due to an internal error.
-
The same user receives the following error in the Universe Designer: Your login ID is not valid.
[repo_proxy 13] SessionFacade::openSessionLogon with user info has failed(Internal error.(hr=#0x80042a01)
Note: Users from the default domain or default forest are successfully able to login to CCM>Manage Servers and all the other client tools.
Wireshark capture on the CMS box while a user from remote forest attempts to login to CCM>Manage Servers shows the following error:
2510 32.887111 10.97.34.82 10.97.54.243 KRB5 KRB Error: KRB5KDC_ERR_POLICY NT Status: Unknown error code 0xc0000413
MSG Type: KRB-ERROR (30); error_code: KRB5KDC_ERR_POLICY (12)
CMS trace shows the following:
2011/10/13 22:20:37.140|==| | |12200| 700| |||||||||||||||WinAD: AcceptKerbLogin returned DENIED
2011/10/13 22:20:37.140|==| | |12200| 700| |||||||||||||||WinAD: AcceptKerbLogin failed: 3
2011/10/13 22:20:37.140|==| | |12200| 700| |||||||||||||||WinAD: AcceptKerbLogin() failed with code 3
Read more...
Environment
SAP Business Objects Enterprise XI 3.1
Multiple Active Directory Forests
Product
Keywords
Internal error ccm manage servers windows ad , KBA , BI-BIP-AUT , Authentication, ActiveDirectory, LDAP, SSO, Vintela , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.