SAP Knowledge Base Article - Preview

3312483 - Diagnostics Agent Connection Error "Root exception is java.lang.securityException: User 'Guest' is not authorized." - SAP Solution Manager 7.2


You have upgraded your SAP Solution Manager 7.2 or you implemented the SAP Security Note 3268093 - [CVE-2023-0017] "Improper access control in SAP NetWeaver AS for Java".

  • When you try to register the Diagnostics Agent to SAP Solution Manager by running the SMDSetup script: 

    "./ managingconf hostname:"sapms://<>" port:"<81xx>" 

    The Script (Registration process) is ending up on the following error :

java.lang.IllegalArgumentException: SAPInst parameter 'user' is empty.


  • The Diagnostics Agent you try to connect also does not appear in the "Non-authenticated Agent" tab of the Agent Administration and you notice the below error in the SMDSystem.log:

javax.naming.NamingException: Exception while trying to get InitialContext. [Root exception is java.lang.SecurityException: User 'Guest' is not authorized.]


  • Already trusted agents, i.e., the agents in the Connected Agents tab seems not affected, because they use certificate-based authentication.
  • Same problem occurs when re-connecting an agent from another SAP Solution Manager.



  • SAP Solution Manager 7.2
  • SAP Netweaver Application Server 7.50 SP25 (or lower versions where SAP Note 3268093 has been implemented)
  • LM-SERVICE 14.11 or higher has been applied
  • DAA versions 11.22, 14.11 or 14.15 are being used for new installations


SAP Solution Manager 7.2


JNDI, NamingException, Non-authenticated, CVE-2023-0017, smdsetup, Diagnostics Agent User 'Guest' error. , KBA , SV-SMG-DIA-SRV-AGT , Agent Framework , SV-SMG-INS-AGT , Installation of Solution Manager Diagnostics Agent , Known Error

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.