Financial Management Blogs by Members
Dive into a treasure trove of SAP financial management wisdom shared by a vibrant community of bloggers. Submit a blog post of your own to share knowledge.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Disclosure Management SAML Issue Troubleshooting Points

former_member216172
Explorer
‎10-30-2019 2:56 AM
Introduction:

SAP Disclosure Management SAML Issue troubleshooting approach for SSO/SAML2.0 Configuration across EP+BPC+DM.

Points to consider during troubleshooting:

  1. Being DM a .NET based Application, any changes to .Net versions with regards to MS Windows monthly patching needs to be re-visited & impact assessment to be done beforehand unless otherwise it is SAP Supported. Impact with Elevation of Privilege with regards to .Net version for DM needs to be reviewed in MS Patching sheet before every monthly to see if there is any impact.

  2. Always ensure SAML Authentication is set to “Yes” in web.config file for access to DM via web.

  3. NTP Time Synchronization is up-to-date and successful across all the servers & SAP Systems (commands to verify as an administrator user - w32tm /resync , w32tm /query /source, w32tm /query /peers). For Linux HANA DB Servers check & update time using yast & date commands.

  4. All relevant certificates must be updated across all the servers & SAP systems (check in mmc snap-in OS level & sap system STRUST t-code).

  5. Try both Yes and No options in “Administration -> System Configuration -> Misc -> Enable "SOAP SSL Certificate" & test the scenarios in-case any SAML issue is getting reported.

  6. Bi-directional Ports (443,447,2605) access between web and DM app-tier is mandatory for any DM operations (nslookup & ping test required).

  7. DM Add-ins, DM Client, MS Office & Browser needs to be compliant with DM App Server version always and mandatory for any DM specific operations including checks in regedit if required.

  8. Always triple-check DM configurations should and must be maintained using Fully Qualified Domain Name , duly re-visit all the host entries in /etc/hosts file.

  9. In DM App Server , IIS Application Pools -> SAP Disclosure Management -> Process Model-> Application Pool Identity account needs to be checked and updated if there is any password change.

  10. Any issues to investigate config20.xml, web.config, bipprotokol.txt, cundus*, winevt logs & payload BW trace files are the first & foremost thing required for any further troubleshooting. This is in addition to the App Server, Trace & Debug Logs generated by default for DM.

  11. For any issues reported always re-test the scenarios first from Web Dispatcher and DM local/server-side to ensure it’s not a front-end issue.


Conclusion

Above Troubleshooting points can be considered while working on SAP Disclosure Management SAML Issues.
Popular Blog Posts