SecurID® Governance & Lifecycle Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID Governance & Lifecycle experts.
Article Number
000036217
Applies To
RSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.0.2
RSA Version/Condition: 7.0.2
Issue
Users receive the following error when logging into SAP accounts created by the RSA Identity Governance & Lifecycle SAP AFX Connector and are unable to login:
Image description
Image description
Image description
Image description
Name or password is incorrect (repeat logon)
Example:
- On the Create an Account tab of the SAP AFX connector, the SAP account to be created is configured with a default password.
Image description- The SAP account is created using the SAP AFX Test Connector Capabilities.
Image description- Note the account was successfully created.
Image description- The SAP user attempts to login to the new SAP account using the SAP account credentials (default password) specified by the SAP AFX connector. Despite using the correct password, the user gets the following error:
Name or password is incorrect (repeat logon)
Image descriptionCause
The Create an Account capability of the SAP AFX connector does not generate a working password to log in to SAP because the password is not decrypted before executing Create an Account.
This is a known issue reported in engineering ticket ACM-79568.
This is a known issue reported in engineering ticket ACM-79568.
Resolution
This issue is resolved in the following RSA Identity Governance & Lifecycle patches:
- RSA Identity Governance & Lifecycle 7.0.2 P05
- RSA Identity Governance & Lifecycle 7.1.0
Workaround
The steps below can be used as a workaround for the SAP AFX Connector to generate the decrypted password during SAP account creation:
- Export the SAP connector template and make a copy as a backup. To export,
- Navigate to AFX > Export.
- Select SAP from the Connector Templates
- Using the downloaded SAP Connector template zip, make the following changes:
- Unzip it.
- Navigate to <directory with the unzipped folder>/SAP/TRANSPORT_TYPE
- Open the SAP-transport.xml file and locate the string <field name="BAPIPWD" sapDesc="New password">.
- Modify its value as follows:
- The original field value for BAPIPWD on SAP-transport.xml is:
<structure name="PASSWORD"> <field name="BAPIPWD" sapDesc="New password">#[header:Password]</field> </structure>
- The new field value for BAPIPWD on SAP-transport.xml should be:
<structure name="PASSWORD"> <field name="BAPIPWD" sapDesc="New password">#[groovy:com.aveksa.AFX.server.runtime.esb.core.AfxPropertyMgr.getInstance().getPropertyValue(message, 'Password')]</field> </structure>
- Zip the <UnzippedFolder> again.
- Import it back into the system. To import,
- Navigate to AFX > Import.
- Choose the recently zipped file from your local folder.
- Create a new SAP connector. To create,
- Navigate to AFX > Connectors > Create Connector
- Execute the Create an Account command. To execute the command,
- Navigate to AFX > Connectors.
- Choose the newly created SAP connector > Capabilities tab > select Create an Account capability.
- Test by logging into the new SAP account just created using the credentials supplied by the SAP AFX connector.
You should be able to successfully log in and no longer receive the message that the name or password is incorrect.
In this article
