1995864 - Cannot connect to Universe using Windows AD from Lumira desktop

SAP Knowledge Base Article - Public

1995864 - Cannot connect to Universe using Windows AD from Lumira desktop

Symptom

 

While attempting to import a dataset from a Universe, using WinAD authentication, the following error is seen:

Could not connect to Central Management Server (CMS).
Active Directory Authentication failed to log you on. Please contact
your system administrator to make sure you are a member of a valid
mapped group and try again. If you are not a member of the default
domain, enter your user name as UserName@DNS_DomainName, and then try
again. (FWM 00006)

Cause

Connectivity to the Universe published to a XI3.x or BI4.x platform requires configuration on the client side.

Resolution

  1. Open the C:\Program Files\SAPLumira\Desktop\SAPLumira.ini file for editing.
  2. Configure the the following two parameters:

    For Unv 4.x:

-Djava.security.auth.login.config=C:\windows\bscLogin.conf

-Djava.security.krb5.conf=C:\windows\krb5.ini

For Unv 3.x:

-Djava.security.auth.login.config=C:\WINNT\bscLogin.conf

-Djava.security.krb5.conf=C:\WINNT\krb5.ini

  1. Copy the bscLogin.conf and krb5.ini from the Platform Server on which Kerberos is configured to the client machine path specified above.
  2. Created registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters\allowtgtsessionkey=0x00000001
  3. If Windows user is a local Administrator then start SAP Lumira by right-clicking and choosing Run as Administrator.

Keywords

Lumira, WINAD, WinAD , KBA , BI-LUM-DIS , Lumira Desktop/Discovery , BI-LUM-SRV-BIP , SAP Lumira Server for BI Platform , Problem

Product

SAP Lumira, desktop edition 1.0