Search This Blog

SBL-DAT-00577: There are no database credentials assigned for this user for the specified data source on the external authentication system.

Applies to:

Siebel System Software - Version: 7.5.3 [100] to 8.1.1 [21112] - Release: V7 to V8

Information in this document applies to any platform.

Symptoms

When attempting to create a new user within the Siebel application and with Active Directory (ADSI) authentication, users encounter the following error:

SBL-DAT-00576: The username you selected has been used. Please select another username.

The new user record is not saved although it does temporarily show on the User Administration screen until a refresh or query is done.

Cause

This behavior is the result of the PropagateChange parameter being set to TRUE for the security adapter, however, the application user does not have adequate rights to write to the external directory.  With PropagateChange set to true, the new user creation process will try to write to the external directory which will return an unable to create record type of message which the user interface is interpreting as a user already exists.

Solution

This behavior is caused by the PropagateChange parameter on your security adapter profile being set to TRUE in conjunction with the application user specified in that profile not having write permissions in the external directory. There are two approaches to resolve this error.

The first course of action is to give the application user specified in your security adapter profile adequate rights to write to the BaseDN and any other required levels in your external directory.  For information on how to perform this task, please refer to your Active Directory documentation or consult Microsoft Technical Support.

The second course of action would be to change Propagate Change parameter to FALSE.

1. Open an employee facing, high interactivity Siebel application such as Siebel Sales and login as a user with administrator rights.

2. Go to Site Map > Administration - System Configuration > Enterprises > Enterprise Profiles.

3. Query for the security adapter profile you are using which I believe is ADSISecAdpt in your case.

4. In the parameters section on the bottom of the screen, locate the PropagateChange parameter and set the value on restart to FALSE.

5. Stop and restart any application object managers / components using this security adapter profile. For simplicity sake, we suggest simply stopping and restarting the entire Siebel implementation.


Applies to:

Product Release: V8 (Enterprise)
Version: 8.0 [20405]
Database: Oracle 10.1.0.2
Application Server OS: Microsoft Windows 2003 Server
Database Server OS: Sun Solaris 9

This document was previously published as Siebel SR 38-3382852137.

Symptoms

Hello,

I am installing HTIM Partner Portal and as part of the installation/configuration LDAP installation and configuration is required in order for new part to self register with our system. I need your help with the installation and configuration of the ADSI piece.

Would it be possible that we could set up a web conference so that I can go over some of the issues and quesitons I have?

I am available all day today.

Thank you.

Solution

Message 1

For the benefit of other readers,


Customer was configuring Siebel ADSI Security Adapter version 8.0, and tried to use the “Shared DB Username” (SharedDBUsername) and “Shared DB Password” (SharedDBPassword) parameters under “ADSI Security Adapter” (ADSISecAdpt) profile. However, after setting these parameters, the error messages below were logged in Object Manager log file:

“SBL-SEC-10015: There are no database credentials assigned for this user for the specified data source on the external authentication system. This is most likely a configuration issue. Please contact your system administrator for assistance.”

“SBL-DAT-00577: There are no database credentials assigned for this user for the specified data source on the external authentication system. This is most likely a configuration issue. Please contact your system administrator for assistance.”

Above error messages are expected because ADSISecAdpt version 8.0 does not use SharedDBUsername and SharedDBPassword parameters. It will try to locate the shared database credentials in the attribute defined in parameter “Credentials Attribute Type”. This information is available in document Siebel Security Guide for version 8.0, chapter 6: Security Adapter Authentication, section Security Adapter Deployment Options, under Configuring the Shared Database Account > Storing the Database Credentials as Profile Parameters.

[Continue]

Message 2

[Continued]

In order to use SharedDBUsername and SharedDBPassword parameters, customer used Siebel LDAP Security Adapter (LDAPSecAdpt). This allowed the shared database credentials to be stored as profile parameters for LDAPSecAdpt, and authentication worked fine.

Change Request 12-1K0CWG9 has been logged as Product Enhancement Request to remove SharedDBPassword and SharedDBUsername parameters from ADSISecAdpt profile, or add a note stating that those parameters are not applicable for ADSISecAdpt.


Thank you,


Siebel Technical Support


Applies to:

Siebel CRM - Version: 7.7 [18026] BETA to 8.1.1 [21112] - Release: V7 to V8
Siebel System Software - Version: 7.7 [18026] BETA to 8.1.1 [21112] - Release: V7 to V8

Information in this document applies to any platform.

Symptoms

Customer is attempting to implement external security adapter (ADSI or LDAP) authentication with the standard LDAPSecAdpt or ADSISecAdpt in Siebel 8.0. The initial anonymous user login is failing on step 9 (clean up and database credential retrieval) with the following errors:

SBL-SEC-10015: There are no database credentials assigned for this user for the specified data source on the external authentication system. This is most likely a configuration issue. Please contact your system administrator for assistance.

SBL-DAT-00577: There are no database credentials assigned for this user for the specified data source on the external authentication system. This is most likely a configuration issue. Please contact your system administrator for assistance.

SBL-SVC-00208: Please login first.

This prevents the login page from loading and as a result no user is able to access this Siebel application.

Cause

The database credentials information held in the shared credentials user's credentialAttributeType field contained extra spaces before and after the = sign. As documented in the Security Guide, there should only be a space between the value or username and the start of the password section.

Incorrect:

username = LDAPUSER password = LDAPUSER

Correct:

username=LDAPUSER password=LDAPUSER

The correct format for this command is documented in the Siebel Bookshelf's Security Guide under the Security Adapter Authentication section.

Solution

To resolve this behavior you will need to go into your external LDAP or ADSI directory and modify the shared credentials user record so that the value in the field specified by the security adapter's CredentialAttributeType parameter matches the following format exactly (where USERNAME and PASSWORD are the correct values):

username=USERNAME password=PASSWORD

Specific instructions for doing this vary depending on the specific external directory you are using. Please refer to the appropriate vendor provided documentation.

Applies to:

Product Release: V7 (Enterprise)
Version: 7.7.2 [18325]
Database: Oracle 9.2.0.4
Application Server OS: Microsoft Windows 2003 Server
Database Server OS: Sun Solaris 8

This document was previously published as Siebel SR 38-2124123221.

Symptoms

SBL-DAT-00222, SBL-DAT-00577

Hi

We have successfully created an EBC pointing to another siebel database (from our DEV to our TEST environment), when we switch to using a view defined in another database we get a user login error. The user/password (SIEBEL/SIEBEL) is specified in the .cfg file and this user can be used to connect to the new datasource using TOAD.

In the log file it stated that "There are no database credentials assigned for this user", are there any explicit requirements on the user priviliges for the user in the external database?

Below it the .cfg file settings for the external datasource:
[GPMF]
Docked                   = TRUE
ConnectString            = KONUTV
TableOwner               = KONCERN
DLL                      = sscdo90.dll
SqlStyle                 = OracleCBO
MaxCachedCursors        = 16
MaxCachedDataSets        = 16
ReverseFillThreshold     = 100
CaseInsensitive          = FALSE
InsensitivityFactor      = 2
FileSystem               =
GatewayAddress           =
EnterpriseServer        =
CurrentSQLID             = Startup
MaxCursorSize            =
PrefetchSize             =
ChartServer              = localhost:8001
ChartImageFormat        = png
DSPassword         = SIEBEL
DSUserName         = SIEBEL


Below is an extract from the log file:
EventContext    EvtCtxView    3    0    2005-06-16 16:23:18    ITT GPMF List View

DBCLog    DBCLogError    1    0    2005-06-16 16:23:18    OCIStmtExecute: ALTER SESSION SET OPTIMIZER_MODE = FIRST_ROWS_10

ObjMgrLog    Error    1    0    2005-06-16 16:23:18    (oracon.cpp (3033)) SBL-DBC-00111: An error has occurred writing to a record.

Please continue or ask your systems administrator to check your application configuration if the problem persists.

ObjMgrLog    Error    1    0    2005-06-16 16:23:18    (oracon.cpp (2994)) SBL-DBC-00107: An Oracle database error has occurred.

Please continue or ask your systems administrator to check your application configuration if the problem persists.

ObjMgrLog    Error    1    0    2005-06-16 16:23:18    (oracon.cpp...

Solution

Message 1

For the benefit of other readers:

Customer was asked to increase the log levels and the following errors were logged into siebel.log file:
ObjMgrDBConnLog    Create    5    0    2005-06-17 10:53:21    DataBase Connection Object was created at 886b090; DB User: 'SIEBEL'

DBCLog    DBCLogError    1    0    2005-06-17 10:53:21    OCIStmtExecute: ALTER SESSION SET OPTIMIZER_MODE = FIRST_ROWS_10

ObjMgrLog    Error    1    0    2005-06-17 10:53:21    (oracon.cpp (3033)) SBL-DBC-00111: An error has occurred writing to a record.

Please continue or ask your systems administrator to check your application configuration if the problem persists.

SQLParseAndExecute    Execute    5    0    2005-06-17 10:53:21    ORA-00096: invalid value FIRST_ROWS_10 for parameter optimizer_mode, must be from among all_rows, first_rows, choose, rule


ObjMgrLog    Error    1    0    2005-06-17 10:53:21    (oracon.cpp (2994)) SBL-DBC-00107: An Oracle database error has occurred.

Based on the error that is logged, it appears that the database is not Oracle9i version but the SqlStyle parameter in the .cfg file is set to "OracleCBO". "OracleCBO" is available in Siebel version 7.7 which indicates the use of Oracle Cost Based Optimizer. Please change it to "Oracle" if you are not using Oracle9i for the external database.

Additional Keywords:
authentication error, external business component, login fails


No comments:

Post a Comment