on 12-09-2009 8:50 AM
Hi,
In present system landscape we have DB instance and two dialog instance on HP-UX (Oracle 10 g) on seperate servers.
We are in process of migration so that DB & CI will run on HP-UX(on one server) and DI will be on Linux (2 seperate servers).
We want to restrict the users to access the CI and planned to use it for only BASIS activites.
Please suggest the solution so that only BASIS users can acees the CI and rest are not.
Thanks & Regards,
Rajesh
The usual way will be this:
In transaction SMLG configure public logon group, including DI, excluding CI. Make sure users will use this logon group, for example by providing them an icon on their desktop.
This will not be foolproof though, in case your users have permission to configure their computer, and connect to CI directly.
hope this helps
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
you will find a few answers at http://sap.ittoolbox.com/groups/technical-functional/sap-basis/how-to-restrict-users-to-access-centr...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
A less eloquent method(but relatively simple one) would be to use a firewall which is a sure way to allow only your Basis people access to the system. As already mentioned users can connect directly to the CI without using a login group, a firewall would prevent this.
--
Nelis
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
We are in process of migration so that DB & CI will run on HP-UX(on one server) and DI will be on Linux (2 seperate servers)
Do you need to a migration ? Is not the DB/CI already on the HPUX server.
Surely all you need to do is create Dialog instances on the 2 Linux servers...
How you bridging the Heterogeneous environment ? SAMBA ? or somthing else..
As previously said you need to configure logon load balancing in SMLG and then configure all
the users SAP Gui's....to pick up the new logon groups which would be only setup for the 2 new Dilog instances
http://help.sap.com/saphelp_nw70/helpdata/en/c4/3a64b4505211d189550000e829fbbd/content.htm
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.