Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization Required for RFC user in R/3-APO system.

Former Member

‎04-30-2010 10:44 AM

0 Kudos

Could you please help regarding one authorization issue. I want to know the authorization required for one RFC user. Now this RFC user used for RFC connection of SAP R/3 - SAP APO system. user type is given dialog type and SAP_ALL profile has been given to this user id. Now I have to remove SAP_ALL from this user id in R/3 and APO system and provide the required the authorization in R/3 and APO system.

Regard

Auroshikha

6 REPLIES 6

Former Member

‎04-30-2010 11:23 AM

0 Kudos

The RFC authorisation depends completely on what the user is doing (ALEREMOTE?). We can't tell you what RFC auths your connection requires.

There is a guide to doing this here: https://wiki.sdn.sap.com/wiki/display/Security/BestPractice-HowtoanalyzeandsecureRFC+connections

Former Member
In response to Former Member

‎04-30-2010 12:24 PM

0 Kudos

I have tried to take the system trace for that user id but did not find any thing. How shall I know about the activity of the user.

Edited by: Auroshikha Pattanayak on Apr 30, 2010 1:42 PM

Former Member
In response to Former Member

‎04-30-2010 12:57 PM

0 Kudos

You need to speak to your APO team to find out what the user does so you can design an appropriate auth schema.

One thing you could do is switch on the audit log & get it monitoring your APO user over a period of 5-10 days. You can pull out important events like RFC start from there.

Former Member
In response to Former Member

‎04-30-2010 1:46 PM

0 Kudos

Hi,

In the audit log i have checked and this user id executing some programs and reports.... and there is one SAP note 727839 regarding this authorization issue...if you have some idea how to approach then let me know.....

Former Member
In response to Former Member

‎04-30-2010 2:46 PM

0 Kudos

Hi

As I said before, speak to your APO team. The audit log will contain some of the info you need (function groups for your S_RFC auths and programs that you can examine to see what auths are checked in those processes). Your APO team will tell you what functionality is accessed and you can use that info to start identifying the relevant functional auth objects.

Former Member
In response to Former Member

‎05-01-2010 10:15 AM

0 Kudos

S_RFCACL is to be used for RFC user