Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

RFC Connection with Single-Sign-On

Dear colleagues,

is iit possible to create a RFC with SNC activated without registering the source system in table SNCSYSACL of the target system?

I do not understand what difference it makes whether I logon via SAPLogon with SSO (which works) or if I logon via RFC with SSO. In both cases I expect that I can only logon with users that I am allowed to logon, so I do not see any reason to restrict the RFC logon to specific sourcesystems.

Since I a have one central system with a lot of satelite systems which come and go, it would be very hard to keep table SNCSYSACL up to date.

I created a RFC connection in SM59 and activated SNC with the follwoing parameters

QoP 8 Default (profile parameter snc/data_protection/use)

Partners p/secude:CN=<SID of targetsystem>, O=SAP-AG, C=DE

I get the following error:

When executing a remote function call, an error occurred.

In ST22 of the Target system I get the following information:

Short text

When executing a remote function call, an error occurred.

What happened?

Sysid "BR5 " not allowed in target system in table SNCSYSACL.

SNC-Name="p:CN=BR5, O=SAP-AG, C=DE"

So I would be very grateful for tips using SSO in RFC without having to maintain SNCSYSACL or information on why SNCSYSACL has to be maintained.

Thanks and kind regards

Joachim

Former Member

Helpful Answer

by
Not what you were looking for? View more on this topic or Ask a question