cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Simple question? Where to find the user in PI for RFC access using IDOC AAE sender

Former Member

on ‎09-11-2012 10:06 AM

0 Kudos

Hi,

probably simple for you...

I am starting here with an IDOC_AAE sender scenario.

When sending first Idoc from Sender R/3 system via IDOC AAE sender adapter an error message is coming up.

Error  for the remote call of method IDOC_DATE_TIME_GET in system K9E400, message No RFC authorization for function module IDOC_DATE

Ok, this is about missing RFC auth.

But... I am using now a TCP IP connection from R/3 to PI 7.31 w/o a user and not the standard ABAP connection in SM59.

The sender channel config is using RFC server parameter "Default".

So where is the user to find that is used to do the RFC function module call ?

I checked several documents but could not find where this user is put in.

Best regards from a non Basis guy with a need to understand a little bit more about this grey cloud of basis stuff making PI work.

Dirk

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎09-11-2012 12:39 PM
0 Kudos

Hi,

We dont explicitly configure the user for connectivity establishment if TCP/IP destination  is used..

May be check the user with which the RFC has been run for roles..

HTH

Rajesh

Show replies
Show replies
former_member9864
Participant
‎09-11-2012 12:30 PM
0 Kudos

Hi,

K9E400 is your sender SAP system, right?

1) Go to PI -> Netweaver Administrator -> Configuration -> Infrastructure -> Application Resources. Search for Resource Name with "inbound". Click on the InboundRA with the Resource Type "Resource Adapter", on the lower area click on the tab "Properties" and you will see the parameter "DestinationName".

2) With this DestinationName, go to PI -> Netweaver Administrator -> Configuration -> Security -> Destinations. You will find the username on K9E400 in the destination you found in step 1.

Best regards,

Chen

Show replies
Show replies
Former Member
‎09-11-2012 1:40 PM
0 Kudos

Hi Chen,

Thank you!

I checked and maintained the inboundRA from the blog description.

So I have now two XI_IDOC_DEFAULT_DESTINATIONS.

One is pointing to the R/3 system for metadata, the other one points to the PI itself.

The user mentioned in ST22 is not the one that I found here.

I checked all destinations here and could not find this user from ST22 anywhere.

So, the riddle is not solved.

Best regards

Dirk

former_member9864
Participant
‎09-11-2012 1:59 PM
0 Kudos

Hallo Dirk,

so you are receiving error messages in ST22? Normally when it's an authorization error of the PI communication user, the error should be seen in SM58. I would rather guess that the problem takes place before the IDOC AAE adapter is called, which means that the error should happen somewhere during the creation of the IDOC. To prove this, you can change the receiver port in WE20 to any other SAP test systems(but not PI) and you should still get the same error. In this case, this would be not an PI issue, but rather something that an SAP Security Consultant should take care of. 

By the way, to configure the IDOC AAE Adapter, you will need only one destination maintained in NWA, which is pointing to your SAP sender system(if you have only one SAP sender system to connect).

Best regards,

Former Member
‎09-11-2012 2:21 PM
0 Kudos

Hello Chen,

This seems to be a good idea.

I should have added that I am running here on restricted access means e.g. no access to SM58.

Don´t ask, please.... will never understand these detailed user profile rules companies are spending so much time on. 

Need to wait for the R/3 consultant to come back to check with him on the sender system.

---

"to configure the IDOC AAE  Adapter, you will need only one destination maintained in NWA"

Yes, this is my understanding. The recommendation was to copy the existing XI_IDOC_DEFAULT_DESTINATION to  XI....<SID> to establish here the SID related connection.

I will come back with more results.

Thank you!

Best regards

Dirk

stefan_grube
Active Contributor
‎09-11-2012 12:11 PM
0 Kudos

Use transaction code IDX1. Here you see the destination which is used for receiving IDoc meta data.

Show replies
Show replies
Former Member
‎09-11-2012 12:22 PM
0 Kudos

Hm,

following a nice blog here (famous Michaels blog) it seemed to me ok that I don´t need to maintain IDX1 as IDOC_AAE should connect to Java stack and not to ABAP.

Moreover I am a little bit confused now.

Nevertheless IDX1 is not maintained but the user has an auth. issue.

Regards

Dirk

Ask a Question