on 02-12-2013 6:11 PM
Hello
I am a little confused with the Trusted Vs none Trusted RFC Connections for AC10, from reading some of the documentation and experience of running 5.3 alongside 10 is that now for Firefighter in 5.3 you have to use a Trusted Connection in SM59 and give users additional authorisation for S_RFCACL and S_ICF in order for it to function.
From the testing I''ve carried out with EAM 10 I have not needed to create a Trusted RFC Connection in order to be able to use EAM. I am however facing an issue creating the logs but think this is a different issue.
My question is of the RFC's is it best practice to have 2 sets of Connectors, one for All tasks bar EAM using a Non Trusted RFC and then another RFC setup as Trusted for using EAM. From reading the documentation it isn't particulalry clear
Thanks in advance
Nathan
I’m trying to understand something. According to several SAP Notes the connector to be use for EAM must be "trusted". I’m having some issues because when I make the connection as "trusted" I need to create all user on target system and GRC and that kind of defeats the purpose of having a centralize solution.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Jonathan,
I am not sure why you need to create the same users in the GRC and target system. You need only the Owners/Controllers to be created in the GRC system (in a centralized EAM) along with the Firefighter Users. That doesnt mean that every end user in your target system should have an ID in the GRC system.
Can you be more specific with your questions?
Regards,
Raghu Boddu
Hi Raghu,
When a connection is set up as “Trusted” what happen is that the validation at the moment of connecting from GRC to the Target system is done with the ID of the user that is attempting the connection (so user needs to exist on GRC and Target system). When the connector is “non-trusted” then the connection from GRC to target system is done by using a batch ID (or a system ID). So basically when using trusted connection I need to create all users involve on the workflow process on GRC and the target system.
Ex. FF_Owner gets a request on its inbox to approve a FF assignment for ECC.
In the previous example when using trusted connection the FF_Owner needs to be created on ECC and GRC. If this is not done the system comes back with message (RFC error, no authorize for trusted connection).
Hi Jonathan,
I see what you say. In general, the users who are involved in the workflow will obviously be created in the target systems as well. I would recommend you to refer the below article.
http://scn.sap.com/community/netweaver-administrator/blog/2010/11/29/setup-a-trusted-rfc-connection
and also the below SAP note:
Regards,
Raghu Boddu
It is best you have a single RFC which is trusted RFC. We had similar issue where the EAM wasn't able to connect to the target system, which was resolved by making it as a trusted RFC.
Let me know if you have any other questions.
Regards,
Raghu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Nathan,
Do you still need assistance on this query?
Thank you,
Fernando
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.