Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Lock or delete of SAPCPIC and TMSADM users

former_member761621
Explorer

‎09-09-2013 4:24 PM

0 Kudos

Hello All,

We have the standard users from SAP which gets setup in the Productive clients also with their standard password maintained. So it showing RED mark in the Early watch reports which is used as a part of audit


Is it really required to have these users in Productive clients?

As far as I know SAPCPIC was used for RFC connections in earlier releases.

We are on CRM ABAP version 7.0.

So in that case, Can  I delete the SAPCPIC user then or can it's password be changed?

Again on TMSADM is required in 000 client. What is the purpose of having the same in productive clients?

Can I lock the same or change it's standard password in productive clients?

All I am concerned on productive clients alone.


Can anyone help me

4 REPLIES 4

Former Member

‎09-09-2013 9:18 PM

0 Kudos

You should not only be concerned about PROD clients. Actually, you should also be concerned about communication partner systems (DEV, SOLMAN, etc...).

SAPCPIC you can 99% of the time simply delete as long as you are not using it. When analyzing the usage, you sometimes find misuse...

TMSADM outside of 000 depends on your transport setup. The routes might be client dependent? But 99% of the time it is just the CUA which distrubuted the user to everywhere. Most important is the standard profile assigned only and the domain controller on a secured high availability system, before you create your own domain password for it (that will be the same everywhere anyway and saved into the RFC clients anyway...).

Cheers,

Julius

Former Member
In response to Former Member

‎12-02-2013 1:14 PM

0 Kudos

Hello Julius and everyone,

I was wondering about SAPCPIC user, how can I check what is this user actually doing in my system ?

I read that chaning the pwd might require some other RFCs, how can I see what are the RFCs being used together with SAPCPIC.

Thanks in advance,

Jordan

former_member202471
Participant

‎09-10-2013 2:25 PM

0 Kudos

This message was moderated.

Former Member

‎09-10-2013 6:35 PM

0 Kudos

Very often these users are being (mis)used without people knowing it. You can start analyzing the users usage via Sm19/sm20 and/or the STAD or via specific software tools.

Before deleting the users, you can start by changing the passwords for these users. Very often you will see that the users are used for background jobs or similar (this shouldn't be the case, off course).

After solving the issues and assigning all these jobs to the correct users, you can delete them.