cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Blocking of Direct Login to Satellite System

Former Member

on ‎05-17-2007 6:02 AM

0 Kudos

Dear All,

A person who has login authorisation in Solman also has login authorisation in Satellite systems. So a person can directly login to the satellite system, bypassing the Solman. whether is there any possibility to block the person directly loging in to satellite system.

Thanks and Regards

Saravanan

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

alexander_maetzing
Active Participant
‎06-05-2007 12:59 PM
0 Kudos

Hi Kumar,

I don't see the real problem here. If a user is doing "customizing through the SolMan", he is accessing transaction SOLAR02 and chooses the tab "Configuration". If he now takes an entry, he uses either the SM_..._LOGIN or SM_..._TRUSTED destinations to go into SPRO in the satellite system.

The other way described means to use transaction SM59, choose the same RFC-destinations as above and go also to SPRO in the satellite system. The result is the same. Is there a reason to force the usage of SOLAR002-transaction?

To prevent using the RFC-destinations directly, the S_TCODE-authorization of SM59 in the authorizations of the user in SolMan should be taken away.

Best refards, Alexander.

Show replies
Show replies
former_member694070
Participant
‎05-28-2007 11:06 AM
0 Kudos

Dear Andreas

If I block the transaction SPRO in object T.code to the user, He could not able to do customising through solution manager. Please suggest me

Regards

Kumar

Show replies
Show replies
Former Member
‎06-01-2007 3:31 PM
0 Kudos

Hi Kumar,

you can reject the authorization for "Login as trusted User/System" in the target

system. The authorization object for this is S_RFCACL. If the user tries to logon

from Solman to the satellite system, he will get an error message something like:

"No authorization to log on as trusted user/system".

Thomas

former_member694070
Participant
‎05-23-2007 8:00 AM
0 Kudos

Hi

I am working in Solman 4.0. I have created Trusted RFC for single sign on to satellite system. The user can able to do customising in satellite system through solman. But, the user is having authorisation to do customising in satellite system directly. I want to block the direct loging in to satellite system. Is it possible?

Regards

kumar

Show replies
Show replies
former_member190969
Active Contributor
‎05-23-2007 12:50 PM
0 Kudos

Hi Kumar,

just remove transaction authorzation for SPRO from the users roles in the satelite systems (object T_CODE).

Regards

Andreas

Former Member
‎05-17-2007 6:24 AM
0 Kudos

Hi,

When we create RFC destinations for remote system we have to provide the user credentials and saved it or making it a trusted rfc connection without providing any login credentials.

Depending upon the RFC you create you get all the access in the satellite systems.

ALso go thru this tutor

https://websmp204.sap-ag.de/~sapidb/011000358700002912202006E.sim

This shows how to create rfc and whether you want trusted or with user logon screen.in user logon it always asks for the credentials whereas in other case it get automatically filled up.

Please reward points if it helps.

Message was edited by:

Prakhar Saxena

Show replies
Show replies
Ask a Question