on 05-17-2007 6:02 AM
Dear All,
A person who has login authorisation in Solman also has login authorisation in Satellite systems. So a person can directly login to the satellite system, bypassing the Solman. whether is there any possibility to block the person directly loging in to satellite system.
Thanks and Regards
Saravanan
Hi Kumar,
I don't see the real problem here. If a user is doing "customizing through the SolMan", he is accessing transaction SOLAR02 and chooses the tab "Configuration". If he now takes an entry, he uses either the SM_..._LOGIN or SM_..._TRUSTED destinations to go into SPRO in the satellite system.
The other way described means to use transaction SM59, choose the same RFC-destinations as above and go also to SPRO in the satellite system. The result is the same. Is there a reason to force the usage of SOLAR002-transaction?
To prevent using the RFC-destinations directly, the S_TCODE-authorization of SM59 in the authorizations of the user in SolMan should be taken away.
Best refards, Alexander.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Andreas
If I block the transaction SPRO in object T.code to the user, He could not able to do customising through solution manager. Please suggest me
Regards
Kumar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Kumar,
you can reject the authorization for "Login as trusted User/System" in the target
system. The authorization object for this is S_RFCACL. If the user tries to logon
from Solman to the satellite system, he will get an error message something like:
"No authorization to log on as trusted user/system".
Thomas
Hi
I am working in Solman 4.0. I have created Trusted RFC for single sign on to satellite system. The user can able to do customising in satellite system through solman. But, the user is having authorisation to do customising in satellite system directly. I want to block the direct loging in to satellite system. Is it possible?
Regards
kumar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
When we create RFC destinations for remote system we have to provide the user credentials and saved it or making it a trusted rfc connection without providing any login credentials.
Depending upon the RFC you create you get all the access in the satellite systems.
ALso go thru this tutor
https://websmp204.sap-ag.de/~sapidb/011000358700002912202006E.sim
This shows how to create rfc and whether you want trusted or with user logon screen.in user logon it always asks for the credentials whereas in other case it get automatically filled up.
Please reward points if it helps.
Message was edited by:
Prakhar Saxena
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
76 | |
9 | |
8 | |
7 | |
6 | |
5 | |
5 | |
5 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.