CHARM:   Logon restriction to satellite system

Similar Messages

• Solution Manager ChaRM Issues when Upgrading Satellite System

  When upgrading a satellite system that is connected to Solution Manager's Change Request Management, is there anything that we need to be aware of?
  Will Change Documents still be able to go to completion (Production status) if we modify the landscape from the time the Change Document is In Development to the time it is moved to Production?
  1. Normal Correction (In Development)     Development (ECC 5.0) -> Quality (ECC 5.0) -> Production (ECC 5.0)
  2. Landscape is changed to                    Development (ECC 6.0) -> Quality (ECC 6.0) -> Production (ECC 5.0)
  3. Normal Correction moved to To Be Tested -> Consolidated -> Production
  Will the Normal Correction be in error because the landscape changed for the iBASE?
  Are there any other lessons learned that anyone has experienced with Change Request Management or Implementation during and after an upgrade?
  Thank You,
  Carlen
  Edited by: Carlen Yuen on Jan 13, 2009 1:50 AM
  Edited by: Carlen Yuen on Jan 13, 2009 1:51 AM

  Thanks Subhashini!
  We had issues updating the Task List in the past. After we update the landscape and refresh the project and update the Task List, do you foresee any other problems?
  Are there any additional items we should look out for? For example, we understand it is a requirement to release all transports prior to beginning the upgrade. However, since the release of the transport locks the change into the cycle for the next production move, this will present a problem if the change is not yet ready to be moved into Production. Do you have any further insight to any additional issues such as this?
  Thanks again!
  Carlen

• CHARM Roles in Satellite System

  Hi,
  Can anybody tell me  exactly on CHARM roles in Solman 7.0 EHP1.
  I am totally confused which roles i have to assign to Change Manager, IT operator, Tester, Developer & Requester.
  In Solman which roles I have to assign & in Satellite system R/3 which roles to assign.
  Currently I have assigned following Roles in Solman.
  Change Manager     
  ZO_BC_SOCM_CHANGE_MANAGER
  ZO_BC_CHANGEMAN_ADMIN
  ZO_BC_CHANGEMAN_OPERATOR
  ZO_BC_SOCM_CREATE
  ZO_BC_SOCM_DISPLAY
  ZO_BC_SOCM_PRODUCTION_MANAGER
  ZO_BC_TRUSTED-RFC
  IT Operator /Basis     
  ZO_BC_SOCM_IT_OPERATOR
  ZO_BC_TRANSPORT
  ZO_BC_SOCM_ADMIN
  ZO_BC_CM_SMAN_ADMINISTRATOR
  ZO_BC_TRUSTED-RFC
  Developer     
  ZO_BC_SOCM_DEVELOPER
  ZO_BC_CM_SMAN_DEVELOPER
  ZO_BC_TRUSTED-RFC
  Tester     
  ZO_BC_SOCM_TESTER
  ZO_BC_TRUSTED-RFC
  Can anybody tell whether above assignment is correct.
  In Satellite system which roles I need to assign.
  Regards
  PK
  Edited by: PK on Jun 1, 2010 9:58 AM
  Edited by: PK on Jun 1, 2010 9:59 AM

  Roles required for developer, tester and chagne manager in Solution manager in solution manager are as follow.
  Developer
  SAP_CM_DEVELOPER_COMP(composite role)
       SAP_CM_SMAN_DEVELOPER
       SAP_SOCM_DEVELOPER
  SAP_SOCM_REQUESTER
  tester
  SAP_S_RFCACL (for RFC)
  SAP_CM_TESTER_COMP(composite role)
       SAP_CM_SMAN_TESTER
       SAP_SOCM_TESTER
  change manager
  SAP_CM_ADMINISTRATOR_COMP (composite role)
       SAP_CM_SMAN_ADMINISTRATOR
       SAP_CPR_PROJECT_ADMINISTRATOR
       SAP_CPR_USER
       SAP_SOCM_ADMIN
  SAP_CM_CHANGE_MANAGER_COMP (composite role)
       SAP_CM_SMAN_CHANGE_MANAGER
       SAP_SOCM_CHANGE_MANAGER
  But you have to assign some object authorization to these standard roles.
  mainly you have to provide authorization for these objects S_TCODE, B_USERSTAT, S_OC_ROLE, CRM_ORD_OP etc.
  You can assign sap_all, sap_new to your user(developer, tester, change manager etc) and can set a trace from st01 on that perticaular user and then try to execute anything which you want. Then you can check for the objects in the trace and can authorize user for those object.
  Regards,

• Block direct logon to satellite system

  Dear friends,
     I am working with Sol Man 4.0 SP12.
  I have connected R/3 with Sol Man. The user ID has been created in Sol Man As well as in R/3. (In both the systems the user ID is same)
  Now the user can logon to R/3 system via Sol Man (T-RFC role has been assigned to him).
  But still the user is logging into R/3 system directly & performing the configurations. We want to block this option. Without Sol Man, he should not able to get into R/3 system.
  One work around might be, change the password & do not inform to the user.
  But for our case, we having about 185 consultants to do the configuration.
  If i lock the user ID in R/3, i can not logon through Sol Man also. So this option is invalid.
  If i maintain him as "Service" user also, he can directly logon to R/3. So this option also invalid
  If any other work around is available please guide me.
  Regards
  Senthil

  Dear Senthil,
  Your question is more from an Process point of view rather than Solution Manager.
  I assume that you are using Solution Manager to implement your SAP solution.
  There are 2 possibilities here :
  1. Roll out an standard process for all the 185 consultants working with you and strictly instruct to perform the configuration using the Solman route. In case of violations lock the userid's and get your senior mangement involved.
  2. Start using Change management. If you activate change management then no one can create an transport request in the satellite systems without routing it via an change request in Solution Manager. This way even if the consultant logs in to satellite system his work is useless and he is forced to follow the Solman Route.
  I hope that the above tips helps.
  Regards
  Amit

• Direct creation of transports in satellite system after CHARM

  Hi All,
  I have a quick question:
  Can we create new transport requests into satellite system directly, when CHARM is enabled for them. Or the transports can only be created through CHARM?
  Appreciate your response..
  Regards,
  Smita

  Hi
  It seems you have a problem in understanding the flow
  go thru the foll demo files..it will explain you the whole process and ur doubt
  Regular corr
  https://websmp201.sap-ag.de/~sapidb/011000358700000872582009E/index.htm
  Urg corr
  https://websmp201.sap-ag.de/~sapidb/011000358700000872612009E/index.htm
  Hope prb is solved now
  Regards
  Prakhar

• Charm Prerequisites for satellite systems

  What versions of sap needs to be installed on the satellite system in order to work with solution manger charm.
  For example can charm be made to work with a SAP 4.6C system?
  Where is this documented? I did a search and can not find it anywhere.
  Easy points.
  Cheers

  Hi Avrohom Weissman 
  Sorry i forgot mention it, in the right hand side, look for the Configuration Guide SAP Solution Manager as of SP15 (based on your SP level of Solman) which will give all the prerequisites of the respective scenarios of Solution Manager.
  For Charm refer the page number 10.
  Regards
  Naveen
  Edited by: Naveen kumar Palanichamy on Jan 29, 2009 5:53 AM

• Mass transport strategy but satellite system is configured for ChaRM

  We want that all transports are automatically transported in the development test client.
  We have calling a job with program TMS_BCI_START_SERVICE in the satellite system. But this program can only be used for mass transports and does not work when single transports strategy is activated.
  Question:
  Is there no solution to transport all this transports automatically in development test client via mass transport strategy if satellite system is configured for ChaRM scenario?
  Thanks a lot in advance.
  Regards Urs

  Hello Michele,
  Please, check the point 5 in the link below:
  /people/dolores.correa/blog/2009/07/22/change-request-management-scenario-usual-questions-and-known-errors
  I think that this information can help you.
  Best Regards,
  Diego Fischer

• ChaRM - Change Request where to raise? Is it in Satellite  system or Solman

  Hi Friends,
  For creating the change request( TCode: charm_create) is it necessary to login to solman & then raise CR ?
  Is is possible to raise Change Request in satellite systems ?
  If I have done development configuraion in BI & Now I want to move it to QA. What is the process steps for the same?
  Many Thanks
  Praveen K

  hi
  Change Request  have to raised in Solman. You might be aware all change requests will be connected to a maintenace project / Implementation project in Solman.
  In that project, your satellite system landscape have to be maintained.
  refer the below help doc for the process flow
  [http://help.sap.com/saphelp_smehp1/helpdata/en/2b/614e1cb8204f35b477eac703073589/content.htm]
  Suppose for doing a configuration change  in your BI system, you have a raise a CR in Solman and choose the appropriate maintenance cycle of BI landscape and continue process. Refer the solman rkt   documents also.
  regards
  Naveen

• RFC trouble with satellite systems

  Hi all.
  When i imort transport request from Charm - DEV to QAS system or QAS to PRD system
  Logon screen appers to 000 clientst.
  BUT!
  in SMSY when i check RFC to the QAS 000 and PRD 000.
  Check says all okey and green.
  Any ideas?? where should i check more ....
  Thanks
  Sindry

  Hi  Sindry,
  To allow import into a system using an automatic job via ChaRM you must assign additional authorisations to TMSADM on the satellite system.  This trusted user must be granted authorisations to carry out the CTS import in client 000, otherwise it will prompt user for a 000 login.  This is not recommended for Production system however.
  To enable user to use the trusted RFC connection, must have access to S_RFCACL authorisation object.
  Hope this helps
  Paul

• SOLMAN EHP1 - anyone can create support message in Satellite System's Help?

  Hi,
  I just curios that why everyone can create support message in satellite system-> help -> create support message?
  I tested with restricted profile user and without role SAP_SUPPDESK_CREATE, NO BP created but he still manage to create support message???? Any idea??
  Also, same goes to any user can process ticket in SOLMAN with no BP-Employee role and SAP_SUPPDESK_* roles assigned.
  Your kind input is very much appreciated.
  Thanks,
  Nicholas Chang

  Hi Nicholas
  If you are using a "Named" user instead of the Trusted Relationship in the RFC maintained in BCOS_CUST for entry OSS_MSG then this is quite possible. In this case the "Named" user will be used to call the interface to create message and the calling user ie the end user creating the ticket will only be used as "Reporter" of the message.
  The user entered in the RFC details probably has the authorization to create Support desk messages.
  Regards
  Amit

• Charm_create tp in satellite system directly and then assign project

  Dear All,
  we have some exceptions here.
  Incase of urgency users wants to carry out the changes in satellite system & will save the same under 1 new TP. while moving the tp they want to assign the charm project so that all the activities will get captured under project. is this possible ?
  regds,
  CB

  Hello,
  If I understood your question, you probably mean the registration of transport requests from outside ChaRM as described in notes 1150426 and 1274352 ...
  Best regards,
  Miguel Ariñ

• Roles in satellite system for message creator

  while creating support message in satellite syatem, i am getting the following error.
  Error in Local Message System: No authorization to logon as trusted system (Trust Message was Not Created
  Message no. BCOS088
  what role i have to give it to the message creator @ satellite system

  Hi.
  Looks like you are using a trusted connection (maintained in table BCOS_CUST) to connect your satellite system to the Solution Manager.
  If you keep this configuration every user who tries to create a support message in your satellite system also needs a real user in the Solution Manager (including authorization objects S_RFC and S_RFC_ACL).
  Instead you should use the SM_<your sol man>_BACK destination and set NO_USER_CHECK=X in Tx: DNO_CUST04 (SolMan).
  Also you should create a Business Partner in SolMan (for each user who should be able to create a support message in satellite system) with external ID referring to the satellite system user.
  You do not need a user in SolMan for everyone who should be able to create a support message from satellite system.
  Hope this helps.
  /cheers

• No IBase/Component transferred in SLFN from a satellite system to Solman

  Dear all,
  We have Solution Manager 4.0 with SPS18 with working ChaRM and Service desk.
    I have the following problem : a support message (created from the menu   Help->Create Support Message  in a satellite system) arrives to Solman,  but the fields Ibase and Component are filled by zeros and are inactive so I canu2019t change them manually.
    The question is: are these values transferred from the satellite system to SolMan or not?
  I have debuged the program calling under Help->Create Support Message   and have not found such functionality.
  From the other hand, all forum messages implicitely imply this.
  Due to technical reasons I canu2019t use notif_create transaction, where there are Ibase and component  fields.
     From the SolMan configuration side everything is OK:
  System landscape is correct, Ibase and components are generated and active, they have the correct external names.  The functionality of ChaRM that utilises Ibase and components is working well, so I donu2019t see any problems from this side.  OSS 449330 (delete the record from BCOS_CUST table with the value u201CTST_CUSu201D in Application field ) is not the case.
  Please advice.

  Hi,
  In this case, could you please kindly verify the points mentioned in this note has been verified ?
  note #824640
  Hope this helps.
  Cheers
  SH

• Create user both in the satellite system and in solman

  Hi
  I wonder if I need to open all my user's that are in the satellite system (ECC) in the solution manager for the purpose of create support message or I can only create them as BP?
  If I don't need to open them, What is the proper way to configure the RFC?
  Best regard's
  Lior Grinberg

  Hi,
  in a normal service desk scenario you do not neet to create users in Sol Man. You just create business partners. If you want the users to logon to Sol Man and edit a document then they also need a real user there (linked via BP - employee):
  For creating messages from satellite system you usually maintain RFC destinations from Sol Man (SMSY) to the connected systems. Then you use the generated *_BACK destination in your satellite system and add it to table BCOS_CUST.
  All these steps and many more are described in IMG in Solution Manager.
  Regards

• Move TPs in satellite system after smsy & rfc

  Dear All,
  We have a issue here. we did the confgn of tms & generated the rfc as well. we havent created a project yet in solman. this is charm implementation. After doing thse tms & rfc work, we tried to move the tps in satellite system from qlty to prd. we r not able to see the target client name in qlty & system is not allowing us to move the tps as well. Can anyone help us in this ?
  regds,
  Kallu

  Hi,
  1. Could you please check all the required systems are assigned to the tranport domain and the domain is consistent? You may check this by logging into the domain. there should not be any warning in the STMS.
  2. Have you given permission to move TR in client settings, SCC4?
  Rajeev