No authorization to logon as trusted system (Trust ed RC=0)
Hi Guys,
I am working in CHARM implementation and i am facing a problem while importing the transport request from development to quality system.
once i select the pass correction to test action in urgent correction the system is giving an warning message(No import into test system has taken place yet).
When i go to task plan there the system is showing the transport request is succesfully released, but Import transport request as RED.
Description of the Error: System cancel RFC destination SM_QASCLNT410_TRUSTED, Call TMW_SET_PROJECT_SWITCHES: No authorization to logon as trusted system (Trust ed RC=0).
But when i do the pass correctio to test with SAP_ALL in Quality system it is successfully importing to quality system.
I have also assigned S_RFCACL to developer role in quality system. kindly give ur valuable inputs as it is very urgent.
Thanks&Regards
Raju
Penmetsa,
Interesting name - trusted connections are somewhat interesting to work with - please check them by using the 'Remote Logon' button with the username check set to current user (if you are using a specific user, there is no real reason to use a trusted connection). When doing this, follow OSS Note: 128447 which is all the troubleshooting for Trusted Connections with all the return codes.
From what you are showing with the RC=0, that is ususally authority - you probably don't have the role setup right on the QA system. Personally, I wouldn't bundle this because there are different flavors of this role that should be assigned to certain users. You should go check with your Security people for the best way to assign the proper credentials to end-users. A improperly configured S_RFCACL will allow one to access a remote system with a different userid!! Which is not really a good thing to have as a possiblity for daring developers that are looking for interesting things to play with.
Anyhow - hope that helps, if it answers your question, please set the thread to answered.
Similar Messages
-
Authorization to logon as trusted system (Trust
Hello everybody,
I want to configure the RFC between the solman and IDES server. so i have done the following things
1. Create a user sapuser in solman and Ides server with the Authorizations, SAP_SUPPDESK_CREATE,SAP_SV_FDB_NOTIF_BC_ADMIN,ZSAP_S_RFCACL,ZSAP_SOL_SERVTRANS_CREATE
2. Create the RFC named SOLTRUSTED in IDes with detail as
Target Host :- solman
I.P :- 192.168.1.4
System No :- 00
Trusted System : No
After that i have test the connection its working, Same as Remote Logon, . Logon screen asking for user name and password is also working fine.
3. execute the T.cdoe SMT1 create a Trusted System SOL with details as
Trusted System SOL
Technical settings
RFC Destination SOLTRUSTED
Authentication type 3
message server solman
Trusting system
Trusting system RIS
Application server ides_RIS_08
here when select Entry-->authorization check -->trusting system here 2 times logon screen appear for solman logging and generate the Error " Error when opening an RFC connection
I have also set the authorization for the object S_RFCACL with required field value as *
Also i have check the TRUSTING_SYSTEM@SOL Rfc, then the connection test successfully done but at Remote Logon No, generate error as - authorization to logon as trusted system (Trust
So please guide/suggest me that any missing or additional steps missing for configure the trusted and trusting system
Thanks
GaneshHello,
As per your suggestion, i have two system Solman and IDES, I want to connect solman and Ides
1. i have create the RFC in IDES
RFC name SOLTRUSTED
Connection type 3
Target Host SOLMAN
System No 00
ON clicking Connection Testing - successfully
On clicking Remote Loging, Logon screen is display, on entering Client, Username, and password successfully logon to the solution manager.
IP address 192.168.1.4
As per suggetion of second step, I have been trying to create the trusted system, i enter the name SOLTRUSTED,at the logon screen enter the client 901, user name and password
Now on the Trusted System means on Solution Manager
create the RFC named RISCLNT999
Connection type = 3 and descrption
enter the target host - ides
system number - 08
trusted system = yes
client -999
check the current user option
and SAVE
All the setting i have done, but from the IDes server when i use the command Smt1 and select Entry-->Authorization check -->Trusting system, it display logon to solman screen 2 times display the error message "Error when opening an RFC connection"
Entry-->Authorization check -->Current server, it display logon to solman screen display the error message "No authorization to logon as trusted system (Trusted RC=0)"
I have metion in previous message that i was maintain all the necessary authorization.
so please suggest me how to solve the authorization problem?
Thanks
Ganesh -
ERROR IN CREATING TRUSTED SYSTEMS
Dear Gurus,
When creating the trusted systems between to sap systems, we are getting the below error.
"No authorization to log on as a trusted system (Trusted RC=0)."
We created the trusted system entry in SMt1 and the RFC check is working fine(both test connection & authorization test).
Even i am able to login to the remote system. But when i check the system in SMt2, i get the above mentioned error.
Could you please let me know on how to resolve the above error.
Thanks & Regards
SurendranathHi,
Trusting Transaction SMT2
The trusting transaction SMT2 (or SM59 ® RFC ® Trusting Systems) constructs a list of all trusting systems that have been established for this trusted system. Here, a logon and authorization check for the current user and client is performed, using the destination TRUSTING_SYSTEM@S00 that has been automatically created.
This basically corresponds to transaction SM51, if you use Remote Login to perform a logon on a different application server.
If problems occur while setting the destination TRUSTING_SYSTEM@S00 (such as host name or service information), you either have to create a new destination for your needs, and then enter the host name or service information using SAP router strings, or adjust the network settings of the server. To correct the problem in transaction SMT2, you have to adjust the network configuration of the server. As this transaction is only to be used for test purposes, in this case you could also choose to ignore the error.
To perform a logon as a different user or client, you have to create a new RFC destination with a trusted option set.
In this scenario, the following error text in SMT2 can be ignored:
No authorization to log on as a trusted system (Trusted RC=0)
If the host name contains the character '_' (as in "my_host"), then the generation of the related trusting system destination may lead to incorrect settings. This problem can be corrected by implementing Support Package SAPKB46D09 (see below). For earlier releases, the changes required to correct the problem can be made manually.
Continue with:
Configuring System Resources for Parallel RFC, tRFC, and qRFC
Rgds,
Suman -
Error in Local Message System: No authorization to logon as trusted system
Dear all,
When I am posting the message in Production system which I have configured with my solution manager
I am getting the error like "Error in Local Message System: No authorization to logon as trusted system. So trusted message can not be posted"
I checked with SM59 which I created the RFC destination, in that i selected for both the system ie Solution manager as well Production system 'Trusted System=Y'
Please suggest me how to solve this issue
Regards
SudharshanHi,
please use the search function.
There are ALOT of topics regarding Trusted RFCs, table BCOS_CUST, RFC Back Destination to Sol Man and so on.
/cheers -
Hi All,
i have created a trusted connection(say system A_100 and B_100,---100 is a client) as per SAP note 128447 - Trusted/trusting systems
I have all required authorisation i.e s_rfcacl,S_rfc ,s_rfc_tt.
i am able to remote logon from system B_100 to system A_100 ,but issue in when i try to logon from system A_100 to system B_100.
error is -
No authorization to log on as a Trusted System (L- RC=1 T-RC=1).
i can see run time error in system B_100 as with user SAPSYS and client 000(why it is showing this user and client )
CALL_FUNCTION_SINGLE_LOGIN_REJ
Details-
Category Installation Errors
Runtime Errors CALL_FUNCTION_SINGLE_LOGIN_REJ
Date and Time 08.08.2014 09:07:04
Short text
No authorization to log on as a Trusted System (L-RC=1 T-RC=1).
What happened?
The current program had to be terminated because of an
error when installing the R/3 System.
What can you do?
Note which actions and input led to the error.
For further help in handling the problem, contact your SAP administrator
You can use the ABAP dump analysis transaction ST22 to view and manage
termination messages, in particular for long term reference.
Error analysis
An RFC call (Remote Function Call) was send with an invalid user ID
"XXXX " or the caller system is not registered as a Trusted System in the
target system.
Information on where terminated
Termination occurred in the ABAP program "SAPMSSY1" - in
"REMOTE_FUNCTION_CALL".
The main program was "SAPMSSY1 ".
In the source code you have the termination point in line 113
of the (Include) program "SAPMSSY1".
Source Code Extract
Line SourceCde
83 COMMUNICATION SEND ID convid BUFFER header.
84 IF sy-subrc EQ 0.
85 PERFORM (sy-xform) IN PROGRAM (sy-xprog).
86 ELSE.
87 MESSAGE a800.
88 ENDIF.
89 ENDFORM. "cpic_call
90
91 *&---------------------------------------------------------------------*
92 *& Form remote_function_call
93 *&---------------------------------------------------------------------*
94 * text
95 *----------------------------------------------------------------------*
96 * -->VALUE text
97 * -->(TYPE) text
98 *----------------------------------------------------------------------*
99 FORM remote_function_call USING value(type).
100 DATA rc TYPE i VALUE 0.
101 DATA: l_syxform TYPE syxform,
102 l_syxprog TYPE syxprog,
103 l_cbe TYPE i.
104
105 * necessary variables for class based exceptions
106 DATA: l_root TYPE REF TO cx_root.
107
108 DO.
109 *
110 * with ID 'CLException' we determine, whether the caller is
111 * class based excptions or not
112 *
>>>> CALL 'RfcImport' ID 'Type' FIELD type
114 ID 'SYXForm' FIELD l_syxform
115 ID 'SYXProg' FIELD l_syxprog
116 ID 'CLException' FIELD l_cbe.
117
118 IF l_syxprog = 'JAVA'.
119 SYSTEM-CALL plugin
120 ID 'JAVA' VALUE 'FORW_JAVA'
121 ID 'RC' VALUE RC.
122 * if there is no rollout on the JAVA side which
123 * rolls both, JAVA and ABAP, we return to the
124 * C-Stack and reach this point
125
126 * in case there was an rollout, the ABAP-C stack is lost
127 * and we jump direkt to this point
128
129 * here we trigger the rollout on this Abap side with
130 * the following statement
131 SYSTEM-CALL plugin
132 ID 'JAVA' VALUE 'ROLL_OUT'
I have also referred sap note-1627901 - Trusted RFC troubleshooting
No luck.
Do let me know if additional information is needed .
Kind Regards,
SumitHi Sumit
1. Is this both system Support pack level are same?
2. As you said that you SAP_Basis 7.31 - support package level?
3. Have you check the SAP note 128447 - Trusted/trusting systems they are given ABAP runtime correction 2021691 - CALL_FUNCTION_SINGLE_LOGIN_REJ and trusted RC=1
4.
one question - why it is working in system B and not in system A.
Its may be software bug for that they give ABAP runtime correction
Regards
Sriram -
SMT1 creating trusted system error No authorization for object S_ADMI_FCD
SMT1 creating trusted system gives error No authorization for object S_ADMI_FCD even after giving authorizations in both the system. Was not able find the issue by debugging.
Thanks and appreciate your response.
Betcy
Moderator message: not directly related to ABAP development, please have a look in the SAP Netweaver or Security forums.
Edited by: Thomas Zloch on Jan 26, 2012 10:37 PMHi,
Have you tried assigning authorizations to the id from which you are creating trusted system?
If no, please do it and check.
Also check in SU53 after getting the authorization error.
Also check the connection between two systems in SM59.
Cheers,
Raja.D -
Solman trusted system not working
Dear Experts,
Few Months back we have completed the OS/DB Hardware migration.
After that whenever any end user trying to post the message from production system, system is asking for password then posting the message. before that w/o asking the password, end user can post the message.
I have checked the trust system authorization but still facing the problem.
Please help to solve this issue.
Thanks and Regards,
Dipakhi dipak,
There are certain factors you need to checkl.
1) Have you attached the role to the correct user and you have generated the profile.
2)If the problem still persist then you give the trusted system option as NO in the security tab and untick the logon screen option then in below down you should be able to see an area called logon there you need to put your user name and password of the solution manager system.
If still you are facing the issue then you need to check whether your user login has the following roles
SAP_SUPPDESK_ADMIN
SAP_SUPPDESK_CREATE
ZSOL_ATT- in this you need to generate a profile for CRM_ORDER
if you still have the problem
in the profile tab of the user please add the profiles
SAP_ALL and SAP_NEW
This i hope will resolve your problem,
please let me know if you have any further problem
Best wishes,
Varghese
Edited by: varghese oommen on Jun 28, 2008 4:47 PM -
I am working with a connection between my CRM and ECC system. I this was working fine until something happened. Now all of the sudden, none my trusted systems work.
The error message is
CALL_FUNCTION_SINGLE_LOGIN_REJ
You do not have authorization to log on as a trusted system.
Yet I most certainly do have authorization and all of the SU53 checks pass!!
Can anyone help?
Thanks
Jeremy BakerHave you checked note 986707?
-AD -
How to set up trusted system or ip in NW CE 7.1
Hi all,
I am running on NW CE 7.1, and I want to know if NW allows setting up trusted system or ip. If so, is there any documentation about it?
Thanks for your help in advance.Hi,
what do you mean by "trusted system"?
For instance, you can use the CE as a producer in your EP 7.0 consumer portal with SSO. You exchange server certificates and so create a trust between these 2 servers. This is also be possible between CE and ABAP (CE is consuming an ABAP service).
To do so, it's the standard process: export the certificate of CE and import it into the target system
br,
Tobias -
Cannot create Trusted System in NW 7.1 CE
Hey to all,
I've installed NetWeaver Composition Environment 7.1 SP 4.
Now I want to set up single sign-on between my Java Stack and an ABAP system. When I try to create a trusted System in NWA after choosing the system (which is provided from SLD on an NWDI system) and providing username and password I get an "Internal Error." with the following information in the log file (default trace):
Unknown action
[EXCEPTION]
com.sap.security.core.role.NoSuchActionException: ACTN.AUTH_DS.un:N$sap.com/com.sap.caf.eu.gp.designtime$all
at com.sap.security.core.role.imp.ActionFactory.getAction(ActionFactory.java:459)
at com.sap.security.core.role.imp.RoleServiceActionIterator.iterate(RoleServiceActionIterator.java:131)
at com.sap.security.core.role.imp.RoleServiceActionIterator.<init>(RoleServiceActionIterator.java:85)
at com.sap.security.core.role.imp.PermissionRoles.getActions(PermissionRoles.java:165)
at com.sap.security.core.imp.User.calculatePermissions(User.java:1319)
at com.sap.security.core.imp.User.getPermissionsData(User.java:1188)
at com.sap.security.core.imp.User.hasPermission(User.java:838)
at com.sap.security.core.imp.User.hasPermission(User.java:896)
at com.sap.security.core.imp.UserWrapper.hasPermission(UserWrapper.java:284)
at com.sap.engine.services.jmx.auth.UmeAuthorization.checkMBeanPermission(UmeAuthorization.java:73)
at com.sap.engine.services.jmx.JmxServerFrame.checkMBeanPermission(JmxServerFrame.java:97)
at com.sap.engine.services.jmx.MBeanServerSecurityWrapper.queryNames(MBeanServerSecurityWrapper.java:320)
at com.sap.engine.services.jmx.ClusterInterceptor.queryNames(ClusterInterceptor.java:1100)
at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.queryNames(MBeanServerInterceptorChain.java:282)
at com.sap.lm.itsam.ui.floorplan.FloorPlan.getIsCEVersion(FloorPlan.java:1345)
at com.sap.lm.itsam.ui.floorplan.FloorPlan.init(FloorPlan.java:497)
at com.sap.lm.itsam.ui.floorplan.wdp.InternalFloorPlan.init(InternalFloorPlan.java:354)
at com.sap.lm.itsam.ui.floorplan.FloorPlanWindow.onPlugDefault(FloorPlanWindow.java:187)
at com.sap.lm.itsam.ui.floorplan.wdp.InternalFloorPlanWindow.wdInvokeEventHandler(InternalFloorPlanWindow.java:122)
at com.sap.tc.webdynpro.progmodel.generation.DelegatingWindow.invokeEventHandler(DelegatingWindow.java:88)
at com.sap.tc.webdynpro.progmodel.window.ViewController.invokeInboundPlugHandler(ViewController.java:445)
at com.sap.tc.webdynpro.progmodel.window.InterfaceView.invokeInboundPlugHandler(InterfaceView.java:158)
at com.sap.tc.webdynpro.clientserver.cal.NavigationManager.processInboundPlugQueue(NavigationManager.java:278)
at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.init(ClientApplication.java:506)
at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.doPreprocessing(ClientApplication.java:1192)
at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.delegateToApplicationDoPreprocessing(AbstractExecutionContextDispatcher.java:150)
at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.DispatchHandlerForAppPreprocessing.doService(DispatchHandlerForAppPreprocessing.java:35)
at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.AbstractDispatchHandler.service(AbstractDispatchHandler.java:116)
at com.sap.engine.services.servlets_jsp.server.deploy.impl.module.IRequestDispatcherImpl.dispatch(IRequestDispatcherImpl.java:93)
at com.sap.tc.webdynpro.serverimpl.wdc.sessionctx.ExecutionContextDispatcher.dispatchToApplicationDoPreprocessing(ExecutionContextDispatcher.java:100)
at com.sap.tc.webdynpro.serverimpl.core.sessionctx.AbstractExecutionContextDispatcher.dispatch(AbstractExecutionContextDispatcher.java:75)
at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.dispatch(ApplicationSession.java:506)
at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.dispatch(ApplicationSession.java:526)
at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doPreprocessing(ApplicationSession.java:232)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doPreprocessing(ClientSession.java:647)
Can anybody help me please?
Thank you in advance!
Best regards
KathiThanks a lot Soujanya ...
I successfully deployed the application.
But i m stuck with the authentication part, Even i successfully implement the Form based authentication using UME.
But, how can i use my own realm and database for the authentication.
Can you please help me on this. -
Hello!
I configure system landscape via SMSY and I try to generation rfc connection for added system using wizard.
My system is Solution Manager 4.0, client is 001.
In future I hope to use solman for SP download approving.
What client in trusted system I need to generate rfc-connections?HI,
Antonina Mukhanova wrote :
In future I hope to use solman for SP download approving.
What client in trusted system I need to generate rfc-connections?
It doest not matter to what client you are connecting using the wizard for RFC in SMSY.
sp stacks is not client dependent.
Regards,
VIJAY. -
Can we have more than one trusted system in Oracle Identity Manager?
Can we have more than one trusted system in Oracle Identity Manager?
Can we pull employee from one trusted system and in the same way can we pull some contractors from other trusted system simultaniously?
yes you can. In the schedule task you'll have to put your query in such a way that it brings both data.
Can both trusted systems can be active at the same time pulling two types of users from two trusted systems?
You have to run both recon in sequential manner so that it can pull correct data for OIM
Some where i read in doc that only one target system can be designated as trusted system if it as has more than one the recons will not work properly...
I don't think that it results into issue. But we have to see the sequence mainly. Otherwise it will results into wrong data -
Trusted systems gone after Solman hardware migration
Hi All,
I migrated our Solman EHP1 to a new x64 box via homogeneous system copy, everything went absolutely fine but one thing... Solman is not trusted any longer in any of the systems. The host/IP is the same and RFC's in SM59 all look good... I wondered if theres any way to regenerate the trusted/trusting RFC's without affecting the rest of the configuration in SMSY.
Also, checked and the satellite systems still and Solman still trust them but not the other way around
Regerads
JuanHi Juan,
I came across issue some times back and got Note 128447 - Trusted/trusting systems
This refrence i got from some other note which was referring the post installation activities(System copy) and was suggesting to re-estabilishing trusting/trusted system relationship.
May be worth to read this note
Regards, -
Trusted system after system refresh
I was wondering if theres an easy quick way to recreate the trusted system in SMSY after a system refresh or should I create the recreate the trusted system manually?
Regards
JuanJuan,
recreating manually is in my opinion the only solution.
you can:
- recreate the RFCs again starting from SolMan
- only recreate SolMan as a trusted system in your satellite system
good luck!
Roel
Edited by: Roel Beckers on May 27, 2008 11:14 AM -
Need of Trusted & Trusting systems
Dear All,
Request you to brief me the need of Trusted & Trusting systems and whether we can have Trusted system other than R3 systems.
Thanks
PiyushHi Piyush,
SAP systems may establish trusted relationships between each other.
If a calling SAP system is known to the called system as a trusted system, no password must be supplied.
The calling SAP system must be registered with the called SAP system as a trusted system. The called system is called the trusting system.
Please refer to below url to get more info.
http://help.sap.com/SAPhelp_nw04/helpdata/en/8b/0010519daef443ab06d38d7ade26f4/content.htm
Cheers
Deepanshu
Maybe you are looking for
-
BI Publisher Report not Generating any Output in the Excel SHeet
We have a CUstom BI PUblisher Report .When we run it ,it completes normally but there is no data in the Excel Sheet generated .It shows NO DATA FOUND .But when i run the Query seperately i do get some data . Don't know why it is not viewable in the E
-
I have been getting low on storage on my 11" Air. I set up a dropbox account and slung all my photos across but didn't realise that it would sync to hard drive. I've now unsynced my photos and they don't show in the documents of the Air.. I still onl
-
Image quality of Lumia 930 dropped after Denim upd...
Oversharpened images and unnatural colours. Please see the attached images for comparison. Attachments: Cyan.JPG 70 KB Denim.JPG 100 KB
-
X pro crashes when inserting pages
Running windows XP, up to date. Acrobat X pro, no updates available. I have inserted pages and combined files for years without issues. Today, it locks up and crashes once I select the file(s); it doesn't even ask where to insert the pages. I am at a
-
Dear All I configured VAT in our IDES system then the following error occured "No posting rules exist for account key Message no. FF714 Diagnosis No posting rules have been defined for the account key in the tax table in table T007B. Procedure Change