RFC user profile

Similar Messages

• Changing RFC user

  Dear All,
  We are using SRM classic scenario process ( SRM 5)
  Accordig to SAP Note 938411 , we have to change the RFC user to RFCUSER ,
  (  It was SAPRFC) ,
  This change caused us a problem on creating SC ( Runtime Error " GETWA_NOT_ASSIGNED" on ST22).
  We appreciate to get more information on this issue.
  Best Regards,
  Moshe
  Message was edited by:
          Moshe Stein
  Message was edited by:
          Moshe Stein
  Message was edited by:
          Moshe Stein

  Hi
  <u>Which R/3 system version are you using ?</u>
  Please ensure the following settings have made made correctly in R/3 back-end system.
  <b>Be sure only ht follwoing changes as suggested in SAP OSS Note 938411  are done.</b>
  <u>FUNCTION BAPI_GOODSMVT_CREATE</u>
  <b>Delta 001Context Block </b>
  * map head to internal structure **************************************
    CALL FUNCTION 'MAP2I_B2017_GM_HEAD_01_TO_IMKP'
         EXPORTING
              BAPI2017_GM_HEAD_01 = GOODSMVT_HEADER
         CHANGING
              IMKPF               = S_IMKPF.
  <b>Delete Block</b> 
     S_IMKPF-USNAM = SY-UNAME.
  <b>Insert Block </b>
     IF SY-UNAME = 'RFCUSER'.
       S_IMKPF-USNAM = GOODSMVT_HEADER-PR_UNAME.
     ELSE.
       S_IMKPF-USNAM = SY-UNAME.
  Don't forget to activate the Function module   <u>FUNCTION BAPI_GOODSMVT_CREATE</u> after making the changes in R/3 backend.
  Also, Please read OSS Note for RFC User details.
  Note 642202 - EBP user admin: RFC user profile in back end/plug-in
  Do let me know.
  Hope this will definitely help.
  Regards
  - Atul

• Standard roles, groups, profiles of a rfc-user

  hi,
  can anybody tell me please, which are the standard roles, groups and profiles of a rfc-user in our sap xi-system?
  thanks.
  regards
  Stefan

  Hi,
  Check the links for authorizations.
  http://www.erpgenie.com/sap/netweaver/xi/xiauthorizations.htm
  also check if your user have this roles in abap stack TECODE su01
  SAP_XI_ADMINISTRATOR
  SAP_XI_CONFIGURATOR
  SAP_XI_CONTENT_ORGANIZER
  SAP_XI_DEVELOPER
  SAP_XI_DISPLAY_USER
  SAP_XI_MONITOR
  SAP_ALM_ADMINISTRATOR
  SAP_J2EE_ADMIN
  SAP_SLD_ADMINISTRATOR
  SAP_SLD_CONFIGURATOR
  SAP_SLD_DEVELOPER
  SAP_XI_ADMINISTRATOR_ABAP
  SAP_XI_ADMINISTRATOR_J2EE
  SAP_XI_CONFIGURATOR_ABAP
  SAP_XI_CONFIGURATOR_J2EE
  SAP_XI_ID_SERV_USER
  SAP_XI_IR_SERV_USER
  SAP_XI_RWB_SERV_USER
  SAP_ALM_CUSTOMIZER
  SAP_BC_BASIS_ADMIN
  SAP_BC_BASIS_MONITORING
  ARG_XI_DEV
  Thanks,
  Vijaya.
  Edited

• Authorization Required for RFC user  in R/3-APO system.

  Could you please help regarding one authorization issue. I want to know the authorization required for one RFC user. Now this RFC user used for RFC connection of SAP R/3 - SAP APO system. user type is given dialog type and SAP_ALL profile has been given to this user  id. Now I have to remove SAP_ALL from this user id in R/3 and APO system and  provide the required the authorization in R/3 and APO system.
  Regard
  Auroshikha

  The RFC authorisation depends completely on what the user is doing (ALEREMOTE?).  We can't tell you what RFC auths your connection requires. 
  There is a guide to doing this here: https://wiki.sdn.sap.com/wiki/display/Security/BestPractice-HowtoanalyzeandsecureRFC+connections

• Regd IACOR R/3 user profile

  Hi,
  We are using Standalone ITS 6.20 patch level 19. We need to create a R/3 service account to establish the connection with R/3 in IACOR.What is the minimum profile reqd for R/3 service account to give in IACOR  to establish the connection with R/3.
  Regards
  Vasudevan Gopalan

  Hi,
  iacor connect to R/3 in two different ways.
  1. For the first time when iacor wants to create a destination it works as an RFC client. The user profile for this connection needs the authorization to the function group IAC_MODIFY_TCPIP_DESTINATION.
  2. After that iacor works as an external RFC server and do not need a spezial authorization. The program ID must be identical (case-sensitive) with the program ID used in the RFC destination. Furthermore you can specify security settings on the gateway for the registration of external server programs.
  I do not exactly know what profile is needed for the first step.
  Is this what you are asking for?
  regards, Arthur

• RFC user in CPS

  HI All,
  Iam geteting the following error whentrying to start the one of the process server in CPS
  Service "SAPR3Service" on process server "lzuce0dx_SE1_63_ProcessServer" stopped unexpectedly.
  Details:
  Exception: 126: BAPI exception while calling BAPI_XMI_LOGON: E XM 026 You have no authorization to log on to interface XBP [XBP, , , ]
  My Question is:
  I have entered my SAP login ID in the XBP tab of the SAP systems under "Environment" , does this ID does not have the previlage to enter the XBP ?
  Or the RFC user does not have the authorisation to enter the XBP ?
  Please advise.
  Regards
  Kiran

  Hi,
  If I read your description correctly, you have entered your SAP login credentials on the XBP tab.
  That means, that your credentials are used for the RFC connection.
  So your user does not have sufficient privileges to connect (via RFC) to the XBP interface.
  In the documentation there is a list of privileges/profiles required for the CPS RFC user.
  Please verify if your user has these privileges, or even better: create a separate RFC user for CPS.
  Regards,
  Anton.

• RFC User Authorizations

  I have created an RFC user in the source system with the profile S_BI-WX_RFC and an RFC user in the BI system with the authorisation S_BI-WHM_RFC. Initially I also gave them SAP_ALL & SAP_NEW. However I do not really want users to have the level of access SAP_ALL & SAP_NEW gives so I have removed these profiles. However when I now try and run an infopackage it doesnt seem to extract any data. I cant seem to see any valid error messages to see what's missing. Nothing of any use in the infopackage or SU53. Any body any ideas what might be missing or another profile/role that may need adding?

  Hi,
  first chec the RFC connection between r/3 and BW
  in the monitor screen go to environment>check
  Cheers,
  Swapna.G

• How to select which RFC USERS have been accessed my host ?

  Hi, guru
  how to select which RFC USERS have been accessed my host ?
  or how to record the RFC users's trace ?
  because the auditor wants to know it.
  Best regards,
  Michael

  how to select which RFC USERS have been accessed my host ?
  did you check ST03N->User profile ?
  or how to record the RFC users's trace ?
  Check ST01 for system trace.

• Autologout of RFC users

  Dears,
  Like for ABAP stack we have parameter rdisp\max_wprun_time for GUI users ,Please suggest what paramter we can use for autologout of RFC users.
  Shivam

  Hi Shivam,
  Can you clarify some of my doubts.
  1)What exactly you want, want to logout user session or terminate work process?
  2)Above screen that you sent is related to single user of all RFC users?
  3)Why you want to restrict RFC users for particulat time?
  4)Did you restart your application after adding the same?
  Answers:
  1)If you want to logout user sessions just add parameter rdisp/gui_auto_logout
  It will automatically logout idle sessions after the time exceed, that you defined. If you want to terminate work process, jsut add rdisp/max_wprun_time, it will restart work process after getting exceeded the max run time(Normally called TIME_OUT error which we can get the same dump is ST22).
  2)If it is showing all RFC users, how this parameter will terminate different users session.
  If above 4 sessions are for single user, your parameter is not in active. Just restart your application.
  Before restarting save and activate instance profile.
  3)I am allowing your input
  4) These all instace related parameters will get active only after restart of application(INSTANCE).
  Regards
  Nick Loy

• RFC Users  & Authorisations

  In the profiles of the  RFC users it was noticed  that SAP_ALL was present. In order  to remove this, :
  1.its needed to know what other authorisations need to be assigned.
  2. This is the bottle neck. How does one understand which are the activites  that are being performed.
  Thanks

  george G wrote:george G wrote:george G wrote:george G wrote:>
  > Now here we trip  on a very important question point...How does the Unkown body of users get acess to the RFC id /pwd ?
  Chances are good that they do not need the id / pwd. They only need the name of the RFC destination (for which the id / pwd is saved in SM59, already) and the ability to run "the" or "an" interface (or generate a dialog session).
  Another option is not to save the logon data in the destination, and request that the current user running the interface in the source enter their own (valid) id / pwd for the target.
  >
  > Unless its compromised personally ?
  Not necessarily necessary, but that does often add a new dimension to the risk, as the folks have a wider choice of sources from which they can "run an interface" using the id, and a wider group of folks (who talk to each other...).
  >
  > What specifics are the potential impacts the compromised id do ?
  You mentioned before that it has SAP_ALL?? Go figure what that means...
  >
  > On the sidetrack , the auditors are moved  with RFC users !!  Why would that be , to my auditor I put forth the question the answer was " they are not Dialogue users !"
  See above (SAP_ALL). The user could change itself to a dialog user... I can think of approximatly 300 thousand reasons (just off the top of my head) why your auditors are <removed_by_moderator>
  Most likely they have, much like the interface user owner you described before, been told this and have not questioned it. Or the thought never crossed their minds that the id would not be required at all if it cannot "logon"...

• I am having a serious issue with all my apps disappearing/not working- user profiles

  i will list the things i have done in the past 24 hours, hopefully one of you knows what happened...thank you in advance
  first off, my situation- was that i bought a macbook pro(about a year ago) with lion or snow leopord it is software 10.7.5 i dont know what the guy did but when he sent me the computer the username was off and so was the home folder, i changed the username with ease but the home folder stayed tbd and i couldnt figure out how to change it. well it finally got on my nerves enough from looking at it that i wanted to change it today that put me into the situation i am in. Here is what i have changed:
  -I added a second profile as to see if i could change the home emblem file named tbd to what i wanted.  This worked or so i thought. 
  - then shared and permissions showed tbd(me) so i wanted to change that also so i went into systempreferences>users and groups>login options>network account server and clicked join/open directory utility.  this is where i believe i went wrong i read in a forum that this is what you needed to change to make it look how i wanted it to.   under active directory it still had this guys name gtmb04_evan so i changed it to my name like the forum said, well his name is back up even though i changed it. and this is when everything stopped working.
  symptoms:  all my applications act like they are newly downloaded and make me set them up. 
  - my home screen is nothing like it was before, no apps are on the desktop and the bar along the bottom only has the basic ones
  - i tried to take the second username off of administrater which made me restart my cp(all my stuff looked normal until this, but didnt work) 
  -my launchpad wasnt showing any apps they simply looked blank
  - my firefox along with many other apps wouldnt even start prior to reseting and gave me a message with something like couldnt find or access user profile( i forget the entire message)
  please please help me, i hate this right now and have no idea what to do, all my files are still under my name, that when i thought i changed tbd- it apparently just made a new folder under users which didnt show up until the restart, i do not have a time machine set up on this computer because i hated the lion setup and couldn't get it to operate correctly

  i had one mac and spilt water on it, the motherboard fried so i had to buy a used one...being in school and all. it is a MC375lla
  Model Name:
  MacBook Pro
    Model Identifier:
  MacBookPro7,1
    Processor Name:
  Intel Core 2 Duo
    Processor Speed:
  2.66 GHz
    Number of Processors:
  1
    Total Number of Cores:
  2
    L2 Cache:
  3 MB
    Memory:
  8 GB
    Bus Speed:
  1.07 GHz
    Boot ROM Version:
  MBP71.0039.B0E
    SMC Version (system):
  1.62f7
    Hardware UUID:
  A802DE22-1E57-5509-93C5-27CEF01377B7
    Sudden Motion Sensor:
    State:
  Enabled
  i do not have a backup of it, so i am thinking about replacing my old hard drive from the water damaged into this one, not even sure if that would work, but it did not seem to be damaged, as i recovered all the files i wanted off of it to put onto this mbp
  the previous owner didnt have it set to boot, they had all their settings left on it and tried to edit all the names on it, had a bunch of server info and printers etc crap on it.  i do not believe he edited the terminal system though--he doesnt seem to terribly bright(if thats possible)
  tbh i hate lion compared to the old one i had, this one has so many more issues-overheating,fan noise, cd dvd noise
  if you need screenshots or data of anything else as away
  [problem is i do not want to start from scratch if there is a chance of fixing it, this one did not come with disks or anything like my first. so i dont even know if i could, and how it sets now i am basically starting from scratch, because now all my apps are reset but working, i am hoping to get my data back somehow though, i lost all of my bookmarks and editing all my apps and setting again would be a pain

• How do my GF and I share our iTunes library across our user profiles?

  I'm sure this question has been asked a million times but here goes.
  My GF and I both have a user profile on our Mac Mini. She is just now setting up her new iPhone and wants to be able to get music on it and such from her own profile.
  All of the iTunes (and iPhoto) media sits on an external 2TB hard drive. I can see everything free and clear in my profile. When I log into her profile she's got nothing in her music library. How can we get her to be able to access the same library? Also, is there a way to ensure that if she were to add new music to her folder that I would see it in mine?
  Your big brains appreciated on this. I'm sure there's a simple solution, no?

  perhaps the following kb article will help:
  http://support.apple.com/kb/HT1495

• Use one profile for all user profiles in Server 2012 R2

  Hi
  I am setting up an Windows Server 2012 R2 Template on VMware. 
  I will do som changes with the local admin user, and want all user that will log in to servers made from this Template, get the user profile I have set up for the admin account.
  How to I do that?
  Regards
  StigKSand

  the way I used to do this was to create a new profile the way I wanted with any shortcuts applications etc installed. then I would create another user account on the PC and make it an admin.
  reboot the pc to ensure it hasn't got the pre-configured profile loaded and login with your newly created admin account.
  then right click This PC in windows explorer and select properties, then select advanced system settings, and select user profiles on the advanced tab. You can then select the profile you made all the configuration to, and click copy and then select default
  profile.
  this should then mean any new users who login get this default profile on this server.
  hopefully that is what you were referring to.
  Regards,
  Denis Cooper
  MCITP EA - MCT
  Help keep the forums tidy, if this has helped please mark it as an answer
  My Blog
  LinkedIn:

• How can I Import CA Certificate into a new user profile when it's created

  I need to deploy a CA Root Certificate to new firefox user profile when it is created in windows. I Seen somewhere that you could place a working copy of cert8.db in %programfiles%\firefox-installation-folder\defaults\profile and this would get added when a new firefox profile is created. However, the profile directory doesn't exist in the defaults folder and when I created it this method still didn't work.
  Is there a way to get firefox to create new profiles with preconfigured Certificates?
  Right now when new users open firefox for first time it is unable to connect to any SSL sites through our proxy server until the user adds the proxies ca certificate or it gets added later via logon script (at next user logon).

  Update... For anyone looking for a similar solution:
  I ended up adding more to my logon script I have it check for a user's mozilla profile first and if not found it will use command line "firefox.exe -createprofile default" to make one. After that I just copy a working cert8.db to that new profile. Then when the user opens firefox for first time, it will detect this new profile, and it will load it along with the correct CA Certs intact...
  Also, for existing profiles my script just uses nss certutil to add my proxy CA Certificate to the users profile cert8db.

• Huge ntuser.dat.LOG1 since upgrade to Windows 8.1 prohibits roaming of user profile

  Hello,
  a few days ago my PC (part of our domain) first started to have problems with my user profile. Our domain uses roaming profiles with a size limit of 30MB. My user.dat has a size of 12.5MB. Up to now this did not cause any problems (and does not cause any for
  most users of our domain having a user.dat of similar size). However, after upgrading to Windows 8.1 I repeadly have problems with my profile exceeding its maximum size. After checking my profile, I found a ntuser.dat.LOG1 with 12,5MB in size and a ntuser.dat.LOG2
  of 2MB. As far as I know these files are used to store temporary transactions for the user.dat. But why are they this large? Together they almost completely fill the profile. As an interesting side node the last modification of ntuser.dat.LOG1 dates back more
  then seven days.
  What is further puzzling me: ntuser.dat.LOG1 and ntuser.dat.LOG2 are not synchronized with the roaming profile on the server. At least they are not on the server. However there used to be much smaller versions of these files which could have been transfered
  before the profile size exceeded its limit. Since these file seem not to be part of the roaming part of the profile, they should not count for the roaming profile size. However, they definitely do. Neglecting the registry files the largest file in my profile
  is less than 500kb and there are very few files of this size. I checked locally as well as on our server.
  Deleting the local profile and starting fresh using the roaming profile from our server does work for a day or two but then I run into the same problem. Especially, loosing all local profile data is inconvenient. I could start a new with a completely new
  profile, but I am not convinced that it is a profile issue. In our organisation my computer is one of the first to move to Windows 8.1. Since my profile worked without problems for years now, I am worried that I ran into a Windows 8.1 issue. As users normally
  start to complain about a roaming profile not synchronizing only after their local copy broke, I'd like to make sure that this is a isolated issue.
  Anyone else experiencing similar issues? Any hint on how to solve the problem?
  Regards,
  Oliver

  No, I did not find a solution. However, we moved away from roaming profiles and rely on folder redirection only. That works for us. Since we can redirect the most important folders there is no more need for roaming profiles (at least in our case).