RFC权限分配

项目接近尾声，和SAP的集成也按进度进行。

测试系统全部通过。

今天测试往正式系统传送数据，生成正式凭证。

结果，系统返回错误：User ******** has no RFC authorization for function group SYST .

看来普通用户是不能直接调用RFC的。

SAP在线帮助：

RFC Trusted/Trusting Systems  
You can use transaction SMT1 to define a calling system in the system being called as a trusted system. The system being called is then referred to as a trusting system.
Trusted SAP systems can log on to another SAP system without the need for a password. The existence of trust relations such as this between SAP systems has the following advantages:
·        "Single Sign-On" across system boundaries
·        No password transfer across the net
·        Timeout mechanism for the logon data prevents misuse.
·        User-specific logon data for the trusted system is checked.
You can configure multiple SAP systems as mutual trusted systems. When building a trust relationship between two systems, the initiative starts with the called system (server system). Here, users of the calling system who are allowed to make RFC calls by way of a trust relationship of this kind, must be identified in the system being called (trusted users).
Before a trusted system can be defined, a destination for this system must be created in the trusting system. In addition, the RFC users must have the corresponding authorizations in the trusting system (authorization object S_RFCACL). You can check the authorizations for the logged on users in the trusting system in advance, by using the function module AUTHORITY_CHECK_TRUSTED_SYSTEM.
 
In a trust relationship, the calling system (client system) plays the role of the trusted system, and the called system (server system) plays the role of the trusting system.

========================================================

 

创建RFC权限对象S_RFC、S_RFCACL分配适当权限。

继续测试。

测试通过。

---------------------------------------------------------------------------------------------------------------------

User has no RFC authorization for function group SYST.

When you setup  CUA, during the RFC creation, you get an error saying User   < > has no RFC authorization for function group SYST.

 

Solution:

 

1) Copy the roles

SAP_BC_USR_CUA_SETUP_CLIENT

SAP_BC_USR_CUA_CLIENT

SAP_BC_USR_CUA_SETUP_CENTRAL

SAP_BC_USR_CUA_CENTRAL

to custom roles in their respective systems.

 

example:

 in the central system copy role SAP_BC_USR_CUA_SETUP_CENTRAL to Z_SAP_BC_USR_CUA_SETUP_CENTRAL

 

in child system copy role SAP_BC_USR_CUA_SETUP_CLIENT to Z_SAP_BC_USR_CUA_SETUP_CLIENT

 

2) Goto the newly created custom roles and generate profiles for each roles..

 

 

SAP_BC_USR_CUA_SETUP_CLIENT

SAP_BC_USR_CUA_CLIENT

SAP_BC_USR_CUA_SETUP_CENTRAL

SAP_BC_USR_CUA_CENTRAL

to custom roles in their respective systems.

 

example:

 in the central system copy role SAP_BC_USR_CUA_SETUP_CENTRAL to Z_SAP_BC_USR_CUA_SETUP_CENTRAL

 

in child system copy role SAP_BC_USR_CUA_SETUP_CLIENT to Z_SAP_BC_USR_CUA_SETUP_CLIENT

 

2) Goto the newly created custom roles and generate profiles for each roles