RFC User Authorizations
  • 2 Minutes to read
  • Dark
    Light
  • PDF

RFC User Authorizations

  • Dark
    Light
  • PDF

Article Summary

The RFC user should have the required authorizations as described below.


Production RFC User

Object S_RFC (Authorization Check for RFC Access):
  • RFC_TYPE (type of RFC object to be protected) – ‘FUGR’
  • RFC_NAME (name of RFC to be protected) – ‘SDTX’, ‘STUW’, ‘SYST’, 'BDCH', ‘SRTT’, ‘SRFC’, ‘THFB’,’SIFP’, ‘SCSM_COLLECTOR’, ‘SCSM_GLOB_SYSTEM’, ‘SXMB_MONI’, ‘IPC_V01’, 'S1EM', ‘SUSE'
  • ACTVT (Activity) – ‘16’
 
Object S_TABU_DIS (Table Maintenance via standard tools such as SM30):
  • DICBERCLS (Authorization Group) =
    For all Panaya Projects - ’PC’, ’SS’, ’SC’, ‘SA’,’&NC&’, ‘SPWD’ , ‘XICO’, ‘XIPE’, 'VC', 'MA'
  • ACTVT (Activity) = ‘3’

Object S_DEVELOP (ABAP Workbench): 
  • ACTVT (Activity) = ‘3’ 
  • DEVCLASS (Development class for Transport) =’*’ 
  • OBJNAME (Object name) = ‘*’ 
  • OBJTYPE (Object type) =’*’ 
  • P_GROUP (Authorization group ABAP/4 program) = ‘*’
Object S_XMB_MONI (Authorization Object for XI Message Monitoring):
  • ACTVT (Activity) - '03'
  • SXMBIFNAME (Proxy Generation: Interface ID) - '*'
  • SXMBIFNS (Proxy Generation: Namespace in the Integration Builder) - '*'
  • SXMBPARTY (XI: Communication Party) - '*'
  • SXMBPRTAG (XI: Issuing Agency for Communication Party) - '*'
  • SXMBPRTTYP (XI: Identification Scheme for Communication Party) - '*'
  • SXMBSERV (XI: Service) - '*'

For a system with HR components - Object S_TABU_CLI (Cross-Client Table Maintenance): 

  • CLIIDMAINT (Cross-Client Table Maintenance ) – ‘X’ 

For extractions that require Fiori data - Object 'S_TABU_NAM'

  • ACTVT (Activity) - '03'
  • Table /IWFND/L_METAGR
  • Table /IWFND/L_MET_DAT


Solution Manager RFC User

Object S_RFC (Authorization Check for RFC Access):
  • RFC_TYPE (type of RFC object to be protected) – ‘FUGR’
  • RFC_NAME (name of RFC to be protected) – ‘SDTX’, ‘SMSY_GET_DATA’, ‘SMSY_GET_DATA_RFC’, ‘SMSY_PPMS_API_RFC’,’RSDRI’, ‘SYST’, ‘SASAP00’, ‘RFC1’
  • ACTVT (Activity) – ‘16’
 Object S_TABU_DIS (Table Maintenance via standard tools such as SM30):
  • DICBERCLS (Authorization Group) = ’SS’,’&NC&’
  • ACTVT (Activity) = ‘3’
Object S_TABU_RFC (Data Export with RFC): 
  • ACTVT (Activity) = ‘3’
Object S_RS_AUTH (BI Analysis Authorizations in Role):
  • BIAUTH (BI Analysis Authorizations: Name of an Authorization) = ‘0BI_ALL’

Object S_TABU_NAM (Table Access with Generic Standard Tools):

  • ACTVT (Activity) = ‘3’
  • TABLE (Table Name) = TFDIR, USR01


BW RFC User

Object S_RFC (Authorization Check for RFC Access):
  • RFC_TYPE (type of RFC object to be protected) – ‘FUGR’
  • RFC_NAME (name of RFC to be protected) – ‘SCT2’,‘SDTX’ 
  • ACTVT (Activity) – ‘16’
Object S_TABU_DIS (Table Maintenance via standard tools such as SM30):
  • DICBERCLS (Authorization Group) = ‘SC’,’SS’,’&NC&’

If you encounter authorization issues related to BW during the extraction, try adding the following to the authorization group: ‘BWC’, ‘STRW’

  • ACTVT (Activity) = ‘3’
Object S_TABU_RFC (Data Export with RFC): 
  • ACTVT (Activity) = ‘3’


SI RFC user

In the Client field, use 000. No authorizations are required.


ATC RFC user


The RFC user should have the required authorizations as described below -

Object S_RFC (Authorization Check for RFC Access):

  • RFC_TYPE (type of RFC object to be protected) – ‘FUGR’
  • RFC_NAME (name of RFC to be protected) – ‘SATC_CI_METADATA_REMOTE’, ‘SATC_CI_RESULT_REMOTE’
  • ACTVT (Activity) – ‘16’

Object S_Q_ADM (Launching code analysis, accessing results):

  • ACTVT (Activity) – ‘03’
  • ATC_OBJTYP (ATC: ATC-object with access control needs) – ‘02’, '03'
  • ATC_VISIBL (ATC: Result visibility) – All Values
  • DEVCLASS (Package) - *
  • APPL_COMP (Application component ID) - *