Question:
To check whether it realy is an auth problem, give it more or all access temporarily and run it again. If it works then trace it (ST01) to get the auths and watch the return codes. You can use SM20 (if active) or ST03N RFC profiles to get the real sucsussful calls (assuming that no one abused it while it had more access...). You should run only that which you require so that the trace and stats and audit log entries are clean of false positives.
_________________
Try Search
Else SAPNet
Otherwise It was designed not to work.
____________________
Answer:
And you might also take a leason learnt from it regarding SAP's standard delivered roles....
_________________
Try Search
Else SAPNet
Otherwise It was designed not to work.
____________________
Answer:
To check whether it realy is an auth problem, give it more or all access temporarily and run it again. If it works then trace it (ST01) to get the auths and watch the return codes. You can use SM20 (if active) or ST03N RFC profiles to get the real sucsussful calls (assuming that no one abused it while it had more access...). You should run only that which you require so that the trace and stats and audit log entries are clean of false positives.
Tarryn
Thanks for your input. Will this work for a trace on Java?
It's strange that it works in two of the three clients - with identical roles!!
The CMSAdministrator Role (java role) is only applied in Development...
Regards
_________________
Baz
AsPiRiNg tUlY iDiOt
http://www.catb.org/~esr/faqs/smart-questions.html
Answer:
Is there an RFC problem? What authority does LSADMIN have for object S_RFC? If lsadmin is doing an RFC login it could be a password problem.
Answer:
Will this work for a trace on Java?
I donīt know what the effect will be, sorry, but if your auth/rfc_authority_check parameter is 1 then it is unlikely to have one from the RFC perspective. But you never know... check for a dump in the target.
Sometimes SAP finds, for example that the client is closed but then erroneously issues a message stating "Merry Christmas". Just a thought.
It's strange that it works in two of the three clients - with identical roles!! The CMSAdministrator Role (java role) is only applied in Development...
You meant "systems" and not "clients" right? It may have something to do with the "administration" from the dev domain and the status of the production "client"? Did you move it? If QA is working, then there may be the need from logging onto it to release from the backup domain which the controllers knows (and now needs) for reasons which were previously unknown?
SAP has clamped down on this area, but I am not familiar with the impact of Java nor SRM on it, so this is speculation of similarities.
Tarr
_________________
Try Search
Else SAPNet
Otherwise It was designed not to work.
____________________
Answer:
Tarryn/Guest
Thanks for your input in this. The issue was resolved with a reboot....
Have a good festive period....
Baz
_________________
Baz
AsPiRiNg tUlY iDiOt
http://www.catb.org/~esr/faqs/smart-questions.html