https://community.sap.com/t5/application-development-and-automation-discussions/rfc-destination-problem/m-p/3174085#M755290 <HTML><HEAD></HEAD><BODY><P>check if you have selected proper client number of the destination system...</P></BODY></HTML> Thu, 13 Dec 2007 09:08:41 GMT Former Member 2007-12-13T09:08:41Z https://community.sap.com/t5/application-development-and-automation-discussions/rfc-destination-problem/m-p/3174084#M755289 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>I have created one RFC destination of type 3 and tried test connection. it was good. but when i tried remote logon it was asking the user and password again.</P><P></P><P>So i tried Authorization test. it says name or password incorrect.</P><P></P><P>but my password and user is 100% correct.</P><P></P><P>What could be problem.</P><P></P><P>&lt;b&gt;Ponit ll be awarded for helpful answers&lt;/b&gt;</P></BODY></HTML> Thu, 13 Dec 2007 08:57:23 GMT https://community.sap.com/t5/application-development-and-automation-discussions/rfc-destination-problem/m-p/3174084#M755289 former_member614185 2007-12-13T08:57:23Z https://community.sap.com/t5/application-development-and-automation-discussions/rfc-destination-problem/m-p/3174085#M755290 <HTML><HEAD></HEAD><BODY><P>check if you have selected proper client number of the destination system...</P></BODY></HTML> Thu, 13 Dec 2007 09:08:41 GMT https://community.sap.com/t5/application-development-and-automation-discussions/rfc-destination-problem/m-p/3174085#M755290 Former Member 2007-12-13T09:08:41Z https://community.sap.com/t5/application-development-and-automation-discussions/rfc-destination-problem/m-p/3174086#M755291 <HTML><HEAD></HEAD><BODY><P>Dear Prabhu,</P><P></P><P>Remote Function Call (RFC) - Authorization Concept </P><P></P><P>If the instance profile parameter 'auth/rfc_authority_check' is set (to 1), the system automatically performs an RFC authorization check. The authorization check refers to the relevant function group for the function module to be called. If no authorization is found, a runtime error occurs. You can check the authorization in advance with the function module AUTHORITY_CHECK_RFC. If the RFC communication takes place in one system in the same user context - that is, using the same client and user ID - the system does not carry out an RFC authority check.</P><P></P><P>Remote Function Call (RFC) - Authorization Concept </P><P>Since Release 3.1G you have been able to run RFC authorization checks based on the (called) function group. </P><P></P><P>If the instance profile parameter 'auth/rfc_authority_check' is set to 1, the system automatically runs an RFC check. The authorization check refers to the function group of the function module to be called. If no authorization exists, this leads to runtime error RFC_NO_AUTHORITY. If the RFC communication takes place within one system and in the same user context, i.e., the same client and user identification, no RFC authorization check is performed. </P><P></P><P>You can first check the authorization using function module AUTHORITY_CHECK_RFC. The system runs the RFC authorization check each time you access the called function module using RFC (the system checks the corresponding function module groups). </P><P></P><P>The authorization is checked using authorization object S_RFC. </P><P></P><P>This authorization object contains the following three fields: </P><P></P><P>RFC_TYPE : Type of the RFC object to be protected </P><P>This field can currently have the value 'FUGR' (function group). </P><P></P><P>RFC_NAME : Name of the RFC object to be protected </P><P>This field currently contains function group name. It may be up to 18 characters long. The authorization check only applies to the first 18 characters. </P><P></P><P>ACTVT : Activity </P><P>This field can currently have the value 16 (execute). </P><P>From Release 4.0, the authorization check is active by default (that is, auth/rfc_authority_check = 1). </P><P></P><P>In addition, from Release 4.0 you can also set up a trusted relationship between systems (see also documentation on Trusted/Trusting Systems). This sets up a trusted relationship between the calling and the called systems, whereby this relationship is initiated by the called system. In the called system you must then specify the users in the calling system who may execute Remote Function Calls over this type of trusted relationship (trusted users). Additionally you must assign the trusted users with trusted profiles (authorization object S_RFCACL) in the called system. </P><P></P><P>This authorization contains the following fields: </P><P></P><P>RFC_SYSID : ID of the calling system </P><P></P><P>RFC_CLIENT : Client for the calling system </P><P></P><P>RFC_USER : ID of the calling user </P><P></P><P>RFC_EQUSER : Identifier, whether or not the user may be called by a user with the same ID (Y = Yes, N = No). </P><P></P><P>RFC_TCODE : Calling transaction code </P><P></P><P>RFC_INFO : Additional information from the calling system (currently inactive) </P><P></P><P>ACTVT : Activity </P><P>This field can currently have the value 16 (Execute) </P><P></P><P>Using this, you can specify exactly which users may call remote function modules using other user IDs. </P><P></P><P>Note : The authorization check based on the function groups (authorization object S_RFC) takes place independently of the authorization checks within the trusted systems. </P><P></P><P>The link below can also be helpful.</P><P>&lt;a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/42/f3d07f074e1bcae10000000a11466f/frameset.htm"&gt;Access Control Using Assigned Users&lt;/a&gt;</P><P></P><P></P><P>Best Regards,</P><P>Raj</P><P></P><P>&lt;b&gt;Please award points if found helpful.&lt;/b&gt;</P></BODY></HTML> Fri, 14 Dec 2007 11:42:30 GMT https://community.sap.com/t5/application-development-and-automation-discussions/rfc-destination-problem/m-p/3174086#M755291 Former Member 2007-12-14T11:42:30Z