How to identify the list of RFCs trying to log in ...

Former Member · ‎2017 Oct 03

There is an issue with a system account becoming locked after a period of time due to too many incorrect logins. The original password had to be changed last week to set up an RFC with a new system. (it was not recorded when initially cfg'd). On Friday a job had failed (for RFC - 'EP1CLNT100') used for processing iDocs. The password was updated but the account locked again this morning.

S_Sriram · ‎2017 Oct 03

Hi Banerjee.

1. Enable the user level audit on the specified user id. or enable the user level trace

2. You can check the RFC connection test use report RSRFCCHK and find the RFC report which RFC getting failed. refer the wiki link

https://wiki.scn.sap.com/wiki/display/Security/Best+Practice+-+How+to+analyze+and+secure+RFC+connect...

BR

SS

prithvirajr · ‎2017 Oct 03

Hi Kaustav,

You can also try below, hope that helps

If happening at particular time, set the following parameter active in RZ11 maybe 10 minutes before this usual lock period. This will generate more information in trace files and short dump to tell you where RFC is being access from that locks the user

rfc/signon_error_log

If you set the value of the profile parameter to 0

no ABAP short dump is written, but an entry is created in the syslog.

If you set the value of the profile parameter to 1

The system outputs the short dump

"CALL_FUNCTION_SIGNON_REJECTED" every time a logon error occurs. You can analyze the content of the dump using the ABAP short dump analysis transaction (Transaction ST22).

Regards,

Prithviraj

How to identify the list of RFCs trying to log in via a specific system user?

Know the answer?

Need more details?

Accepted Solutions (0)

Answers (2)

Answers (2)

Re: Trying to find a field from B1 Journal Entry i...

Re: To have a multiple associated CDS view with En...

Re: To have a multiple associated CDS view with En...

SAP BTP Destination to s4 Public Cloud Gives error...

Re: REST service on BTP in CAP or MTA