|
Purpose
This report is used to update the trust relationships of all system thattrust the current system (in accordance with SAP Note 1491645). Integration
SAP Note 1491645 must be imported into all involved systems before thisreport can be run.
The report must be started manually in all systems in the landscape toenable existing trust relationships between these systems to be updated.It does not matter in which order the report is started.
The report can be paused and resumed. The report detects trustrelationships that are already up-to-date and does not update themagain.
Trust relationships not updated by this report can be updated manuallyby being deleted in in the trusting system and created again (both intransaction SMT1). Prerequisites
1. ,,SAP Note 1491645 must have been imported in the current system andall systems that trust this system.
2. ,,If the profile parameter "rfc/security_key" is set in the currentsystem, it is negated when the trust relationships are updated usingthis report. It is advisable to delete this profile parameter afterrunning the report and restarted the affected instances.
3. ,,The user used to run the report requires the followingauthorizations:
Authorization object S_ADMI_FCD with the field S_ADMI_FCD and the valueNADM.
Plus (from SAP Basis Release 7.02): Authorization object: S_RFC_TT withthe following values:
Field ACTVT with the value 2 (Change)
Field RFC_TT_TYP with the value 2 (calling system)
Field RFC_SYSID with the value
Field RFC_INSTNR with the value, if available.
4. ,,The user used to run the function module in the trusting systemrequires the following RFC authorization:
Authorization S_RFC:
Field RFC_TYPE with the value FUGR
Field RFC_NAME with the value QRFC
Field ACTVT with the value 16 (Execute)
Comment: From Release 7.02, the RFC user can be given the requiredauthorization based on remote-enabled function modules:
Field RFC_TYPE with the value FUNC
Field RFC_NAME with the value RFC_UPDATE_TRUST_RELATION
Field ACTVT with the value 16 (Execute)Features
The report is executed in several phases: Prerequisite check, automaticconnection, manual connection, and the actual update of the trustrelationships. Phase 1: Check the prerequisites
If the profile parameter "rfc/security_key" is set in the currentsystem, a confirmation dialog box queries whether the user wants to runthe report. This profile parameter is negated when the trustrelationships are updated. It is advisable to delete this profileparameter (either before of after you run the report).
Authorization checks in the current system (see above).
If the current system has a trust relationship to itself, a check runs(for releases before 7.02) to see whether the database ID of the currentsystem matches the ID derived from the trust relationship. This isnecessary for the unique identification of the system; a uniqueidentification by the installation number is only available from Release7.02.
If all trust relationships to the current system have already beenupdated, this is indicated by the report before it exits.
If no trust relationships to the current system exist, then the reportmakes the required settings in the current system for creating securetrust relationships, displays a relevant message, and then exits. Phase 2: Automatic connection
The report attempts to create an RFC connection to the trusting system,using the data stored in the trust relationship. At the same time, itchecks whether all prerequisites for the successful update of the trustrelationship are met in the trusting system (authorizations, existenceof the function module, and so on). If a connection error occurs, thesystem makes multiple separate connection attempts.
The results of these checks for all systems trusting the current systemare displayed in a table. If you select one or more rows in the tableand choose "Error Details", detailed information about the check resultsin question is displayed in a separate window. You can close this windowagain by choosing "Back to Overview".
The icons in the first column of the check results table have thefollowing meanings:
Red traffic light: ,,No connection was made or the prerequisites for theupdate are not met. No solution can be provided by the report itself.
Yellow traffic light: ,,A logon error occurred. The user can log onmanually, however (,,,,,,in a logon window), see phase 3.
Green traffic light: ,,Connection made and all prerequisites for theupdate are met.
"Completed" icon: ,,The trust relationship has been updated. Phase 3: Manual connection
For systems where an automatic connection in phase 2 failed due to alogon error, you have the option of performing a manual logon in a logonwindow. To do this, select the row in question in the table and choose"Manual Logon" on the far right of the toolbar in the table. If thelogon fails, or the user closes the logon window, this is indicated inthe table. You can then attempt a new manual logon in the same way.
The user can also choose "Connect" for the selected connection to make anew connection attempt. The communication timeout can be entered in adialog box (between 1 and 60 seconds). Phase 4: Update (of the trust relationships)
By choosing the "Update" button, the trust relationships are updatedfrom all systems where an RFC connection was made (either automaticallyin phase 2 or manually in phase 3) and indicated accordingly by a greenlight in the table. Finally, a list on the screen indicates which trustrelationships have been updated or not.
There are two options for trust relationships not updated by the report:
1) Remove the cause of the error and run the report again.
2) Update the trusted relationship manually from the trusting systemusing transaction SMT1. Here, the trust relationship must be deletedmanually in the trusting system and created again.
,, Output
Phase 4 ("Update") of this report ends by displaying the results of theupdate. |