Solution : https://service.sap.com/sap/support/notes/758210 (SAP Service marketplace login required)
Summary :
The SAP Note details an issue with audit log entries related to failed RFC/CPIC logon attempts using SAP* user, highlighted by specific SAP system transactions and modules. Common reasons involve outdated versions of 'sapinfo', which originally used SAP* for logons, and the CCMS agent causing errors such as CALL_FUNCTION_SIGNON_REJECTED via the RFCPING function. As corrected in sapinfo version 40B, using SAPCPIC and ADMIN allows proper authentication. Implementation of kernel patch from note 774406 will limit security log entries to RFC calls outside specified functions, adding robustness against unauthorized access attempts by enhancing logon lock security measures.
Key words :
sap au6 rfc/cpic logon failed, security audit log entries mentioned, aborted logon lock counter, special function module group, type = ssap note 624635 describes, call function module control_perf_request, abap runtime error call_function_signon_rejected, rfc function module, failed attempt originated, repeat logon request
Related Notes :
| 774406 | |
| 662390 | User lock with RFC logon without password |
| 624635 | |
| 413708 | Current RFC library |
| 313971 | Monitoring: RFC error messages for SAPSYS users |