cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

You are not authorized to logon to the target system (error code 1)

Go to solution
Former Member

on ‎03-19-2011 5:58 AM

Dear Expert,

I met some problems that 'You are not authorized to logon to the target system (error code 1)' when I tried to do the auth. testing for RFC SM_CLNT<SID>_TRUSTED in satellite system.

Following SAP note 128447, I recreated the RFCs in SMSY in solution manager for satellite system using existing user.

It was still error ''You are not authorized to logon to the target system (error code 1)'.

In SMSY in solman, I checked the RFCs connection which I recreated using RFC wizard, they are ok(green).

I have already maintain the auth. obj S_RFCACL for user who is running this.

So, I am confused what authorization I did not maintain in user? Please help me out!

Thanks a lot!

Br,

Lucy

Edited by: lucy YANG on Mar 19, 2011 6:59 AM

Edited by: lucy YANG on Mar 19, 2011 7:01 AM

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Paul_Babier
Product and Topic Expert
Product and Topic Expert
‎03-22-2011 12:47 AM
0 Kudos

Hello Lucy,

The error is pretty clear that the calling system is not a trusted system so I don't think you should bother with an authorization trace at this time, because authorizations is not quite the issue. The calling system is NOT a trusted system, authorizations or not.

Please refer to SAP Note 128447 Trusted/Trusting systems

The error is listed there:

Authorization errors that occur when using an RFC destination for which

the 'Trusted Systems' indicator is set are documented with the following

message:

"No authorization to log on as a trusted system (Trusted RC = #)."

In this case, the trusted return code # (# = 0, 1, 2, 3) has the

following relevance:

.

.

.

1 The calling system is not a trusted system, or the

security key for the system is invalid.

Solution: Recreate the trusted system (see

documentation).

These are the links the Note provides for the documentation:

[http://help.sap.com

/saphelp_nw04/helpdata/en/22/042671488911d189490000e829fbbd/frameset.htm

] in accordance with the documentation

[http://help.sap.com/

saphelp_nw04/helpdata/en/8b/0010519daef443ab06d38d7ade26f4/content.htm].

The Note states to recreate the Trusted system according to the Documentation (links above)

This is all in the Note. Please follow the Note to reslve this known error.

Regards,

Paul

Show replies
Show replies
Former Member
‎03-22-2011 6:52 AM
0 Kudos

Thanks Poul!

I saw that note 128447. And according this note, I recreated the trusted system using RFC wizard in solman, but the same error still existed.

Please advice!

Br,

Lucy

Former Member
‎03-22-2011 7:35 AM
0 Kudos

Hi

now try this just applying both the steps at once

1. Goto solman remove the system in smt1 tcode, and recreated the same using wizard in smt1

(HOPE u did this)

2. Now re-create Trusted RFC in SM SIDCLNT<CLINT>TRUSTED in the managed system

This should logically work

Please check,

Jansi

Answers (5)

Answers (5)

mateus_pedroso
Employee
Employee
‎06-07-2011 6:19 PM
0 Kudos

Please, use SOLMAN_SETUP and Managed System Configuration.

The first step of Managed Configuration will create to you the READ/TRUSTED/BACK/TMW RFC's automatically to you. Both users (Solman Administrator and Communication user of managed system must have a role with the authorization object S_RFCACL)

Show replies
Show replies
khampariamukesh
Active Participant
‎09-02-2014 4:38 PM
0 Kudos

Thanks Pedroso. It is really very common issue and I have resolved it with adding role "SAP_SM_S_RFCACL" both systems (caller and called)..

Worked for me..

Thanks

Mukesh

Former Member
‎06-07-2011 4:25 PM
0 Kudos

Hi,

I had the same issue with a Solution Manager system (7.0 EHP1 SPS26).

To solve it, I performed following steps:

1. Delete the trusted system in SMT1;

2. Delete all RFC connections for the satellite system via SMSY. Verify that these connections have disappeared from SM59;

3. Recreate these RFC connections via SMSY and the wizard. You can leave defaults suggested by the wizard. In my case, everything was green in the creation log.

I don't know what makes the trusted RFC connection work afterwards (I don't find any documentation about this point), but I tried to create a trusted RFC connection before running the wizard, without success (error code 1); after running the wizard I recreate exactly the same trusted RFC connection, and this time it's working ! (???). Apparently this is not related to SECSTORE...

Kind regards,

Christophe

Show replies
Show replies
Former Member
‎03-21-2011 8:56 AM
0 Kudos

Hi Lucy,

you need to run the trace in the satellite system, not in Solution Manager.

Once the trace is running on that system, you need to try to logon to that system from solution manager with the trusted RFC.

After the logon attempt, return to the sattelite system (manual logon) and analyse the results from the trace.

Solution Manager is trying to access the satellite system through a trusted RFC, a successful trusted logon is therefor depending on the authorizations granted to a user on that sattelite system.

That is the reason why running a trace in SolMan won't generate the desired results (assuming you have sufficient authorizations on the solman system).

best regards,

Jeroen

Show replies
Show replies
Former Member
‎03-21-2011 9:15 AM
0 Kudos

Hello Expert,

No matter trusted RFC or not, If I ran auth. testing of a RFC on the source system, and the trace will be on the target system, right?

So, there is a wired thing, why no trace result appeared on the target system?

Thanks a lot!

Br,

Lucy

Former Member
‎03-21-2011 7:54 AM
0 Kudos

Hi Lucy,

can you start a trace (ST01, enable only authorization check) on the system you are trying to logon to?

Once the trace is running, repeat the logon with the trusted RFC. If it fails again, the trace captures the authorization checks and the trace log (analysis) should display which object is missing in your authorizations (indicated by RC=4 or RC=12)

best regards,

Jeroen.

Show replies
Show replies
Former Member
‎03-21-2011 8:40 AM
0 Kudos

Hello Expert,

I set the trace on in SOLMAN with authorization check, and then, make a auth. testing of RFC SM_<SID>CLNT<NO>_TRUSTED in satellite system. Then trace off and ran trace report in SOLMAN. But there is no record shown in trace report.

Please advice!

Thanks a lot!

Br,

Lucy

Former Member
‎03-19-2011 7:36 AM
0 Kudos

hI

Does the user available in both the system

Can you check the authorization 'S_RFCACL' for both system.

if posible create a Role with 'S_RFC', 'S_RFCACL','S_RFC_ADM' for both system and assign role to user in both the system

it should work ,else run su53 and check which is authoraisation missing

Thanks,

Jansi

Show replies
Show replies
Former Member
‎03-19-2011 10:54 AM
0 Kudos

Hi Expert,

Thanks for your prompt reply!

I checked those 3 auth. objects in my account in Both system. They are all maintained.

I really don't know what kind of authorizations are missing?

One more thing confused me, is that:

When I used RFC wizard to automatically generate RFCs for trusing/trusted system in solman, this wizard will generate RFC for customiziong distribution if I choose this option.

I see there are some auto generated RFCs for CUST_SYNCH which point to client001 in other systems, like SM_<SID>CLNT001_TRUSTED, but mine here for CUST_SYNCH points to productive client, not client 001.

Is there anywhere to set which client is used to point to for CUST_SYNCH?

Please advise!

Thanks in advance!

Br,

Lucy

Former Member
‎03-20-2011 4:46 AM
0 Kudos

Hi

It should ponit to the client which you mentioned for

SM_<system ID>CLNT<client>_TRUSTED since there are the RFC required for custom distribtuion.

Please check this,

[http://help.sap.com/saphelp_sm32/helpdata/en/48/647e3ddf01910fe10000000a114084/content.htm|http://help.sap.com/saphelp_sm32/helpdata/en/48/647e3ddf01910fe10000000a114084/content.htm]

and [Guide Custom distribution|http://help.sap.com/saphelp_sm70ehp1_sp23/helpdata/en/c4/533d4050d89523e10000000a1550b0/frameset.htm]

Thanks

Jansi

Former Member
‎03-21-2011 7:59 AM
0 Kudos

Thanks for your info!

How do you think the error 'You are not authorized to logon to the target system (error code 1)' might come from?

I saw that source server name descripted with character '_' in TCODE SMT1, does that naming cause the problem?

Thanks a lot!

Br,

Lucy

Ask a Question