cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Error when Extracting Metadata from ECC

Go to solution
Former Member

on ‎04-17-2014 5:22 PM

0 Kudos

Hello,

DS 4.2 was working fine with ECC after the creation of RFC connection. I was able to pull some of the tables. but after Basis team made some security changed with the objects, I am not able to pull the metadata from ECC.It is showing the following error. Can any one help me with this.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

akhileshkiran
Contributor
‎04-17-2014 5:52 PM
0 Kudos

Hi


I hope this below threads will help you out. It is something related to authorization related to ETL account.

The solution for this issue which is by granting the SAP_ALL authorization to the ETL account. As Istimawan mentioned in the below thread.

  SAP_ALL authorization for "system" user type | SCN

Regards,

Akhileshkiran.

Show replies
Show replies
Former Member
‎04-17-2014 6:24 PM
0 Kudos

Akhilesh,

Thanks for your reply. I want to know what exact role should be define in the security. If SAP_ALL is not a best practice then what is the solution? what is level of security that is to be assigned in order to extract metadata from ECC?

Based on the experts discussion, I think we should assign all the roles under S_RFC and S_RFCACL what do you think?

akhileshkiran
Contributor
‎04-17-2014 9:34 PM
0 Kudos

Hi

As per there discussion
Yeah it is not a best practice to assigning SAP_ALL. You should create a new role with authorization. Please contact your basis team. Ask them to create a New role and grant Authorizations. But in some cases SAP recommended to assign SAP_ALL authorization. 

Hope this will help you out

Authorization Profile SAP_ALL - Identity Management - SAP Library

This composite profile contains all SAP authorizations, meaning that a user with this profile can perform all tasks in the SAP system. You should therefore not assign this authorization profile to any of your users. We recommend that you create only one user with this profile. You should keep the password of this user secret (store it in a safe) and only use it in emergencies (see also Protective Measures for SAP*).

Instead of using the SAP_ALL profile, you should distribute the authorizations it contains to the appropriate positions. For example, instead of assigning your system administrator (or superuser) the authorization SAP_ALL, assign him or her only those that apply to system administration, namely the S_* authorizations. These authorizations give him or her enough rights to administer the entire SAP system, without allowing him or her to perform tasks in other areas such as Personnel.

Best Practice - How to analyze and secure RFC connections - Security and Identity Management - SCN W...

Regards,

Akhileshkiran

Answers (1)

Answers (1)

Former Member
‎04-18-2014 4:40 PM
0 Kudos

Thanks Akhileshkiran for your help!!!!

Show replies
Show replies
Ask a Question