Set Up RFC Communications Between the ATC Central System and Satellite Development Systems

SAP recommends using pairs of trusted RFC destinations for the connections between satellite development systems and their master ATC system.

With this solution, developers can request exemptions from the master system without going through the logon dialog. But, with correctly defined users in the master system, this solution also offers high security against unauthorized logons or activity in the master system.

Here is how to implement this strategy:

1. Set up a trusted relationship between the master ATC system and each of the satellite development systems of the master system. Follow this link for help with defining trusted RFC connections.

   In your RFC destinations, use the client in the development systems in which your developers are active. In the destination to the master system, use the client in which your quality managers are active.

2. Define users (optionally with limited authorizations) for developers in the ATC master system. The user IDs must be the same in both the development system and the master system . Define the users in the client that you specified in the RFC destination to the ATC master system.

Alternative RFC strategies are as follows:

• Define logon users with limited authorizations for the RFC destinations between the ATC master system and the development systems.

  This solution also allows developers to request exemptions at the master system without having to logon at the master system. Despite the generic logon user, you can still identify the user who requested an exemption. But this solution does create ‘open’ RFC destinations in your systems.

  Such a generic user should have the user role SAP_SATC_XMTP_APPLICANT.

  You must also provide a second destination to the ATC master system from each satellite development system. This destination is needed so that quality managers working in the development systems can review and decide upon exemption requests, which are held in the master ATC system.

  The generic user for approving exemptions should have the user role SAP_SATC_QE.

• Define standard RFC destinations that require a logon from each user.

  This solution is not recommended because of the inefficiency of requiring a logon each time that a developer requests an exemption. You still need to provide user accounts in the master ATC system for your developers for this solution. But you do not need a second destination in development systems for approvers of exemption requests.

  In addition, you cannot use such a destination on the ATC master system. There, background jobs need to transfer data regularly to satellite development systems. These jobs are not capable of an explicit logon to a development system. The jobs will fail if the ATC RFC destination does not provide for a logon without interaction.

Alternative RFC strategies are as follows:

• Define RFC connection to transfer ATC results and exemptions between ATC master and the development systems.

  Specify a technical RFC user with the role SAP_SATC_ADMIN for this RFC connection. Activate S_RFC authorization for the technical user in the target system. Activate S_ICF authorization for the calling user with the value DEST in the field ICF_FIELD and the value ATCREPL in the field ICF_VALUE. In addition, enter the value ATCREPL in the property Authorization for Destination in the specified RFC connection.

• You have set up a (trusted) RFC destination from each satellite development system to the ATC central system.

• You have set up a (trusted) RFC destination from the central system to each satellite development system.

• If you do not already have them, you have set up user master records in your ATC central system for the developers who are responsible for fixing ATC problems in satellite development systems.

  Alternatively, you have defined service users for use in the ATC RFC destinations.