Setting Up Central User Administration
An ALE environment is necessary to distribute the data. It can exchange data and keep it consistent. An ALE system group is used by the central user administration to distribute user data between a central system and systems linked by ALE.
Central user administration data is exchanged asynchronously between the application systems in an ALE environment. This ensures that it still reaches the target system even if it was unreachable when the data was sent.
One system in the central user administration ALE environment is defined as the central system. The links to the subsidiary systems emanate from the central system. The subsidiary systems are not linked to each other.
Perform the following steps to setup the central user administration:
Create system users
Create a system user. A user account is required for the internal communication between the systems in an ALE group. It is only used internally for this communication and not in dialog. This user must be created in all systems in the ALE environment with the same user name and password. Assign the type System and appropriate authorizations (e.g. SAP_ALL) to the user.
See
Create and maintain user master records.Name logical systems
As the logical system table is cross-client, settings made here apply to all clients in an R/3 System. If the ALE environment only comprises the logical systems of an R/3 System, you only need to define the logical systems once. For several R/3 Systems, you must setup all logical systems in each instance completely.
We recommend a combination of system name and client number for the short name. For example BIZCLNT008 was chosen for the system BIZ and client 008.
Note that you must also enter any logical systems which are not in the current R/3 System. All logical systems must be defined in each R/3 System in the ALE environment.
Naming the logical systems does not assign these logical system names to existing clients in your R/3 Systems.
Assign logical systems to clients
Define target systems for RFC calls
Define the RFC destinations for the logical systems under Prepare sender and target systems -> Configure systems in network. The remote function call is controlled by the RFC destination parameters.
An RFC destination is always created from the client to which you are logged on. To define an RFC link from client 008 to client 322, you must be logged on to client 008. Central user administration RFC links must always be two-way. To define the RFC link completely, you must also logon to client 322 and define client 008 as RFC destination.
The top of the screen changes when you save. You can specify whether you want to use load-sharing. This is recommended but not obligatory. Choose Load-sharing ® Yes and enter the message server under Target machine and the message server system number under System number.
Use the transaction RZ03 in the target system to get the target system message server name. Several servers are usually listed. The message server is the one which offers the service M. The message server name is the part of the server name before the first underline. The two-digit number at the end of the server name is the system number.
Create distribution model
When you have created the ALE environment, create the distribution model. The distribution model describes the ALE message flow between logical systems.
The following actions are performed automatically when you save:
Several partner profile generation logs appear. Check whether the partner profiles were created successfully.
Save the model view again in the Maintain system environment screen to confirm the distribution model as the basis for the central user administration.
The complete distribution model is distributed automatically to all subsidiary systems when you save the model assignment for the central user administration. You cannot create any more users after distribution to the subsidiary systems. A system is now defined as central system and the other systems are subsidiary systems for the central user administration.
If the central user administration is to use another already existing distribution model, delete the model view name with the icon. Enter another name and save. The distribution model is not deleted, it is no longer the basis for the Central user Administration.
You can delete a distribution model with Distribution model ® Delete all data.
You can also send the distribution model to the subsidiary systems with the icon.
You can edit distribution models completely in the transaction BD64.
You must partially perform the actions which are performed internally when you save the distribution model in the transaction SCUA manually in Releases before 4.6C, i.e., if you want to create an ALE environment for systems with different Releases, see:
Testing Central User Administration
The text comparison is necessary to tell the central system the names of the roles in the subsidiary systems. You can only display and select roles from subsidiary systems in the central system from the possible entries help after this step. You cannot assign roles from subsidiary systems manually without a text comparison.
See also:
For information on configuring the system landscape, see documentation
ALE-Introduction and ALE integration technology.