Use this procedure to enable SAP NetWeaver Application Server (AS) ABAP to log who changed ABAP user master data (create, modify, and delete). When you install a combined AS Java and AS ABAP installation, the user management engine (UME) uses the RFC destination UMEBackendConnection by default. With this destination, any changes to user master data using the UME are logged as changes made by the system user for UME-ABAP communication. To allow for granular control of authorizations for user modification, create an RFC destination to support this.
● The AS Java is configured to use an AS ABAP as the data source.
● The AS ABAP data source is SAP NetWeaver Application Server 6.20 SPS 38 and higher.
● This procedure requires you to restart the AS Java. Plan for the required downtime while the AS Java restarts.
1. Create an RFC destination for the AS ABAP system with the authentication method Current User (Assertion Ticket).
We recommend that you name this destation UMEBackendConnectionForChanges.
More information: Maintaining RFC Destinations.
2. On the AS ABAP, assign the role SAP_BC_JSF_COMMUNICATION_NAMED to all users, who change ABAP user master data with the UME.
This role includes the RFC authorizations for the AS ABAP. It does not include authorizations for managing users. You must assign these authorizations separately.
3. On the AS Java, start UME configuration.
More information: Configuring User Management.
4. Choose the Modify Configuration pushbutton.
5. On the ABAP Server tab page, enter the RFC destinations as required.
6. Choose the Validate Configuration pushbutton.
If the test fails, check your connection parameters.
7. Save your entries.
8. Restart the AS Java.