Set up special users for using ALE. Give only these users the authorizations for using ALE. Do not give the standard users authorizations for using ALE.

The RFC users in the target system authorized to communicate in ALE with transactional RFC must be made known to the sender system. To prevent remote logons, assign the ALE users in the target system the type C (Communication) using transaction SU01. Do not assign them type Dialog, for the following reasons:

Restrict application authorization in the target system. You only need application authorizations in the target system if IDocs have to be processed immediately. IDocs should be processed as background jobs and not immediately, unless absolutely necessary.