RFC Prerequisites (Domain Controller)

Owned by CrossALM
Last updated: Jul 24, 2024
3 min read

If you are installing the Cross Connector on your SAP Solution Manager system, you don’t have to care about RFC destinations because the Managed System Configuration of SOLMAN_SETUP is creating and updating all necessary RFC destinations (TMW + READ).

If you are installing the Cross Connector on your domain controller (or any other system of your landscape), you have to create users and RFC destinations being used for creating, reading, updating, deleting, releasing and importing transport requests.

Please repeat following steps for each system and client of your landscape:

TMSORG

Usually you want to perform creation, update, delete and release of your transport requests in your development system and client only. You have to configure the transport organizer feature in all individual clients of your development system. If you want to create/manage transports in your quality assurance or production system too, you have to configure this feature there as well.

  1. Logon to your managed system and client where you want to configure the transport organizer feature, call transaction SU01 and create a new technical user TMSORG:

    1. Chose user type “System”.

    2. Generate a password if possible. Remember the password for later.

    3. Assign role SAP_CM_MANAGED_OPERATOR. Ensure that the profile of this role is maintained, generated and assigned.

  2. Logon to your domain controller (where CC5 got installed), call transdaction SM59 and create a new RFC destination to an ABAP system with name TMSORG@<sysid><client>.<domain>:

    1. Replace placeholder <sysid> by the three letter system id of your managed system.
      Replace placeholder <client> by the three letter client of your managed system.
      Replace placeholder <domain> by the name of your transport domain. You can find it on the start screen of transaction STMS.
      Example: TMSORG@S4H800.DOMAIN_S4H

    2. Maintain host and instance number. You can get these values from already existing rfc destination (for instances TMSADM@). Alternatively you can find these values in your SAP logon.

    3. Please setup logon credentials. Use language EN, user TMSORG and the password you used/generated before.

    4. Perform a connection test. A logon test is not possible.

The steps described above are creating a RFC destination with a fixed user and password. Alternatively you can create the TMSORG RFC destination as Trusted destination without user and password. In this case the technical sync user will be used. You have to create this user in the managed system with proper authorities including S_RFCACL and S_RFC.

TMSIMP

Usually you want to perform an import to all managed systems except the development system where you only want to build transport requests. But if you want to control external transport requests as well, you might need the import feature for the development system ( and client) too. We reccommend to configure the import feature on client 000 for security reasons, but theoretically you can use any client.

  1. Logon to your main client or client 000 of your managed system where you want to use the import feature, call transaction SU01 and create a new technical user TMSIMP:

    1. Chose user type “System”.

    2. Generate a password if possible. Remember the password for later.

    3. Assign role SAP_CM_MANAGED_OPERATOR + SAP_CM_MANAGED_IMPORT. Ensure that the profile of this role is maintained, generated and assigned.

  2. Logon to your domain controller (where CC5 got installed), call transdaction SM59 and create a new RFC destination to an ABAP system with name TMSIMP@<sysid>.<domain>:

    1. Replace placeholder <sysid> by the three letter system id of your managed system.
      Replace placeholder <domain> by the name of your transport domain. You can find it on the start screen of transaction STMS.
      Example: TMSIMP@S4H.DOMAIN_S4H

    2. Maintain host and instance number. You can get these values from already existing rfc destination (for instances TMSADM@ or TMSORG@). Alternatively you can find these values in your SAP logon.

    3. Please setup logon credentials. Use language EN, user TMSIMP and the password you used/generated before.

    4. Perform a connection test. A logon test is not possible.

The steps described above are creating a RFC destination with a fixed user and password. Alternatively you can create the TMSIMP RFC destination as Trusted destination without user and password. In this case the technical sync user will be used. You have to create this user in the managed system with proper authorities including S_RFCACL and S_RFC.

TMSADM

For reading transport details, for instances the import status and return code, the cross connector is using the TMSADM destination and user (Example: TMSADM@S4H.DOMAIN_S4H). You don’t have to care about this destination since STMS is automatically creating and updating it on registration of a system to a transport domain or on creation and distribution of a domain link.

Notes:

  1. If you are facing authority issues related to TMSORG or TMSIMP, you can try to assign the pfcg role SAP_BC_CTS_ADMIN temporarily.

  2. Please check the TMS Alert Viewer if you are facing issues using the RFC destinations.

  3. The names of the RFC destinations are predefined by CTS, please have a look at class CL_CTS_TMS_CI_TARGET. If you want to use different RFC destinations, you have to implement BADI CTS_BADI_FOREIGN_SYSTEM.

  4. Side-fact: As already mentioned: SAP Solution Manager is using different RFC destinations. However, if you have still configured the RFC destinations mentioned above, they will be used, also in SAP Solution Manager systems. Also ChaRM will then make use of it! This might be helpful, if you want to allow transport imports without adding such import authorities to the end-user (trusted RFC destination) or the TMW user (TMW rfc destination).

  5. If you want to use virtual systems, you should read article