Hello community,
to create a user ID with the correct (minimal) rights to call an RFC function modul you can use CCo and the following method.
- Create a new user ID with the TAC SU01, e.g. ZRFCTEST, with the user type Communication and don’t set any role assignments.
- Try a simple connect with the following script:
'-Begin-----------------------------------------------------------------
'-Directives----------------------------------------------------------
Option Explicit
'-Variables-----------------------------------------------------------
Dim SAP, hRFC, rc
'-Main----------------------------------------------------------------
Set SAP = CreateObject("COMNWRFC")
If IsObject(SAP) Then
hRFC = SAP.RfcOpenConnection("ASHOST=ABAP, SYSNR=00, " & _
"CLIENT=000, USER=ZRFCTEST, PASSWD=minisap")
If hRFC Then
MsgBox "Check connection with TAC SMGW in the SAP system"
rc = SAP.RfcCloseConnection(hRFC)
End If
Set SAP = Nothing
End If
'-End------------------------------------------------------------------- - Now, when you execute the script, you get the following error message:
![001.jpg]()
Also you can find more information with the TAC ST22.![002.jpg]()
- Now create with the TAC PFCG a new role, e.g. ZRFCTEST, and maintain the authorization data. Add manually the authorization object S_RFC.
![001.jpg]()
- Add the activity execute (16) with the type function group and the name SYST, as you see in the error message.
![001.jpg]()
- Generate the role and add user ID in the user tab. Now you see the role in the role tab of TAC SU01.
![001.jpg]()
- Now all should work as expected.
![001.jpg]()
With this method you have the possibility to analyze missing S_RFC authorization objects with your script step by step and to create therewith a user with the correct (minimal) authorization objects. As you can see from this example a simple RfcOpenConnection needs the S_RFC authorization object with activity execute and the function group SYST.
Hint: In newer SAP releases you have also the possibility to name the function module.
Enjoy it.
Cheers
Stefan