Setup Trusted Relationship between SAP Systems

Hi Folks,

If you need to establish trusted relationship between SAP Systems you will need to follow the below steps.

Example: Consider there are 2 systems with System ID as KE1 & KC1 with client 100. I need to establish the trust relationship between KE1 & KC1.

1. In System KC1 (transaction SM59), create an RFC Destination.

Under the technical Settings tab

RFC Destination: KE1CLNT100_TRUST
Connection Type: 3 (ABAP Connection)
Description: Trusted RFC Connection for KE1 Client 100
Target Host: <Hostname of KE1>
System Number: <Instance Number of KE1>
Gateway Host: Recommend to provide the gateway host of KE1
Gateway Service: sapgw<nn> , where nn is instance number of KE1
Under the Logon & Security tab

Enter the Language: EN
Enter the Client: 100
User: User in KE1 with Administration Access (SAP_ALL/SAP_NEW) in Client 100
Password: Password of the above User
Trust Relationship: NO

Save the RFC Destination and test the RFC using Ctrl+F4 (Authorization Test)

2. In System KE1 (transaction SM59), create an RFC Destination.

Under the technical Settings tab

RFC Destination: KC1CLNT100_TRUST
Connection Type: 3 (ABAP Connection)
Description: Trusted RFC Connection for KC1 Client 100
Target Host: <Hostname of KC1>
System Number: <Instance Number of KC1>
Gateway Host: Recommend to provide the gateway host of KC1
Gateway Service: sapgw<nn> , where nn is instance number of KC1

Under the Logon & Security tab

Enter the Language: EN
Enter the Client: 100
User: User in KC1 with Administration Access (SAP_ALL/SAP_NEW) in Client 100
Password: Password of the above User
Trust Relationship: NO

Save the RFC Destination and test the RFC using Ctrl+F4 (Authorization Test)

3. In System KC1 (transaction: SMT1), Create an entry for trusted system by providing the RFC Destination KE1CLNT100_TRUST and click Save in the subsequent screen.

4. In System KE1 (transaction: SMT1), Create an entry for trusted system by providing the RFC Destination KC1CLNT100_TRUST and click Save in the subsequent screen.

5. In System KC1 edit the RFC Destination KE1CLNT100_TRUST under the Logon & Security Tab with the below details,
Language: EN
Client: 100
Check the Current User
Trust Relationship: YES

Save the RFC Destination and test the RFC using Ctrl+F4 (Authorization Test)

6. In System KE1 edit the RFC Destination KC1CLNT100_TRUST under the Logon & Security Tab with the below details,
Language: EN
Client: 100
Check the Current User
Trust Relationship: YES

Save the RFC Destination and test the RFC using Ctrl+F4 (Authorization Test)

7. The above RFC's will work if you have the s_rfcacl authorization object access with values mentioned in the respective Systems,

KE1:
RFC_SYSID : KC1                                                            

  RFC_CLIENT: 100                                                            

  RFC_USER  : *                                                            

  RFC_EQUSER: Y (for YES)                                                     

  RFC_TCODE : *                                                              

  RFC_INFO  : *                                                               

  ACTVT     : 16  

KC1:
RFC_SYSID : KE1                                                            

  RFC_CLIENT: 100                                                            

  RFC_USER  : *                                                            

  RFC_EQUSER: Y (for YES)                                                     

  RFC_TCODE : *                                                              

  RFC_INFO  : *                                                               

  ACTVT     : 16  

8. Trust Relationship is established successfully.