Skip to Content
avatar image
Former Member

SNC requierd for this connection

Dear all,

We need to change the standar passwords for SAP users in client 066, we are trying to login into this client in order to perform the change but when trying to logon the SAPGUI interface is showing the following error, without allowing the access to SAP and enabling only the exit button:

SNC requierd for this connection

Any help would be appreciated.

Best regards,

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

4 Answers

  • Best Answer
    avatar image
    Former Member
    Nov 10, 2010 at 05:00 PM

    if SNC is enabled and insecure login is not allowed per setting in RZ10 parameters, then you need to put SNC name and use that option for login in SAP logon pad........

    i am not sure if SAP will allow that for standard SAP users..........

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Nov 10, 2010 at 04:14 PM

    Hi,

    Is this happening with all the 3 IDs. (SAP*, DDIC, and EARLYWATCH)??

    Are you trying with the default passwords?

    Check RSUSR003 report to identify if the passwords are trivial. If yes, they will display the standard passwords with which you can login.

    Rgds,

    Raghu

    Edited by: Raghu Boddu on Nov 10, 2010 9:44 PM

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member William Bormann

      Yes, you are correct: As of 7.00 SP19 it is documented and released, but only for SNC protected callers who also have authority for user admin.

      Generally, the correct approach is to delete SAP* and reboot the system for login/no_automatic_user_sapstar to become active.

      Sometimes it is easier to recover a "lock out" once you are already on "the inside" and an admin(!) to use the search help for users in SM21 to find a user NE a standard one, and then transport (client independently) an authorization for trusted RFC into the system for a role already assigned (if not existing in authorizations already). Then set up an SM59 connection as "trusted" into the client for that user and perform a remote login (within the same SID -> to the logical system 066).

      Tcode SNC1 is also of type report, so you could create a system variant and schedule it in Sm37 to map the SNC name for you to one of the users, if you have batch admin access.

      Deleting SAP* should only really be necessary for lockout of all users in all clients with no SNC and no trust anywhere.

      Cheers,

      Julius

  • avatar image
    Former Member
    Nov 10, 2010 at 04:19 PM

    Hi,

    Note that no special user is created in client 066.

    The two special users in the SAP System are as follows SAP* and DDIC.

    As these users are not present in the client you need no worry about changing the default/standard

    password.

    Please refer:

    http://help.sap.com/saphelp_nw04/helpdata/en/52/671785439b11d1896f0000e8322d00/content.htm

    Regards,

    Rohan.

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Rohan,

      The EARLYWATCH user ID comes with the installation and should be protected. Please check the link again:

      The user EarlyWatch is delivered in client 066 and is protected using the password SUPPORT. The SAP EarlyWatch experts use this user which should not be deleted. Change the password. This user should only be used for EarlyWatch functions (monitoring and performance).

      However, Using SNC with SAP GUI you'll always disable the (ABAP) password authentication; the ABAP system demands that the user is authenticated via SNC (SSO).

      Hope this is helps!!

      Rgds,

      Raghu

  • avatar image
    Former Member
    Nov 16, 2010 at 11:53 AM

    hai

    we cannotl ogin to 066 client.only sap providers will login to that if we haveany issue.we need rfc connection to contact sap providers

    Add comment
    10|10000 characters needed characters exceeded