Distribution of satellite role

The Protect4S RFC user in the satellite systems needs the role ESEC_SA_SATELLITE to work correctly. From time to time, this role needs to be updated.

Should this happen, all Protect4S customers will be advised by mail to update the role in all satellite systems. This can be done using the CUA, manually or also via central update in Protect4S:

Central update of satellite role (standard menu)
Central update of satellite user (Fiori menu)

For this central update to work, an extra role must be added to the Protect4S ABAP RFC user : ESEC_SA_SATELLITE_PUSH

Manual distribution of Protect4S satellite system user role

It is also possible to download the required Protect4S satellite role from the Solution Manager in which Protect4S is installed. The 3 roles ESEC_SA_SATELLITE for the ABAP RFC satellite system user user and the (optional) role required for automatic role distribution ESEC_SA_SATELLITE_PUSH plus the role required for the Mitigation of OSS Notes ESEC_SA_SATELLITE_MITIGATE are always shipped with every version of Protect4S.

Download the Protect4S role(s) you require

Log in to the Solution Manager on which Protect4S has been installed and execute transaction PFCG. Select the appropriate role ESEC_SA_SATELLITE and select from the menu "Role", "Download" :

Transaction PFCG, select Protect4S role

From the PFCG menu, select "Role", "Download":

Select Role, Download

Confirm the popup:

Confirm the popup

Select a location for the role on your PC and save the file

Save the role on your local PC

You may repeat this step for roles ESEC_SA_SATELLITE_PUSH and ESEC_SA_SATELLITE_MITIGATE when you use the automatic distribution of Protect4S satellite user roles or the Automatic Mitigation of OSS Notes functionality.

Upload the role to a satellite system

Login to the satellite system, execute transaction PFCG and select Role, Upload from the PFCG menu:

Select Role, Upload from the PFCG menu

Confirm the popup:

Select the role file you downloaded to your PC in the previous step:

Select role file downloaded in the first step

Provide permission to upload the file:

Provide permission for upload

Overwrite the old version of the role that exists

Ignore warning and overwrite old role version

Make sure all lights are green in PFCG

Make sure all 3 lights are green

You may repeat this step for role ESEC_SA_SATELLITE_PUSH if you want to use automatic distribution of Protect4S satellite user roles.

You may repeat this step for role ESEC_SA_SATELLITE_MITIGATE if you want to use the Automatic application of OSS Notes functionality.

If one of the lights is not green, it could be that the authorization profile needs to be regenerated and/or redistributed to the Protect4S satellite system user. Ask an SAP user administrator to do this if you do not know how to do this.