Skip to Content
Author's profile photo Former Member

Quick n Dirty Disable all RFC hosts after production system refresh to QA (to stop RFC outbound leaks).

If you don’t want any possibility RFC leaks after refresh.

After database reset and rename, before you startsap for the first time use the sqlplus tool (or equivalent for your Database)

sqlplus / as sysdba

Step 1: Backup rfcdes table.

SQL> create table sapr3.rfcdes_sav as select * from sapr3.rfcdes;

Step 2: Update all entries, including locked RFC entries

SQL> update sapr3.rfcdes set rfcoptions=replace(rfcoptions,’H=’,’H=disabledforqa.’);

SQL> commit;

This will change all hostnames to for example “H=disabledforqa.,S=00,M=110,L=E,v=57F23915472A221E2149D13B5317,u=Y” which will effectively block any external access.

Step 3: Startsap (normally with rdisp/wp_no_btc = 0 )

Step 4: Using /nsm59 change only those RFC’s needed for new system


SQL> update sapr3.rfcdes set rfcoptions=replace(rfcoptions,’H=disabledforqa.’,’H=’);

Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.