Documente Academic
Documente Profesional
Documente Cultură
...
1. Copy the gssntlm.dll file to the following directory on your central instance:
<DRIVE>:\USR\SAP\<SID>\SYS\EXE\RUN
For more information on how to get the gssntlm.dll file see SAP Note 352295.
• snc/data_protection/max = 1
• snc/data_protection/min = 1
• snc/data_protection/use = 1
• snc/enable = 1
• snc/gssapi_lib = (<DRIVE>:\USR\SAP\<SID>\SYS\EXE\RUN\<gssntlm.dll>)
• snc/identity/as = p:<DOMAIN_NAME>\SAPService<SID>
runs, it is normally
SAPService<SID>.
If you use a
local account for
SAPService<SID>,
most operations
are successful.
However, any
operations or
communications
where the SAP
system initiates
SNC-protected
communication to
a remote machine
do not work with a
local account for
SAPService<SID>.
Therefore, use a
domain account.
The following profile parameters let you continue with password-based access to the SAP
system when SNC has been enabled. To log on to the SAP system as an administrator to
maintain the mapping of Windows user accounts to SAP system user IDs (user and client),
you have to use these additional parameters at least once after enabling SNC. Once the
mapping (at least for the administrator) has been entered, you can disable further password-
based logons by removing the respective profile parameters.
• snc/accept_insecure_cpic = 1
• snc/accept_insecure_gui = 1
• snc/accept_insecure_rfc = 1
• snc/permit_insecure_start = 1
• snc/permit_insecure_comm = 1
4. Stop and restart the SAP system to activate the profile parameters. Changes to
SNC profile parameters always require an application server restart to take effect.