Parameter
login/server_logon_restriction
Short text
Restrict logon to application server
Parameter Description
You can use the profile parameter login/server_logon_restriction to restrict users logging on to the application server.
The following values are possible:
- 0: No restriction
- All users can log on to the application server.
- 1: Logon to the application server only permitted with special authorization.
- Only users whose assigned security policy contains the attribute SERVER_LOGON_PRIVILEGE with the value 1 can log on to the system.
- 2: No logon to the application server permitted.
- 3: External logon to the application server now only permitted with special authorization.
- Only users whose assigned security policy contains the attribute SERVER_LOGON_PRIVILEGE with the value 1 can log on to the system.
- 4: No external logon to the application server permitted.
Notes:
- If you set the dynamic profile parameter, no users are logged off from the application server.
- Use transaction RZ10 to store the value permanently.
- Values 1 and 2 set restrictions for or prevent internal and external logons.
- Values 3 and 4 set restrictions for or prevent external logons only. Note 2065596 describes which logon types are not external logons. For example, internal RFCs and logon of a job step user are not external messages.
Application Area
Logon
Default Value
0 (no restriction)
Who is permitted to make changes?
Customer
Operating System Restrictions
None
Database System Restrictions
None
Values allowed
- 0: No restriction
- 1: Logon to the application server only permitted with special authorization.
- 2: No logon to the application server permitted.
- 3: External logon to the application server now only permitted with special authorization.
- 4: No external logon to the application server permitted.
