Authorization Concept

Within a transport domain, TMS allows the transport administrator to communicate with all other R/3 Systems from any R/3 System, for example to perform imports. This is implemented using RFC links, which are generated when the TMS is configured. Within a transport domain, all the R/3 Systems can therefore communicate with each other using RFC. The only exception to this is changes to the TMS configuration. These configuration changes can only be made on the domain controller.

To prevent illegal access to an R/3 System, the TMS authorization concept requires the following:

User TMSADM, who receives very limited authorizations, is created in each R/3 System for this link.

The user name and password cannot be stored in the source system for this RFC link.

This authorization concept ensures that the administrator must log on in the target system with his user name and password as soon as he executes a function which will result in a change in the target system.