Validating Passwords on Websites
I feel a bit ordinary writing a blog post about something as trivial as one line of javascript, so I decided to include a picture as well.
It shows a screen from the guided procedure for Solution Manager Configuration. The interesting part is what I have done wrong. I’m using the javascript referred to by this link ( Show Passwords ) to display the value(s) of all password fields on the current web page.
In this case, the Administrative User values are the same, but the Administrative Password fields are different. Since they are using the same User Source (the ABAP engine), one of the values (or both !!) must be incorrect.
Save the javascript by dragging the Show Passwords link to your bookmarks, or by saving the link to your bookmarks. This has been tested in IE6 thru IE8 and in Firefox.
SAP’s SME Solutions – A Guide to the Product Portfolio
I recently came across an interesting article on SAP’s SME Solutions – A Guide to the Product Portfolio. It breaks down the four SAP products for SME products by size, functionality, industry coverage, deployment options and cost of ownership.
The most important point the post makes is that there exists a range of SMEs, and that a one-size software solution does not fit all. This leads to some further points worth noting.
The smaller the SME, the less likely they are to adopt complex technology. While there is movement to Linux and open source ERPs (because of the TCO perceptions), when they do get into technology, they tend to select Microsoft platforms (e.g. .Net, SQL Server).
Because of TCO concerns, the smaller SMEs were the first to adopt software as a service (SaaS), and that model continues to gain traction within the SME market. The implication is that any SME strategy must include a SaaS strategy.
|
SAP Product |
Product Description |
| SAP Business Suite | The “original” suite of applications for enterprise-class customers. Includes ERP, CRM, PLM, SCM and SRM. Built on the original (and evolving) ABAP/Java platform. |
| SAP Business All-in-One | A partially “pre-configured” version of Business Suite, offering 80% configured solutions for larger SMEs in a wide range of industries. |
| SAP Business One | >A completely different product designed for smaller SMEs. Acquired in 2002 (through TopManage), the product is developed in Microsoft .Net technologies. |
| SAP Business ByDesign | A completely software as a service (SaaS) system developed by SAP and introduced in 2007. For SAP, it’s an entirely new approach to software design and deployment. |
Given that its a blog post, the article does a good job of detailing the four SAP products that resulted from the new SME Strategy, albeit at a high-level view. While it won’t answer all your questions, it will give you a good starting point, especially about costs and appropriate products, for your conversation with SAP or your implementation partner,
ERPtips Express free articles, April 2010
Every two months ERPtips Express publish a set of three of their articles as a sample of whats available under their subscription model.
This months edition includes three detailed articles.
BI: Getting Optimum Performance from Your SAP BI/BW Environment, by Arthur Pesa.
This article acquaints you with the different dependencies found in the BI/BW environment that can impact your system’s performance, and how to properly assess them.
Data Archiving: Archiving SAP Sales Documents, Part I: Analysis, by Breck Whitten.
There are many loopholes that can leave old data unarchived, without your realizing it. This article covers some of them, which may lead you to revisit your Sales Document archiving strategy.
ABAP: Flexible Programming Continued: Using Field Symbols and References, by Rehan Zaidi.
This article delves into how to combine field symbols and data references using a dynamic programming technique. This is quite usefull knowledge for debugging as its quite widely used in the standard SAP programs.
These articles are available free of charge, but get replaced by new free content every two months, again fee of charge, at http://www.ERPtips.com/Express.asp.
SAP career paths for BASIS or Netweaver Technical consultants ?
Now, I may be biased, but I had to start off with this quote from Jon Reed
Before I get to the videos, I want to say that Basis is one of the most neglected areas in terms of SAP career content. Even on SDN, there are way more conversations and forums on development than Basis. This is too bad, as the Basis/NetWeaver Admin role is a vital one to most projects.
No one else is managing your career or your future. If you want more control and choice over where you work and what you do, I recommend you read Jon Reed’s latest career advice and career trends. Jon is an SAP Mentor and his name is probably familiar to you already through his SCN blogs and ASUG and Sapphire presentations. He’s got about 15 years experience in analyzing the SAP career market, and he has worked in SAP recruitment. This all adds up to someone who knows what the SAP job market is looking for, and what makes some candidates more marketable than others.
The white papers Jon created are
- SAP Career Outlook 2010 – Part One: Creating a Winning SAP Skills Strategy for 2010, and
- SAP Career Outlook 2010 – Part Two: Beyond the Social Networking Hype: Achieving SAP Career Visibility
You can also access the white paper on Jon Reed’s website.
However, one thing you will notice is that these particular whitepapers emphasise the functional and developer career paths; there is not much reference to the BASIS or Netweaver Technical Consultant career path. Jon identified this himself in another post, this time on his web site, What is the SAP Career Path for Basis Administrators – NetWeaver Engineers?. He has taken a presentation on the career path for Basis-NetWeaver prosby SAP Mentor Tony de Thomasis of Australia Post (based in part on Jon’s earlier work referred to above) and taped four commentary tracks through Tony’s Prezi slides.
…. just resting on our laurels isn’t going to cut it in this economy – “stronger measures” are required. Part four gave me a chance to share my views on the content as a whole, and why it’s so important to find an SAP career path that combines skills marketability with a passionate, or even soulful, angle.
I used to say I was in BASIS (which is why this blog was called basissap.com). However, many people seem to see this as being restricted to R3 ABAP Administration, with perhaps some particular combination of OS and DBMS skills. Nowadays, regardless of the platform your SAP system(s) run on, BASIS Administrators / Netweaver Engineers need knowledge of their site’s OS / DBMS combination, good windows server administration skills (for managing your TREX, and possibly EP, systems), maxdb knowledge (for your SRM system), etc etc.
With all these skill requirement, possibly including other duties as well (depending on the size of your environment), how do you avoid being jack of all trades and master of none ?
For your own sake, you pick two (maybe three) Core Skills in BASIS or Netweaver and become the local guru in those. This provides security of employment; in other words, you know enough about the SAP core to be valuable to both your current employer, and future employers.
Pick another couple of areas that interest you, but aren’t crucial to your organisation (at least, not yet). Jon refers to these as Edge Skills. They should be skills that are on the horizon, either within the SAP ecosystem, or your organisation. These are the skills that will make you employable in the future.
But what about all the other areas ? In one of my previous incarnations, I was an MVS Systems Programmer. The most important thing I learnt was how to use the manuals (they weren’t online when I started). A key part of this was my own notes – Knowing where to find the official answer or process isn’t always enough, you need to get it working, and sometimes you only perform the process once every couple of years or so, and it is difficult to remember exactly how it works from time to time.
Keeping records of what works and what doesn’t work, especially in relation to your own environment, gives you an edge on those who don’t, and of course, it is nice to know what the real process is (as opposed to what the books say !!).
A word of advice here; do not horde your documentation or knowledge –
- its hard to get moved to the exciting new project if you’re irreplaceable, and
- after all, you’re getting paid to support and help.
It also identifies you as someone who will help, who will answer questions about (or can find out) what really works.
Another way of finding out stuff is experimenting with your own system; an SAP preview system, or one of the New Community Developer Systems. These systems, well removed from the semi production status of the ‘real’ Development and Testing systems, provide scope for you to experiment and develop ideas into implementable services. This identifies you as someone who can bring real value to the SAP Environment, the IT organisation, and your employer in general.
Finding what tables and fields lie behind an SAP transaction
A standard BASIS problem is the generic “what is it doing and why ?” question. This could be in the context of debugging a program or process, or trying to work out what configuration changes are required to make something work. It generally occurs when the development or functional team have moved on, leaving someone who knows what to do but not why – usually a user (under pressure from their boss) who just wants to get the system doing what they’ve been told it should be doing….
However, your BASIS team (or person) has to be a jack of all trades, with not just a smattering of SAP functional knowledge, but also a working knowledge of Networking, Desktop PCs, the Operating System(s) and Databases(s) their SAP systems are running on and so on.
I’ve found that the best way of dealing with this need to know something about everything is not by trying to know everything, but by knowing how to find out everything. An example of this is comes from Jerome Mungapen’s SAPLOG, where he provides a useful reminder of some of the various ways of finding what tables and fields lie behind an SAP transaction:
Have you ever been frustrated trying to find which table and field a piece of data is stored in. You can see it on the screen, and the old faithful F1 – F9 results in some useless structure information. Or have you ever started looking at a piece of functionality you are unfamiliar with wanting to find the table structures behind it in SAP. Well this article shows my favorite five ways of digging under the hood to find out what’s going on.
Jerome lists five methods, but one of them assumes you have the time (and need) to get really in depth knowledge of a given area of SAP. I’ve listed the four methods I use (plus Jerome’s extra one) in the order I’ use them when closely examining or debugging a transaction I’m unfamiliar with.
Use a Different Field
If the technical information pop up shows a structure and not a real field, just try another field on the same area of the screen. It is surprising how often this works !!
Use Where Used on the Data Element
From the technical information pop up, select the data element then press Navigate to get to the Data Dictionary. Once there, press the Where Used button.
Trace Analysis
Transactions SE30 Runtime Analysis and ST05 SQL Trace can be over-kill for determining what fields and tables are being used, but can be used to see how (for example) configuration data controls how and / or when the fields and tables are updated. It’s also useful when dealing with Z or Y code, structures and tables.
SE80 Object Navigator
This is probably more useful for a functional person, and is not available on the older SAP releases anyway. However, if you know the program behind the transaction, you can use SE80 to find all the Data Dictionary objects (including tables and fields) associated with that program.
Environmental Analysis
For those requiring a wider understanding of how a given area works in the SAP system. Jerome’s explanation of Environmental Analysis says it all.
SAP Spool issue – affects all Releases
SAP have detected a problem in the spool area which affects all customers in the world regardless of the SAP release and any support package level.
As soon as the retention time of a spool request exceeds 2009/12/31 a wrong date 2100/01/01 is entered during creation of the spool request. As a consequence these spool requests will not be deleted anymore from the spool reorg jobs. Using the default retention period this affects all spool requests on each SAP system in the world created since 2009/12/23.
OSS Note 1422843 already contains the correction instructions and the relevant kernel patches for 3.1 –> 46B (one patch) and 46c –> 7.xx (another patch). There’s nothing for anyone (unfortunate enough to be) running any of the original 2.x systems yet.
It is a little ironic – An old friend and I were discussing Y2K and all that in a general “what were you doing ten years ago ?” manner on New Years Eve. Should I tell her that SAP had a Y2K+10 ?
Code Exchange, research, and some history
SAP (or rather, SDN) has announced a Code Exchange program. It would seem, however, that the idea of ownership and liability, and ultimately, licensing has to raise it’s head.
A piece of software that is developed by SDN developers and shared under an open source license would likely use SAP Enterprise Services, utilize SAP Data Dictionary elements, call a BAPI or any similar technical facility that is essentially SAP’s intellectual property, and for which SAP requires signature of a software license agreement.
and
SAP has a decade-long history of sharing ABAP code with its customers, so they can modify the system to their requirements. However, that does not make the ABAP code open source; on the contrary, the code is only accessible after agreeing to SAP software license agreements. Those agreements govern what can be done with ABAP source code modifications, and what kind of add-ons can be built on top of SAP functionality. Code Exchange governs only sharing of add-ons, but modifications of ABAP application source code is not covered.
(Both extracts are from Michael Bechauf’s excellent On SDN Code Exchange, Open Source and Free Software.)
Now, I understand that SAP feel the need protect their reputation and the reputation of their products, and that they need to serve their shareholders first. But I was wondering if they had forgotten where it all started… A long time ago, when Dinosaurs ruled the earth, before they were told to go away and die, and the only thing bigger than a Brontosaurus was IBM’s hold on the computing business, people wanted to share code. And so came about the one of the oldest ‘Code Exchange’ programs still active, the IBM mainframe based CBT Tape. Have a look at this extract from the CBT FAQ:
Q. So you are sure the software here is free. I don’t need a license or something?
A. Yes it’s free. No you don’t need license. Some people have trouble understanding why so many great programmers just give away their work to help others. Let my freind Mike explain.
The CBT Tape is used to share customer written programs and utilities, developed for IBM’s Z/OS (and the earlier equivalents) mainframe operating systems. Note that we aren’t talking about 1960′s version of ‘warez’ or freeware or demonstration programs – this is working code that can be cut-and-pasted, used how you see fit etc. In fact, nowadays, you don’t even need a mainframe to read it. Code Sharing before the airlines stole the phrase.
Mainframe programmers faced similar issues to the ones that we face today:
• a need to find better ways of doing ‘stuff’,
• a need to share the better ‘stuff’ that people were doing,
• vendor code that was open source, but copyright, and
• a potentially litigious vendor with very good lawyers
In reality, all it took was a recognition by everyone involved that
• this code was written by people you didn’t know,
• to solve problems that may or may not mirror yours,
• to run in environments that may or may not mirror yours, and
• that said environment would require IBM licensing.
There was one other concept that made it work, made comfortable for people to use the shared code. The default was Open Source – both free speech and free beer. Of course, as a contributor, you could license your code any way you wanted, but it was then up to you to enforce it. And quite frankly, what would the point be ? The originators of the CBT were taking the (realistic) view that people will copy working code if they can, so there was no point in trying to impose conditions they couldn’t control.
I grew and matured my computing skills in this kind of environment, where cooperation was expected, I have implemented code from the CBT tape, and I continue to follow its philosophy. If I come across an interesting piece of ABAP, Java, shell script or batch file at work, I will return to it to see what I can learn. There’s an old saying that the difference between plagiarism and research is the number of sources you copied from. I make no apology for researching the best code and methodologies for my customers. Its what they pay me to do.
If I do plagiarise, I’ll note where it came from (apart from politeness, it helps to know where to look for help with it), but if I research code, then any errors and omissions are mine and mine alone. Given that I take responsibility for what I publish under my name, then SAP’s new Code Exchange is just another source (pun intended), along with SAP’s own code, and many, many others, for my research.
PS I know that they’re called Apatosaurus now, but when I was a kiddie, the name was Brontosaurus (but if you really want a fight, try telling me Pluto isn’t a planet).
Web 2.0 Presentation Tools from SAP – Integrate Twitter into PowerPoint!
…sometimes the presenter on stage is the only one who doesn’t know what the audience is thinking – because everybody else is viewing the Twitter stream.
The PowerPoint Twitter Tools, built using SAP BusinessObjects Xcelsius, are now available.
To access these tools, download the PowerPoint templates from the SAP web 2.0 powerpoint twitter page, with usage instructions here.
These tools are prototypes and can respond slowly. However, they are easily embedded in your PowerPoint slide deck, and provide a real-time Twitter ticker feed, a Twitter feedback slide, a set of Twitter voting templates, and a Crowd Noise meter. They’re based on the SAP BusinessObjects Xcelsius dashboarding technology, but come restriction free.
ECC6 SE16N vulnerability and logging – UPDATED
Please remove SE16N, or access to SE16N, from your production systems.
UPDATE
UPDATE – This topic was the subject of a blog by Kevin Wilson less than 2 weeks ago, at which time it was discussed extensively.https://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/16008
As long as DEBUG access is very tightly controlled, your system should be protected from the risk of this transaction….
I’ve known for a while that, in some releases of SAP, transaction SE16N can be used to change SAP tables, regardless of authorisations or security settings. It’s not something I’ve been keen to see widely disseminated, as there are major systemic risks in making changes this way. More dangerously, it provides a way to override authorisations by giving your userid (or your accomplice’s userid) the SAP_ALL role.
Essentially, you run transaction SE16N, then type &SAP_EDIT into the command field and press enter.
In the example below, I’ve changed the User Group to SUPER.
Personally, I’d recommend making the transaction unavailable (perhaps even removing it from TSTC ?) in your production system – Your firefighter userid can be given authorisation to allow the appropriate people to add it back in, if necessary.
The reason for mentioning it at all is that SAP Mental Notes and IT-Toolbox SAP on DB2 for z/OS have stated that changes using this method are permanently logged in the tables listed below:
SE16N_CD_KEY : Change Documents – Header
SE16N_CD_DATA : Change Documents – Data
This means, in theory, that you can can query these tables to audit the usage of SE16N to change data. Personally, my attitude is that it’s all well and good knowing Joe Bloggs has broken your system, but I would rather not have to deal with the broken system in the first place. However, there’s a bigger issue…..
When I tested this out on an ECC6 IDES system (DB2 on Windows 2003), the SE16N_CD* tables were not updated.
1 – The knowledge of this method of changing data, which is available on production systems to anyone with access to the SE16N transaction is being more widely disseminated.
2 – There appears to be at least one major platform / release that does not support audit of the method of changing data.
Free SAP Content from ERPtips Express
Latest Free Content available from ErpTips.com:
Data Archiving: Archiving Change Documents
by Breck Whitten.
Purchasing Contracts Overview: Creation and Use
by Adam Tysman.
Tips for Integrating SAP® HCM with External Applications
by Satish Badgi.
SAP Certification: Does it Matter?
by Andy Klee, Prresident of Klee Associates, Inc., Publisher of ERPtips.
