Archive for the ‘BASIS’ Category:
Validating Passwords on Websites
I feel a bit ordinary writing a blog post about something as trivial as one line of javascript, so I decided to include a picture as well.
It shows a screen from the guided procedure for Solution Manager Configuration. The interesting part is what I have done wrong. I’m using the javascript referred to by this link ( Show Passwords ) to display the value(s) of all password fields on the current web page.
In this case, the Administrative User values are the same, but the Administrative Password fields are different. Since they are using the same User Source (the ABAP engine), one of the values (or both !!) must be incorrect.
Save the javascript by dragging the Show Passwords link to your bookmarks, or by saving the link to your bookmarks. This has been tested in IE6 thru IE8 and in Firefox.
SAP’s SME Solutions – A Guide to the Product Portfolio
I recently came across an interesting article on SAP’s SME Solutions – A Guide to the Product Portfolio. It breaks down the four SAP products for SME products by size, functionality, industry coverage, deployment options and cost of ownership.
The most important point the post makes is that there exists a range of SMEs, and that a one-size software solution does not fit all. This leads to some further points worth noting.
The smaller the SME, the less likely they are to adopt complex technology. While there is movement to Linux and open source ERPs (because of the TCO perceptions), when they do get into technology, they tend to select Microsoft platforms (e.g. .Net, SQL Server).
Because of TCO concerns, the smaller SMEs were the first to adopt software as a service (SaaS), and that model continues to gain traction within the SME market. The implication is that any SME strategy must include a SaaS strategy.
|
SAP Product |
Product Description |
| SAP Business Suite | The “original” suite of applications for enterprise-class customers. Includes ERP, CRM, PLM, SCM and SRM. Built on the original (and evolving) ABAP/Java platform. |
| SAP Business All-in-One | A partially “pre-configured” version of Business Suite, offering 80% configured solutions for larger SMEs in a wide range of industries. |
| SAP Business One | >A completely different product designed for smaller SMEs. Acquired in 2002 (through TopManage), the product is developed in Microsoft .Net technologies. |
| SAP Business ByDesign | A completely software as a service (SaaS) system developed by SAP and introduced in 2007. For SAP, it’s an entirely new approach to software design and deployment. |
Given that its a blog post, the article does a good job of detailing the four SAP products that resulted from the new SME Strategy, albeit at a high-level view. While it won’t answer all your questions, it will give you a good starting point, especially about costs and appropriate products, for your conversation with SAP or your implementation partner,
SAP career paths for BASIS or Netweaver Technical consultants ?
Now, I may be biased, but I had to start off with this quote from Jon Reed
Before I get to the videos, I want to say that Basis is one of the most neglected areas in terms of SAP career content. Even on SDN, there are way more conversations and forums on development than Basis. This is too bad, as the Basis/NetWeaver Admin role is a vital one to most projects.
No one else is managing your career or your future. If you want more control and choice over where you work and what you do, I recommend you read Jon Reed’s latest career advice and career trends. Jon is an SAP Mentor and his name is probably familiar to you already through his SCN blogs and ASUG and Sapphire presentations. He’s got about 15 years experience in analyzing the SAP career market, and he has worked in SAP recruitment. This all adds up to someone who knows what the SAP job market is looking for, and what makes some candidates more marketable than others.
The white papers Jon created are
- SAP Career Outlook 2010 – Part One: Creating a Winning SAP Skills Strategy for 2010, and
- SAP Career Outlook 2010 – Part Two: Beyond the Social Networking Hype: Achieving SAP Career Visibility
You can also access the white paper on Jon Reed’s website.
However, one thing you will notice is that these particular whitepapers emphasise the functional and developer career paths; there is not much reference to the BASIS or Netweaver Technical Consultant career path. Jon identified this himself in another post, this time on his web site, What is the SAP Career Path for Basis Administrators – NetWeaver Engineers?. He has taken a presentation on the career path for Basis-NetWeaver prosby SAP Mentor Tony de Thomasis of Australia Post (based in part on Jon’s earlier work referred to above) and taped four commentary tracks through Tony’s Prezi slides.
…. just resting on our laurels isn’t going to cut it in this economy – “stronger measures” are required. Part four gave me a chance to share my views on the content as a whole, and why it’s so important to find an SAP career path that combines skills marketability with a passionate, or even soulful, angle.
I used to say I was in BASIS (which is why this blog was called basissap.com). However, many people seem to see this as being restricted to R3 ABAP Administration, with perhaps some particular combination of OS and DBMS skills. Nowadays, regardless of the platform your SAP system(s) run on, BASIS Administrators / Netweaver Engineers need knowledge of their site’s OS / DBMS combination, good windows server administration skills (for managing your TREX, and possibly EP, systems), maxdb knowledge (for your SRM system), etc etc.
With all these skill requirement, possibly including other duties as well (depending on the size of your environment), how do you avoid being jack of all trades and master of none ?
For your own sake, you pick two (maybe three) Core Skills in BASIS or Netweaver and become the local guru in those. This provides security of employment; in other words, you know enough about the SAP core to be valuable to both your current employer, and future employers.
Pick another couple of areas that interest you, but aren’t crucial to your organisation (at least, not yet). Jon refers to these as Edge Skills. They should be skills that are on the horizon, either within the SAP ecosystem, or your organisation. These are the skills that will make you employable in the future.
But what about all the other areas ? In one of my previous incarnations, I was an MVS Systems Programmer. The most important thing I learnt was how to use the manuals (they weren’t online when I started). A key part of this was my own notes – Knowing where to find the official answer or process isn’t always enough, you need to get it working, and sometimes you only perform the process once every couple of years or so, and it is difficult to remember exactly how it works from time to time.
Keeping records of what works and what doesn’t work, especially in relation to your own environment, gives you an edge on those who don’t, and of course, it is nice to know what the real process is (as opposed to what the books say !!).
A word of advice here; do not horde your documentation or knowledge –
- its hard to get moved to the exciting new project if you’re irreplaceable, and
- after all, you’re getting paid to support and help.
It also identifies you as someone who will help, who will answer questions about (or can find out) what really works.
Another way of finding out stuff is experimenting with your own system; an SAP preview system, or one of the New Community Developer Systems. These systems, well removed from the semi production status of the ‘real’ Development and Testing systems, provide scope for you to experiment and develop ideas into implementable services. This identifies you as someone who can bring real value to the SAP Environment, the IT organisation, and your employer in general.
Finding what tables and fields lie behind an SAP transaction
A standard BASIS problem is the generic “what is it doing and why ?” question. This could be in the context of debugging a program or process, or trying to work out what configuration changes are required to make something work. It generally occurs when the development or functional team have moved on, leaving someone who knows what to do but not why – usually a user (under pressure from their boss) who just wants to get the system doing what they’ve been told it should be doing….
However, your BASIS team (or person) has to be a jack of all trades, with not just a smattering of SAP functional knowledge, but also a working knowledge of Networking, Desktop PCs, the Operating System(s) and Databases(s) their SAP systems are running on and so on.
I’ve found that the best way of dealing with this need to know something about everything is not by trying to know everything, but by knowing how to find out everything. An example of this is comes from Jerome Mungapen’s SAPLOG, where he provides a useful reminder of some of the various ways of finding what tables and fields lie behind an SAP transaction:
Have you ever been frustrated trying to find which table and field a piece of data is stored in. You can see it on the screen, and the old faithful F1 – F9 results in some useless structure information. Or have you ever started looking at a piece of functionality you are unfamiliar with wanting to find the table structures behind it in SAP. Well this article shows my favorite five ways of digging under the hood to find out what’s going on.
Jerome lists five methods, but one of them assumes you have the time (and need) to get really in depth knowledge of a given area of SAP. I’ve listed the four methods I use (plus Jerome’s extra one) in the order I’ use them when closely examining or debugging a transaction I’m unfamiliar with.
Use a Different Field
If the technical information pop up shows a structure and not a real field, just try another field on the same area of the screen. It is surprising how often this works !!
Use Where Used on the Data Element
From the technical information pop up, select the data element then press Navigate to get to the Data Dictionary. Once there, press the Where Used button.
Trace Analysis
Transactions SE30 Runtime Analysis and ST05 SQL Trace can be over-kill for determining what fields and tables are being used, but can be used to see how (for example) configuration data controls how and / or when the fields and tables are updated. It’s also useful when dealing with Z or Y code, structures and tables.
SE80 Object Navigator
This is probably more useful for a functional person, and is not available on the older SAP releases anyway. However, if you know the program behind the transaction, you can use SE80 to find all the Data Dictionary objects (including tables and fields) associated with that program.
Environmental Analysis
For those requiring a wider understanding of how a given area works in the SAP system. Jerome’s explanation of Environmental Analysis says it all.
ECC6 SE16N vulnerability and logging – UPDATED
Please remove SE16N, or access to SE16N, from your production systems.
UPDATE
UPDATE – This topic was the subject of a blog by Kevin Wilson less than 2 weeks ago, at which time it was discussed extensively.https://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/16008
As long as DEBUG access is very tightly controlled, your system should be protected from the risk of this transaction….
I’ve known for a while that, in some releases of SAP, transaction SE16N can be used to change SAP tables, regardless of authorisations or security settings. It’s not something I’ve been keen to see widely disseminated, as there are major systemic risks in making changes this way. More dangerously, it provides a way to override authorisations by giving your userid (or your accomplice’s userid) the SAP_ALL role.
Essentially, you run transaction SE16N, then type &SAP_EDIT into the command field and press enter.
In the example below, I’ve changed the User Group to SUPER.
Personally, I’d recommend making the transaction unavailable (perhaps even removing it from TSTC ?) in your production system – Your firefighter userid can be given authorisation to allow the appropriate people to add it back in, if necessary.
The reason for mentioning it at all is that SAP Mental Notes and IT-Toolbox SAP on DB2 for z/OS have stated that changes using this method are permanently logged in the tables listed below:
SE16N_CD_KEY : Change Documents – Header
SE16N_CD_DATA : Change Documents – Data
This means, in theory, that you can can query these tables to audit the usage of SE16N to change data. Personally, my attitude is that it’s all well and good knowing Joe Bloggs has broken your system, but I would rather not have to deal with the broken system in the first place. However, there’s a bigger issue…..
When I tested this out on an ECC6 IDES system (DB2 on Windows 2003), the SE16N_CD* tables were not updated.
1 – The knowledge of this method of changing data, which is available on production systems to anyone with access to the SE16N transaction is being more widely disseminated.
2 – There appears to be at least one major platform / release that does not support audit of the method of changing data.
Install SAP on Amazon Web Services #2 – the Installation
After my previous post, you either have your own Windows 64-bit AMI image, or access to the Public AMI I have created, called sap.nw70.win-64.db2. In this exercise, we will use this as the basis of a new, private, image that will:
* contain the appropriate installation data (including registery keys) for SAP NW7,
* be capable of online / offline backups, using SAP tools,
* provide a painless way of running 24×7.
Prerequisites
* EC2 and S3 Accounts with Amazon,
* access to a Solution Manager system (for the installation key),
* access to an OSS ID with download authorisation.
Architechture
Once we terminate an Amazon instance, we lose all changes to it. Saving our database and configuration changes by bundling the changed system into a new AMI will take a non trivial amount of time; Certainly enough to prevent it being run 24×7. Additionally we will lose lots of usefull ABAP and JAVA stack logs unless we bundle the running instance every time we shut it down.
Just as well there’s an alternative, called Elastic Block Storage. This allows you to create data volumes and mount them on your image. They are persistent, and more importantly, can be backed up by snapshots, from the AWS Management Console.
So that leads to an architechture (or rather, disk layout) as follows:
- Drive C: AMI instance, boot disk
- Drive D: AMI instance, ephemeral disk (data lost whenever instance shuts down)
- …
- Drive H: AMI instance, ephemeral disk (data lost whenever instance shuts down)
- Drive W: Persistent Disk, for storing disk-to disk backups DBMS and / or logs
- Drive X: Persistent Disk, for SAP and DB2 Intallation
- Drive Y: Persistent Disk, for DB2 logs
- Drive Z: Persistent Disk, for storing installation files
Creating EBS (Persistent) Volumes
To create EBS Volumes, go to the EBS Volumes section of the Amazon Management Console. The major issue with creating volumes is that you can only attach / mount an EBS volume on an instance that is running in the same Availability Zone. This does mean that all your volumes must be in the same Availability Zone, if they are to be attached to the same instance.
I’ve created four volumes, corresponding to the Drive Letteres I gave in the Architechture section above.
- Drive W: vol-a82bc7c1, for storing disk-to disk backups DBMS and / or logs
- Drive X: vol-3f658956, for SAP and DB2 Intallation
- Drive Y: vol-4451bc2d, for DB2 logs
- Drive Z: vol-fc2bcb95, for storing installation files
Note that these are empty, unformatted, unmounted, unattached volumes (at the moment…).
Attaching EBS Volumes to our Instance
To attach the volumes to an instance, we need to have an instance running. Start up an instance of your image or of sap.nw70.win-64.db2.
Note that I am creating an x.large instance in the availability zone US-east-1b. I need the x.large instance to provide enough RAM and Swap Space for an IDES ECC6 system, and I’m starting it in the US-east-1b availability zone because thats where I located my volumes (no particular reason).
Once the instance is running, we can attach our volumes via the Attach Volume Button.
The result is that our volumes are now “physically” attached to our instance. Again, these are empty unformatted unmounted volumes.
Now we need to logon to this instance. If you are running an instance of sap.nw70.win-64.db2, you can logon as user sapinstall, password sap123. Use the Remote Desktop Connection, and specify the public dns name from your instance.
You assign a name to a volume when you are formatting it. You do this by running the Computer Management (if you’re running an instance of sap.nw70.win-64.db2, this should be on the Desktop of user sapinstall) and formatting and naming the volumes. Make the names distinctive, and related to their purpose, for example sw_repository.
Now use the C:\Program Files (x86)\Amazon\Ec2ConfigSetup\Ec2ConfigServiceSettings.exe program and the Drive Mapping tab to control which volume gets mounted to which drive letter. This is important, because we want to make sure that our sap_install, db2_logs, and backups volumes are always mounted on the same drives. Once the current image is bundled and registered, any instance launched from the new AMI will contain the setting we have configured in Ec2ConfigServiceSettings.exe.
Note the relationship between the volumes and Drive letters in the image below compared to the description of each volume given in the Architecture description above.
System Specific Configuration
Change the hostname (or in Windows terms, the Computer Name) to one of your choosing (Start –> Control Panel — System –> Computer Name –> Change). Run Ec2ConfigServiceSettings.exe. and make sure the Set Computer Name flag and the Sysprep flag on the Syprep tab are disabled – They should already be disabled, if you are using a copy of sap.nw70.win-64.db2.
Check the swap space (Start –> Control Panel — System –> Advanced –> Performance Settings — Advanced, Virtual memory). Again, this should already be correctly set if you are using a copy of sap.nw70.win-64.db2.
Edit the hosts file in C:\windows\system32\drivers\etc to include your Computer Name as a valid host name, for internal SAP and DBMS connectivity.
Do not forget to change the password of the sapinstall user. Otherwise, anyone who reads this will know the password.
Finally, bundle the instance using the AWS Management Console and register the resulting image under your own image name. The purpose here is to save the customisation you have done if you have a problem with the SAP installation. As part of the process of bundling, the instance is shut down and restarted.
You do need to have an S3 Bucket (or directory) to store the Image in.
For future reference, if you restart the instance yourself, using Start –> Shutdown and specifying Restart, you don’t loose any information or configuration from the C drive as you would if you terminated it from the AWS Management Console. This is because the later removes the underlying resources, while using Start –> Shutdown –> Restart doesn’t release the underlying resources.
Security and Firewalls
EC2 provides its own set of firewall rules called Security Groups. The defaults values are, essentially, just enough to get you access to the server itself.
Since SAP communicates via TCP/IP, we need to make sure that our instance(s) can be accessed via the ports used by SAP for its various services. This means we need to add the ABAP and Java ports for both our instance and the diagnostic instance.
Remember that the Windows Server underlying your new SAP system is on the Internet, and is accessible (by Design !!) from anywhere else on the internet, so only open the bare minimum of ports.
Installation
Download the appropriate files from http://service.sap.com/swdc (you’ll need an S number with download authorisation), extract / expand them and store the results on the Z drive. I stored the download files under Z:\NW70SR3 and expaneded them into their own folders on the Z drive.
Make sure you read the appropriate OSS notes. For the ECC6 IDES, the important ones are:
0799639 – General IDES related
0956921 – NW7 ECC6 SR3 IDES related
1244548 – NW7 ECC6 SR3 IDES related
and
1126127 – DB6: Deferred Table Creation and Row Compression
Otherwise, the install follows the standard process, as detailed in the appropriate installation guide (in my case, the NW7.0 SR3 ABAP+JAVA / Windows/ DB2). The two exceptions are:
* Specify that the SAP and DBMS Installations go on an EBS volume (i.e drive X)
* in my case, specify that the DB2 logs go on an EBS volume (i.e. drive Y)
The full IDES install took around 30 hours run time (think of it as $20 or so well spent) from when I started sapinst (that time did include checking and amending my previous implementation notes). The majority of the time is spent loading about 150GB data into the DB2 database. However, once sapinst had accepted the Solution Manager Key, you can disconnect RDP and leave the install running.
Saving your image
Once the installation is complete, you’ll want to back it up before you go any further. Using the SAP MMC, shut down SAP (or logon to Windows as the SAPService<sid> user and shut down SAP).
Use the AWS Management Console to bundle your running instance.
Once it is bundled, register the bundle as an instance.
You can share this with anyone with an EC2 account, by using Permissions to mark it Public, or you can share with individuals if you know their EC2 Account number. Note – Bundling a windows instance restarts the instance.
Basically, the image consists of whats on the C Drive, so backing up your EBS Volumes requires you to use the AWS Management Console to save snapshots of them. The EBS volumes are stored and charged for at the Amazon S3 rates. Just like EC2, however, you are only charged fo what you use. This means that if you define a 500GB volume, write a 1 GB file to it and create 4 snapshots of the volume, you will charged for 5GB of storage; 1GB data on the volume, plus 4 lots of 1GB of snapshot. backup.
When you’re finished with the instance, shut down SAP and don’t forget to terminate tthe instance via the AWS Management Console (otherwise you’ll be charged for it !!).
Running your SAPSystem
Start an instance of your image and attach the EBS volumes to the running instance. The work of of assigning drive letters, in the correct order, to each volume is controlled by our configuration work earlier in Attaching EBS Volumes to our Instance. One of the issues currently outstanding is that thess will actually get mounted on subsequent restarts of this instance (which we perform below).
Logon to the instance and update / verify the Swap Space sttings via Start –> Control Panel — System –> Advanced –> Performance Settings — Advanced, Virtual memory.
Regardless of the previous paragraph, restart the image using Start –> Shutdown -> Restart. With all Drives correctly assigned, and sufficient Swap Space assigned the DB2 and SAP Services for SAP MMC will start. Go into SAP MMC and start your SAP instance. Once SAP is running, you can disconnect from the instance.
Accessing your SAP System
Assuming you have opened the correct ports in the Security Group specified for this instance, you can now put the appropriate values into your SAP GUI …..
…..and access the ABAP Engine.
Again assuming you have opened the correct ports in the Security Group specified for this instance, you can go into the SMICM transaction and enable a simple service, then access it via a browser or web service.
Whats next ?
You now have a running SAP system. However
- No DBA processing, i.e. no DB13 jobs, no backing up of logfiles etc has
been implemented, so once you’ve tested connectivity, stop the SAP and
DBMS systems and take snapshots of your SAP & Database volume. - The SAP*, DDIC and IDADMIN passowrds are well known (or easily determined). Change them
- No post implementation work (i.e. SGEN) has been done,
The purpose of the exercise is to demonstrate how quickly you can run up a demonstration, training or testing system. Depending on how many resources you want to pay for (CPUs and memory), this can be quicker or slower.
However, it has been my experience, based on several green fields implementations, individual system implementations and upgrades, and feedback from others, that building an appropriate server – whether physical or virtual – can take up to 2 weeks. Using the approach detailed here, services such as provided by the Amazon EC2 service reduce this to the 45 minutes it takes to configure and bundle a standard public instance.
One of the obvious issues is that it is well and good using predefined data, which you can download, in zipped form, from OSS (such as the IDES data I used in this example). What about copying ‘real’ data fron an existing SAP system, especially if we’re talking TerraBytes ?
I’ll discuss this, the bandwidth of a portable hard disk and more of the Amazon Web Services features that are particularly useful for SAP in my next post.
Install SAP on Amazon Web Services #1 – The Environment
UPDATE: I have tidied this up a bit, to make some things clearer and to include the name of an AWS Public Image that can be used as the source for the subsequent step.
In this post, I describe how I setup a windows environment to install SAP ABAP and Java stacks, using the Amazon Simple Storage Service (S3) to store persistent data. I needed to:
* install and modify an appropriate Windows 2003 Server environment,
* save this environment for future use
In a subsequent post, I will describe the installation of an IDES system running NW7 and DB2. The three major challenges were
* setting up persistent storage of the NW and DB2 installation,
* suitable for using standard SAP and AWS functionality to support sustained (i.e. 24×7) operation of the SAP system
* and allowing you to stop and start the SAP system and / or server without losss of persistent data.
The result is a fast and cheap way of running up multiple systems, with the following features:
* You are only charged running costs for those systems that are running
* Low running costs (at the time of writing, $US 50 cents an hour)
* Low storage costs ($US 15 cents / GB / month for your 50TB)
* No more waiting for hardware – you can start implementation right now
* Systems (i.e. extra application servers) can be implemented, but not running
What did I know I would need ?
After reading the NW 70 SR3 installation Guide for Windows / DB2, I knew the following:
* I needed a 64 bit Windows Server with authentication services,
* I needed a reasonable amount of RAM, plus a decent swap space,
* I needed JAVA 1.4.
After reading the AWS EC2 documentation, I also knew that it was not practical to keep any volatile datasets (i.e. DB2 itself, DB2 logs, SAP process logs, etc) as part of the server, and that I would need to use the Amazon EBS servcie for persistent storage.
Signing up for Amazon EC2 and S3
An excellent account of how to setup a Windows Server image, and the principles behind this, can be found at Dave Winer’s EC2 for Poets. It also gives a good overview of how to sign up for both EC2 and S3 and the issues around persistent data.
Creating the base Amazon Machine Image (AMI)
Logon to the AWS Management Console and select the Amazon EC2 tab.
Select the Launch Instance button…
.. then find and select the Basic 64-bit Microsoft Windows Server 2003 with Authentication Services image.
Once the server shows up as running, logon using the techniques described in Dave Winer’s EC2 for Poets. One of the first things I did was to create a sapinstall user. This allows me to logon (via RDP) as user sapinstall / password without having to muck around with the keypairs.
Changes to standard AWS Windows 2003 64-bit Image
There were five issues that needed to be dealt with.
First I had to disable the Windows Attachment Manager (for non-windows people, this is a security setting that Windows uses to stop you writing dangerous file types to your disk) before Internet Explorer would let me save files. See the Microsoft Knowledge Base Article 883260 for a rundown on how it works. The quickest way to disable it is to uninstall the Internet Explorer Enhanced Security Configuration. To do this, click Add or remove programs in Control Panel, click Add/Remove Windows Components, and then click to clear the Internet Explorer Enhanced Security Configuration check box.
2) Both SAP and DB/2 (my target DBMS) require that the host name of the server its installed and running on remains the same. However, the default action every time you restart an AWS image is to have the host name set to IP-xxxxxx where xxxxxx represents the internal (to Amazon) host name the server is running on.
While you can perform arcane scripting to fix the host name, Amazon provide a tool, bundled within every AWS windows instance, that will ensure the hostname remains set to what ever you set in the System –> properties screen. The tool is C:\Program Files (x86)\Amazon\Ec2ConfigSetup\Ec2ConfigServiceSettings.exe
3) I wanted to make sure I had enough swap spacxe to run my SAP system. The base instance we are using gives us 15GB of memory, but, especially if we want to install multiple JAVA engines, this may not be enough. I allocated another 1500MB on each of two of the ephemeral disks.
4) My initial installation is going to be an NetWeaver 7 ECC6 system. This means we need to download and install java 1.4 from Sun’s Sekrit Squirrell place for old releases. Don’t forget to setup the Environment variables (JAVA_HOME and PATH) correctly.
5) The last change was to incorporate a Dynamic DNS Update tool. This is used to pass the IP address of the server we are “running on” to a service that will then set a fixed Domain name to specify the same DNS name to users and tools whenever I ran my instance. I use dyndns org. You can register a limited number of domain names for free, and they provide a tool (DynDNS Updater) that allows you to register your IP address against one or more of your Domain names.
Save your Amazon Machine Image (AMI)
Now you have an instance you can use to install and run SAP on. However, we need to make sure that all our changes are not lost. This utdown means you need to “bundle” your running system into a standalone Amazon Machine Image. Go to the Amazoin EC2 tab of the Amazon Management Console, select Instances, then select the instance you want bundled. Right click on More Actions and select Bundle Windows AMI.
This generates a popup screen. Fill out the appropriate details and clcik bundle. The Bundle Name refers to the S3 folder that will hold the AMI. This must already exist. The Key Name is appended to the name of manifest.xml filre that contains the S3 layout and location of your image.
Once you click bundle your request is confirmed.
.
You can follow the progresss of the bundling by examining the Bundle Tasks screen. There are three steps that bundling Windows instances needs to follow- The instance must shutdown, the Amazon bundling process must occur, and the resulting data must be stored.
Once the image has been bundled and stored, you must register the bundle as an Amazon machine Image.
An alternative to repeating all the work shown above is to grab a copy of the Public AMI I have created, called sap.nw70.win-64.db2. You will need to change the hostname (as descibed above), implement your own DynDNS org domain name and bundle and register the changed image.
Either way, you now have your own mildly customised image copy of a Windows 2003 Server, running on the Amazon Web Services cloud. This image is ready for installation of a non-trivial SAP system, such as the NW7 ECC6 IDES system.
In the next post, I will describe how I used the sap.nw70.win-64.db2 image to install the Windows DB2 IDES for ECC6 system.
How To Create a Customised SAP Menu
You can provide ABAP users with a modified version of the standard SAP main menu without affecting the original SAP area menu S000.
For example, say you have created a transaction code called ( z123 – My Own Report ) and you want to insert it under Administration. The specific user will be able to access My Own Report by clicking Administration -> My Own Report.
Steps :-
- Use Transaction SE43 – Area Menu
- Click the copy button. Copy from S000 to ZMGE
- After copying, click Change (area menu ZMGE)
- Double click on Administration and add in your transaction code in the AreaMenu.
- Remember to Activate the new menu !!!.
- Goto Transaction SU01 – Maintain users
- Type in the user name and click the Defaults button
- Type in the new area menu (ZMGE) in the Start Menu field and Save
- The user will be able to see the additional transaction on their next logon.
Reporting Tree Integration
Prior to release 4.6A, only transactions could be put in to Area Menus. From 4.6A onwards, you can also put all the types of reports which are in reporting trees, in Area Menus. The system automatically assigns a transaction code to call the report from the menu. Please note that if you have already put the report in another Area Menu, no new transaction code is generated; You must use the unique transaction code already assigned.
The old Reporting trees could only be displayed, not maintained. To modify the contents of reporting trees, you had to convert them with a migration transaction (RTTREE_MIGRATION). You could then modify the contents with the Area Menu maintenance transaction.
Advantages of the new Area Menus
The new data structure has the following advantages:
* Delinking by reference technique
You can construct a menu from submenus which are maintained separately in different systems.
* Less restrictions
The new area menus have no nesting level limit like CUA menus. The allowed length of menu texts has increased to 75 characters.
Copying SCM / APO Livecache data for SCM 4.0 or higher
OSS Notes: – these will require a valid OSS ID
Note 632357 – Backing up Livecache data for SCM 4.0 or higher
Note 541644 – Backing up the data from the Livecache for APO 3.X
Background:
One of the issues when copying SAP systems that have external data, whether it’s for regression testing or any other purpose, is making sure that the external data is consistent with the SAP data.
APO / SCM systems are one such example, where most data is stored in the SAP database (supported by an Oracle, DB2, SQL Server etc database), and some is stored in a
The SAP Livecache technology is an enhancement of the MaxDB database system that was developed to manage complex objects (e.g. in logistical solutions such as SAP SCM/APO). In these systems, large volumes of data must be permanently available and modifiable. One of the features is that in an optimally configured SAP Livecache database instance, all data which needs to be accessible is located in the main memory.
As of SAP SCM 4.0, the /SAPAPO/OM_LC_DOWNLOAD_UPLOAD program can be used to extract all transaction data (orders and stocks) from the APO applications (SNP, DP, PP/DS, CTM, ATP, TP/VS, and so on) in the Livecache and store it in the SAP database.
This ensures, so long as no updates occur in either source database, until the database copy is complete, that the SAP and Livecache databases can be consistently copied to another system. Once the SAP database is reloaded in the target system, the /SAPAPO/OM_LC_DOWNLOAD_UPLOAD program is used to reload the Livecache data into the target Livecache database.
Process:
When you run the /SAPAPO/OM_LC_DOWNLOAD_UPLOAD program (via transaction SE38), you will see that the program is divided into four sections:
Section A: Preliminary tasks (prior to the download)
Section B: Download (storing the transaction data in the APO database)
Section C: Upload (copying the master data and transaction data from the APO database to the liveCache)
Section D: Postprocessing tasks (perform these sometime after the upload)
Each radio button takes you to the appropriate transaction to execute the required task. Perform them in order, from A.1 to B.7
Once you have reached step B7 perform your SAP database backup, and build your target system.
Once SAP is running on the target system, and before commencing the reload of the Livecache databse from the SAP database, you need to ensure that the target SAP system is pointing to the target Livecache system. Use transaction LC10 to connect the SAP and LiveCache databases correctly.
Note that there are multiple connections to modify, so make sure you do this for each connection.
Once this is completed, you can perform steps C.1 to 13
Issues:
1) You need to have release SCM / APO 4.0 or higher to use this program. If you use APO 3.X, see OSS Note 541644.
2) If you intend to upgrade (for example, SCM 4.0 to SCM 5.0) at the same time, then you must not use the /SAPAPO/OM_LC_DOWNLOAD_UPLOAD program. Instead, folow the upgrade guide and use the appropriate upgrade program.
3) If you’re using the Rapid Planning Matrix application, only the status matrix is extracted because all other data can be regenerated using requirements planning (the alternative, of saving all of the RPM data, would take much longer).
Maintaining Customisation in a Productive System
It’s a common problem, and most Functional SAP people know how to deal with it, but just in case…. My customer wanted to modify table V77RCF_USR_SGRP (User Support Group in E-Recruitment) in a production system. SAP does provide this functionality for a subset of customisation tables, but occassionally (especially in newer releases) some get left out. You may also have a custom development that requires this functionality on an extra table.
OSS Note 77430 – Customizing: Current settings
OSS Note 356483 – Customizing: Current settings in the test system
As of Release 4.6 you can maintain this setting from directly within the IMG. Position the cursor on the corresponding IMG activity and select the menu options “Edit -> Display IMG activity”. On the following screen, select the tab page “Maint.objects”. There you can see a list of the assigned Customizing objects. By double-clicking on the corresponding line, you navigate to the Customizing object and can directly set the flag ‘Current settings’ there.
As an alternative you can also call Transaction SOBJ., to directly access the Customizing object, to set the flag directly.
The SAP code behind this assumes that the Client Role ( transaction SCC4 ) of the client you are working in is set to Production. For other Non Modifiable systems (where Client Role is Test, Demo, etc), you need to deactivate the transport connection for that particular object (if possible) as well.
As of Basis Release 4.6, position the cursor on the corresponding IMG activity and choose Edit -> Display IMG activity. On the following screen, select Maint. (Before Basis Release 4.6, position the cursor on the corresponding IMG activity, and choose Goto -> Document attributes -> Display.)
On the following screen, choose Objects in the area Technical attributes. In both cases the system displays a list of the assigned Customizing objects. The types “V” (View) and “S” (Table (with text table)) stand for view maintenance transactions, while type “C” stands for a view cluster transaction.
For type “V” and “S” objects, the transport connection for the view or table can be deactivated as follows:
screen
For type “C” objects, you can deactivate the transport link by turning it off for all related views or tables. Follow the steps below:
navigation
Now the Customizing object is no longer part of the transport connection and so is excluded from the changeability check.
Note:
Perform these changes in you development / customisation system, and transport through to production.
The change is active in all clients of the system.
You can also change the Customizing object in a locked client (independent of the client role).
Once the above steps are done, it is no longer possible to manually transport entries of the view or table.
