A Checklist for BPC Projects Who Are Preparing for Using SAP Safeguarding Services
Due to the tremendous adoption of the SAP BusinessObjects Planning and Consolidation (BPC) application many SAP customers are implementing the software currently. During the Realization phase of a BPC project, customers who have SAP MaxAttention support contracts may elect to participate in a service offering called SAP Safeguarding for Integration Validation. These services may also be known as a Technical Integration Check (TIC) or Technical Integration Check Extended (TICx).
These Safeguarding services are delivered by experts from SAP Active Global Support (AGS) and sometimes supplemented by my teammates from the SAP Labs Regional Implementation Group (RIG) or from SAP Field Services. The Safeguarding services focus on integration, performance, and data consistency. The goal is to make your core business processes work, end to end. To accomplish this, we analyze and monitor the critical components and interfaces that support core business processes, carefully checking that:
- Interfaces are monitored and are passing consistent data
- Performance of critical business processes is optimized
Your organization’s assigned SAP Technical Quality Manager (TQM) and/or the SAP AGS service lead person will work with you to schedule and prepare your organization for this service. To receive the most efficient review service, I suggest five topics which you should tackle prior to the SAP team’s arrival.
1. Business Process Identification
2. Environment to be Used for Monitoring
3. Remote Connectivity
5. Logging, Tracing, and Debugging
2. Environment to be Used for Monitoring – After documenting and understanding the critical business processes you identified in step 1, the SAP review team will run those processes as a baseline measurement to compare against subsequent runs after making any suggestions for improvement. Given this iterative test and review process, certain factors have to be thought about in the context of your project environment. Will the system environment be comparable in size and load to production? Will the system review be competing with other testing activities which may be occurring at that time? If the SAP team asks to change a certain parameter, script logic file, or other configuration setting is your change and transport management system and process ready to accommodate the review team’s requests? Are the security profiles of the test users truly representative of that of the future end users? BPC security can have a big impact on not only the system’s performance but on the overall user experience within the business process. Finally, due to the unique way BPC data is transferred to the client hardware it is very helpful to gather a sample client hardware snapshot from some of the BPC Administrators and the future end users. A screen print of the system properties is sufficient. To collect this from your users ask them to press the Windows key + Pause, or alternatively go to the Windows Start menu then right-click on the computer name and select Properties. Preparing for the points above before the SAP review team arrives will make the assessment go smoother and more effort can be put forth on review of the business processes, rather than working through the environment questions.
3. Remote Connectivity – During the course of the BPC review some SAP team members may be working off-site and therefore it is vital that remote connectivity to the customer’s system is available. Not only does this mean the SAP R/3 Connection to access the BW system (BPC, version for NetWeaver only) needs to be open, but it also means a WTS connection has to be open to access the BPC .NET server and the BPC client applications which need to be installed on the server. SAP Note 605795 explains the WTS set up. Since WTS setup is generally not needed for the SAP Business Suite including BW many customers do not have this in place. However without WTS, remote analysis of the BPC client applications and .NET server setup is not possible.
4. Security – User ids and security for the SAP review team members needs to be setup in advance of arrival for three different areas of the BPC landscape. First BW Basis users are needed with SAP_ALL security profiles to review and monitor the system parameters and performance. The profiles must contain the transaction codes that begin with ST, SM, DB, SE, AL, UJ and RS. The SAP team also needs an Active Directory or local admin user which has authorization to the .NET server to look at the BPC Server Manager application, IIS, and various logs which BPC creates. Finally, the SAP review team needs to be provided with valid BPC user ids with appropriate security to execute the critical business processes and to review the BPC administration setup. To reiterate a point made before, the BPC security profiles, especially the member access profiles, need to be representative of the users who will execute the business processes in production. It may be simpler for you to just give the SAP team full member access rights to these test users, but that approach will sacrifice accuracy in providing a realistic measurement of system performance.
5. Logging, Tracing, and Debugging – Prior to the SAP review team’s arrival, you should activate several Appset and Application parameters used for logging and tracing in BPC. You can setup these parameters from tasks within the BPC Web Administration homepage.
LOGLEVEL = Info
TRACELEVEL = Debug
TRACEUSER = DOMAIN\USER
Application Parameters* (for each application that is to be reviewed):
BPC_STATISTICS = ON
Trace Files: Edit this file with a text editor such as Notepad and change the setting TRACE=ERROR to TRACE=DEBUG. Note that with Windows 7 you have to run Notepad as an Administrator to write to the Program Files directory named above.
Within the log-configuration.xml file, you can specify where the trace and log files should be stored. To do this you need to modify the following items by inserting the drive and path inside the quotation marks.
TraceDestination value=”C:\Program Files\SAP BusinessObjects\PC_NW\Trace”
LogDestination value=”C:\Program Files\SAP BusinessObjects\PC_NW\Log”
Make sure the BPC users have write access permission to the drive locations where the trace and log files are written. In Windows 7 you may have to right-click on the Microsoft Excel menu item and select Properties, then click on the Compatibility tab and check the option to run as an Administrator. If permissions are setup correctly BPC will begin to write trace and log information to two files: BPCTRACE.0.LOG and BPCLOG.0.LOG
The log and trace files are explained further in chapter 3 of the BPC Operations Guides.
If you are running the NetWeaver version of BPC, it is critically important that you setup one or more debug users for the SAP review team to utilize. How to establish the debug users in the BPC Server Manager application is detailed in chapter 4 of the BPC NW Operations Guide. From our experience, many customers are unsuccessful at defining the debug users on the first attempt. Often this is because they failed to type the Planning and Consolidation user id in capital letters as DOMAIN\USER ID or they mistyped or cut and pasted the information which resulted in an extra space after the user id. Please test your setup to see if the debugger does launch.
- Login to the BW system with the user id named as a debug user
- Go to transaction SE37
- Enter function module name as: UJ0_ON_NEW_RFC2 and click display
- Set an external breakpoint on line 39
- Login to the BPC Excel client and start the connection wizard using the user id defined as a debug user and proceed to the step when BPC obtains the AppSets available to the user
- Switch to the BW session and the debugger should have started
- Optionally you can use t-code SM50 to confirm that the BPC user id is shown logged into BW rather than the generic system user BPC-ADMIN
- End the debugger session and log off BW and BPC
- If you did not setup the debugger ID correctly, then remove them from the BPC Server Manager and restart IIS. Then try to assign the user ids again and restart IIS a second time. Repeat the test as explained above.
Fiddler is a free web debugging tool that is useful for monitoring the traffic between the .NET server and the ABAP server. Please download and install this application on the client machines which will be used for the review service.
In the RIG team’s experience in helping with these Safeguarding reviews these are specific preparation tasks that could be addressed prior to the assessment to get the most out of the service. Often these tasks do not get performed until the SAP team shows up on site, which obviously cuts into the available time to focus on the value added deliverables of the engagement.