SAP BusinessObjects Data Services connectivity through NAT or Firewall
Summary
When I was working on a project and needed to remote access SAP BusinessObjects Data Services server. I had done some research on internet and finally successfully made it. This blog is to explain about setting up connection for SAP BusinessObjects Data Services from external to internal network through NAT or firewall. This document may resolve one or some fellow errors: “Session: SDK failure”; “BODI-1112172”; “BODI-1241021”; “login error: could not reach CMS”.
Environment
- Microsoft Windows Server 2012 R2 (64-bit)
- Microsoft SQL Server 2012 (64-bit)
- SAP BusinessObjects BI platform 4.1 SP5
- SAP BusinessObjects Data Services 4.2 SP5
Let us assume BODS and BIP are installed in the same server connecting to a gateway/router. Repository Database is using port 1433. When installing BIP and BODS server we accept all default configurations, we are able to log on BODS Designer, Workbench, CMC and CMS. Now we will configure CMS and NAT port forwarding to setup the connection.
Introduction
Before setting up proper port mapping, we are facing this error when logging on SAP Data Services Designer from external network.
Resolution Steps
1. Let us read the SAP Data Services 4.2 SP 6 Installation Guide for Windows first to find out the required ports for Data Services server and clients.
There are specific communication ports that are used by Data Services server components.
If you deploy Data Services with firewalls, use this information to open the minimum number of ports in those firewalls.
Communication ports that are used by Data Services client applications and web applications.
If you deploy Data Services with firewalls, you can use this information to open the minimum number of ports in those firewalls.
I had read the installation guide before and always thought that request ports were dynamic, could not be configured as fix even SAP notes say so. But this time I read again and found below notes.
Note
- Use the Central Management Console (CMC) to configure a fixed BI platform Central Management Server (CMS) request port.
For more information, see “Server Administration, Configuring server network settings, Configuring port
numbers” the BI platform Administrator Guide or the Information platform services Administrator Guide.
- Use the Designer to configure fixed debugger and Job Server request ports.
2. Below are the ports required to setup port forwarding on router and are required to be opened on firewall.
- BI platform Central Management Server (CMS)
Name server port – 6400
Request port – configured on CMS to 6500
- Job Server
Communication port – 3500
Request port – configured on Designer to 3511
Debugger port (optional) – 5001
Adapter communication port (optional) – 4000
- Access Server Communication port – 4001
- EIM Adaptive Processing Server – 4010 to 4013
- Web application server Communication port – 8080
- Repository database server Connection port – 1433
3. Use the Central Management Console (CMC) to configure a fixed BI platform Central Management Server (CMS) Request port
- Select Servers on CMC from drop-down list, click on Servers List, right click on CentralManagementServer, click on Properties from pop-up menu
- Uncheck Auto assign then enter the prefer port number on Common Settings section
- Do the same changers to other servers required then restart the all servers that were changed port settings.
4. Use the Designer to configure fixed debugger and Job Server request ports
Log on BODS Designer from local computer then select manual Tools -> Options -> Designer -> Environment to change port settings.
5. Now we should be able to log on from external.
Yes, we can now look up the repository list but Opps other error comes up
This is because the version of remote computer BODS client components is not compatible.
6. After upgrading the client software try again then we are facing ODBC driver error
Launch ODBC Data Sources Administrator from C:\Windows\System32\C:\Windows\System32 create a system DSN pointing to remote repository database. Choosing the relevant authentication method and entering the credentials where applicable, click on Client Configuration button. This will open the Add Network Library Configuration window.
7. Finally, try again — We logged on remotely!!!
Reference Material
SAP Data Services 4.2 SP 6 Installation Guide for Windows
I would like to correct my mistake at step 4.
In real environment the Designer does not connect to Job Server yet therefore it will not keep the changes made at this step. You will be prompted error BODI-120016.
Anyway you still can login and on the Designer taskbar you can see Job Server connected icon but there is notification server error(BODI-1241023).
You cannot run any job from Designer.
Since job server needs two way communication in order to make job server work on external network it will need few more steps involving port forwarding, local DSUserConfig file changes etc.
1. Edit local DSUserConfig.txt (C:\Users\<user name>\AppData\Local\SAP\Data Services\conf\DSUserConfig.txt) section [AdminClient], change ports to your desire one.
[AdminClient]
NotificationPortID =3520
LocalPortBegin=3520
LocalPortEnd=3520
2. On your router configure port 3520 forwarding to the computer where DS desiger is installed
3. if you have firewall enable you also need to open port 3520.
Now Job Server is ready, your Designer connects to Job Server and can run job from local.
I've got some issues with Data Services Workbench from a client PC install. Data Services Designer is fine and I've limited the Job Server communication ports there, but Workbench will only start up from the install on the server itself. Any suggestions?
It doesn't even get past logging in just sits there with an animated "doing something" icon once you enter your credentials. This is logging in using Enterprise or Windows AD login - NB: I've added appropriate kerberos java options to Data Services Workbench.ini.
Hi Jerry,
Tanks for your awesome blog. What do you mean by
Thanks