One of our S/4HANA Regional Implementation Group team goals is to support implementation projects and provide solutions to common implementation issues.
Following are 10 lessons learned from various S/4HANA 1511 projects:
1. Understand the Relevance and Readiness Tool
If you upload a system profile, the Readiness part of the check filters those versions of the apps, which are available/closest to this system profile. This mode is meant for customers who want to see which Fiori apps they can use without any or with minimum system updates.
If you want to know which apps are relevant and available for S/4HANA, populate the usage profile and select “Product Suite (SAP S/4HANA)” but keep the system profiles empty.
2. Understand the Landscape Architecture:
Transactional Apps make use of OData calls from the Front-end Server, but Web Dynpro and HTML GUI require direct connection the Backend server. This implies that several RFC connections are required. In some cases, firewall adjustments may be needed in complex network architectures. You can find a list of the required RFC connections in SAP Note 2269272 and configuration guide UI Technology Guide for S/4HANA 1511 On-Premise.
We recommend creating all these RFCs as they are used by various processes including Catalog Replication.
3. Catalog Replication / Index Calculation:
Set up Fiori Catalog Replication and Index Calculation jobs to run at least once a day, this will make sure that Catalog and Application ID status are consistent.
- Report /UI5/APP_INDEX_CALCULATE
- Report /UI2/GET_APP_DESCR_REMOTE
4. Update UI Libraries:
Important corrections are delivered in UI libraries (+1.38.x) that will help stabilize Fiori apps. Try updating this libraries depending on your implementation timeline and browser support. Some useful SAP Notes:
As you are probably aware SAP recommends to have a separate Front-end Server. Updating UI libraries can hence be easily done and does not affect the S/4HANA backend.
5. Know the Troubleshooting Tools:
Many Fiori issues are easily resolved by checking the relevant the error logs. Familiarize yourself with the available tools:
|/IWFND/MAINT_SERVICES (transaction)||OData Frontend Service Activation / Alias Assignment / SICF(/sap/opu/odata/sap)|
|/IWBEP/ERROR_LOG (transaction)||OData Backend Error Log|
|/IWFND/ERROR_LOG (transaction)||OData Frontend Error Log|
|/IWFND/GW_CLIENT (transaction)||OData Frontend Service Execution|
|SE80, SE37, SE38 (transaction)||ABAP Object/Code Analysis|
|Chrome Browser||Chrome Browser Developer Tools works best for troubleshooting|
|OData Browser Debugging||Add parameter: “?sap-ds-debug=true” to OData calls|
Refer to SAP Note 1797736 for a comprehensive guide on how to use the Gateway Error Logs.
6. One Front-end for Multiple Back-ends:
For implementation projects which would plan for this approach, we recommend to maintain one front-end client per back-end client within the same landscape.
You can create multiple front-end clients by creating client copies, this will help you accelerate the implementation. You can find the recommended steps to adjust front-end client copies here: How to Configure Fiori with Multi-Clients.
7. Enterprise Search Setup:
Follow the configuration steps described in the Best practices guide MAA and ensure you provide a HANA database connection (TREX is not required).
Expect ~3-5 hours for the task list to run. A second or third task list run might be needed to ensure objects are activated correctly.
Enabling trust relationship between the front-end and the back-end server requires all users to have authorization object S_RFCACL assigned.
Ensure all Fiori users are assigned to this authorization object and consider replication of user ids between front-end and back-end clients as this is required for the trust relationship and Fiori to work correctly.
9. Fiori App Roles
Pre-delivered roles are available per Fiori application. Details are available in the Fiori Apps Library.
In case of creating custom roles ensure that the necessary authorization objects have been assigned, including:
- Fiori Catalogs and Groups
- OData Authorizations
For the OData authorizations you can leverage the pre-delivered OData roles and create a composite role depending on your custom Fiori Catalog definition or you can use the role template /IWFND/RT_GW_USER and manually assign all the required OData objects (this template includes the following authorization objects: S_RFC, S_RFCACL, S_SERVICE).
10. Web Dispatcher Configuration:
The Web Dispatcher redirects calls to front-end or back-end server depending on the required content (e.g. enterprise search calls require direct connectivity to the backend). The following values are recommended:
wdisp/system_0 = SID=XXX, MSHOST=XXX-FQDN, MSPORT=XXXX, SSL_ENCRYPT=1, SRCSRV=*:44310, SRCURL=/sap/bc/bsp;/sap/bc/ui5_ui5/;/sap/bc/ui2/;/sap/bc/lrep;/sap/opu/odata;/sap/public/;/sap/bc/nwbc/;/sap/saml2
wdisp/system_1 = SID=XXX, MSHOST=XXX-FQDN, MSPORT=XXXX, SSL_ENCRYPT=1, SRCSRV=*:44310, SRCURL=/sap/bc/webdynpro/;/sap/es/;/sap/bc/gui/;/sap/bc/apc;/sap/bw/ina;/sap/bw/Mime/DS/Content
Additional information about Web Dispatcher here.
Remember that SAP Fiori is one of the key pillars of S/4HANA and is required for delivering innovation. With the recommendations outlined you should be able to run Fiori with S/4HANA quickly and benefit from those innovations.
Do you have additional recommendations around Fiori or questions? Let us know in the comments.
SAP S/4HANA RIG