Saturday, February 6, 2016

Law of Personal Data Protection in SAP BW

By default SAP BW provides logging capabilities of data access. Means all users access to data can be logged and evaluated from security and audit point of view. For regular usage of system usually this is enough. Some countries are requiring IT systems to fulfill their own rules while processing personal data. One of example is Spain which few years back introduced so call Ley Orgánica de Protección de Datos de Carácter Personal (LOPD) law.

As BW is one of systems that can store personal information; SAP had to provide capabilities within the SAP BW system to adhere the law. This resulted in introduction of LOPD Access Logging in Reporting and Planning Applications as feature of the SAP BW and/or SAP NetWeaver.

The LOPD feature involves logging all access to sensitive personal data stored in SAP BW. Technically it is delivered via BADI RSEC_LEGAL_AUDIT_SAP. By implementing mentioned BADI the LOPD feature is enabled. As next steps particular InfoProviders which store personal data need to be customized as LOPD relevant via customizing table RSECLOPDIP. Once these things are setup system collects the LOPD relevant data.

Useful information:

933441 - Frequently asked questions on BW 7.0 and data protection

BW Workspace

Similarly as field based modeling BW Workspace aims to enable rapid modeling in SAP BW environment. It addresses gaps usually occurring during the BW implementation and application maintenance projects where conflicts between IT teams and power users from business departments are occurring. The IT department maintains and governs BW data models centrally. Every change requested goes under usually strictly defined change management process and in the end it is not delivered at speed the business department would want. The business is changed rapidly and to be able to react on market changes the business people need to have agile processes in place to address these changes in their IT systems.

The BW Workspace can help the business departments with its kind of a sandbox space where they can create data models for ad-hoc scenarios. Creation of these is supported by tools which allow combine centrally developed BW data objects (by IT) with locally created objects (InfoProviders) by business users. So called locally created objects are usually based on flat files data, data from existing BEx Queries or DataSources. The sandbox in these terms is called as Workspace and is managed by IT department however the Workspace can be used by business which means also then can create new objects within the workspace.  

Usually within the BW Workspace there are three types of users: Admin which defines workspace and data scope in it. Developer role has an access to use the workspace created by admin. The developer or let’s say designer can create a data model to support reporting as per needs. Finally End User has an access to providers created in workspace and the queries / dashboards based on them.

Prerequisites for using BW Workspace are as follows:
·         SAP NetWeaver BW 7.30 SP1 or higher
·         Workspace ABAP AddOn for BW7.30 (includes ABAP WebDynpro application)
·         SAP NetWeaver BWA 7.20 or SAP HANA 1.0 SP05 – the BW Workspace doesn’t work on system where neither HANA nor BWA is available.
·         For users (like developer and end user) who will work with BW Workspace object an Active Component Framework (ACF) needs to be installed on their machines (ACF712SP00_47-20006190)

Following ICF services are required to be activated for the BW Workspace Designer application (Web Dynpro application). They need to be enabled via t-code SICF:

For more details on the BW Workspaces configuration see here.

Admin part: means creation of new workspaces objects takes place in SAP GUI in t-code RSWSP or RSWSPW. Here a central provider(s) can be assigned to the workspace. Also other options are available here like maintaining properties of the workspace, checking of data and status of Local (Composite) Providers, maintain users who are allowed with particular workspace, etc. Notice that technical names of tech name of e.g. CompositeProviders always starts with "@3".

Developer/designer part: activities here happen in web dynpro application that can be launched via t-code NWBC from SAP GUI. Users here can create or enhance new or existing models for data analysis. New InfoProviders (Local Provider / Local Composite Provider / Local Characteristics) can be created here. In case of the Composite Provider e.g. local data can be mashed up with data in BW’s classic InfoProviders using union or join.

User part:  here user is in usually reporting front end tool like BEx Query Analyzer or newer 
SAP Analysis Office for Excel (AO) where user just runs BW queries as usual.

Useful links:

SMP component: BW-BEX-OT-WSP BW Workspace

Active Component Framework

A SAP component which is responsible for integration of active components in web based user interfaces of SAP is called Active Component Framework (ACF). It enables usage of technologies like Adobe Forms or MS Office components in SAP technology like WebDynpro.

Implementation of the ACF contains ActiveX controls, JavaBeans, and applets that run in Web browsers or in SAP NetWeaver Business Client (NWBC). What the ACF does is to provide services to process mass data while fetching the data from the backend and reset modified data state), displaying data in-place or outside a browser or the NWBC, integrating components in the Web Dynpro programming model (data binding, event handling), keeping the status of a component when a new page is loaded.

Web Dynpro ABAP (WD4A) provides the following ACF based UI elements for developers of user interfaces: Gantt, Network, OfficeControl, InteractiveForm, AcfExecute, AcfUpDownload, FlashIsland, SilverlightIsland and ActiveX.

Technically the AFC is installed with SAP GUI. However it can be also download from SAP SMP via -> "Browse our Download Catalog" -> "SAP Technology Components" -> "ACF" -> Download the latest available ACF patch. Also see following SAP Notes for the same.

766191 - Installation of Active Component Framework
891202 - Installing Active Component Framework for NW04S SP04

In closing words I need to say that as whole software world is moving to light wave option of HTML5 based UIs also SAP is shifting away from UIs based on such an active components. SAP is heavily investing in their Fiori based UI.

Useful links:
846952 - Erase ACF from client PC

1150277 - Prerequisites for using ACF

Friday, February 5, 2016

How to check whether HANA or BWA are available?

Some time back I wrote two posts regarding how to find whether SAP NetWeaver system is HANA DB based and how to find BWA version. Here I’m going bit further on same topic and I introduce another small ABAP code snippet. 
This time it is about how to check on both whether the HANA and/or BWA are available in the system.


* via class's attr - this is preferable way
IF cl_rs_utilities=>n_is_hdb_system = rs_c_false.
  WRITE: / 'no hana'.
  WRITE: / 'hana in place'.

* via class's method
IF cl_rs_utilities=>is_hdb_system( ) = rs_c_false.
  WRITE: / 'no HANA'.
  WRITE: / 'HANA in place'.

* via class's method
IF cl_rsddtrex_core=>get_trex_rfc_dest( ) IS INITIAL.
  WRITE: / 'no BWA'.
  WRITE: / 'BWA in place'.

Source code available at:  

Related posts:

Tuesday, February 2, 2016

BEx Query where used program

An ABAP program I’m writing about originated in one requirement I had today. I needed to evaluate where a bunch of BEx queries are being used. Place where particular BEx query can be used comprises of: workbooks, web templates, query views, broadcast setting, BW transformation etc.

As I had bunch of the queries to evaluate I wrote simple ABAP report which extracted “where used” information for me. Here I’m posting a fragment of my program which does the thing. A list of where used objects are provided in internal table lt_where_used.

REPORT zmm_bex_query_where_used.
PARAMETERS: p_compid TYPE rszcompid,
            p_obv    TYPE rszhelp-objvers OBLIGATORY DEFAULT 'A'.
DATA:  lv_compuid         TYPE rsz_uid,
       lt_where_used_info TYPE rzd1_t_where_used_info.
SELECT SINGLE compuid FROM rsrrepdir INTO lv_compuid WHERE objvers = 'ACT' AND compid EQ p_compid.
    i_compuid           = lv_compuid
    i_objvers           = p_obv
    e_t_where_used_info = lt_where_used_info.

Source code available at:

Monday, February 1, 2016

Deletion of BEx workbooks

Sometimes during cleanup or maintenance activities there are many obsolete workbooks found in the BW systems. Even in case just one orphaned workbooks is found that was linked to query which was just test query such workbook needs to be deleted. In best case we ask user who created the workbook to delete. But in case when user left organization long time back someone else needs to step in and delete the workbook.

The question is how to perform it. We can do it in following ways:

1. Function module RRMX_WORKBOOKS_DELETE run it in tcode SE37 and provide following input parameters:

I_OBJVERS                       A

Notice that there are no any messages neither return code returned by the FM. In case deletion is successful there are no output parameters at all.

2. T-code RSZDELETE: In this case also query on which the workbook is originated is deleted. On selection screen provide report technical ID and thick off “Workbooks” check box.

On next screen select DELETE checkbox for corresponding query:

Once it is finished following confirmation popup is displayed:

How to look up COMPID for BEx Query based on GENUNIID ?

While dealing with BEx query there may several scenarios occurred based on which we do not have real technical name of BE query but we have some other identificator of the query. In very common case we have so called technical ID of the query. This is the DI that is visible in BEx Query Designer. BEW developer gives this DI while query is being created. The query technical name is stored as field COMPID (Name (ID) of a reporting component) in table RSRREPDIR. The field COMPID is 25 characters long.

Other unique indentificators which are stored in the same table are:
COMPUID     CHAR  25      UUID in compressed form 
GENUNIID    CHAR  25      Internal display of the report identifier

The COMPUID is unique identificator. This is very important to be noted as one query can have same technical name (COMPID) but COMPUID must be always unique. The COMPUID as well as GENUNIID serve as links between RSRREPDIR table and other BW tables which are related to BEx query.

Sometimes it may happed that we know only GENUNIID value for particular query. Based on this we want to look up COMPID for the query. Following function module can be used for this:
CONVERSION_EXIT_GENID_INPUT- Conversion Exit: InfoCube/Compid -> Genuniid

Imagine we have query with following record in the table RSRREPDIR:

By using mentioned FM we can lookup GENUNIID of the query by providing the COMPID of the query. Of course one can say that we can directly see the GENUNIID in table RSRREPDIR by providing COMPID value so no need to go for the FM. The SE11 for the RSRREPDIR is faster. However if it needs to be done programmatically perhaps call of the FM from ABAP can serve the purpose better.

Another option is to go to SE11 and on selection screen to enter value of GENUNIID:

Once it is entered by ENTER key we get COMPID as the GENUNIID is converted (by the same FM) to COMPID:

However there are cases when we only know the GENUNIID and we need to lookup COMPID. Here we use FM: CONVERSION_EXIT_GENID_OUTPUT

Tuesday, January 19, 2016

How to manually implement SAP Notes

A little while ago I wrote blog post about useful report that can be leveraged while implementing several SAP Notes. With help of the report it is possible to load multiple SAP Notes corrections into the system where the t-code SNOTE can pick them up from.

I had few inquiries from readers of my previous blog. They were interesting on topic how to actually download SAP Notes corrections from SAP Service Marketplace (SMP) before they can use the report mentioned. I’m going to elaborate it in more details in this blog post. Usually it all starts at SMP.

Once the SAP Note that has a correction that needs to be implemented is found it needs to be downloaded. Usually the Notes with correction have a Download button on the Note’s screen at the SMP – in Notes application:

Once someone clicks on the button a new pop-up windows is opened. It informs about adding the object into basket of SAP Download Manager application.

Normally the object can be downloaded via the Download Manager. However in case there are just few objects that are being download the download can be simply done over HTTP protocol. So someone has just click on “Download Basket” button and content of the basket is displayed. From here just a simple click is needed on the particular object and browser displays dialog to save the file locally on user’s machine.

Once all objects from SAP Notes are downloaded to local machine like one above then they need to be uncompressed (usually they are in form of ZIP files). Now the report mentioned in my previous post takes place. Simple run the ZSCWN_NOTES_UPLOAD report in e.g. t-code SE38. On its selection screen enter path where the files with the Notes corrections were stored. After report ran there is a message “Files loaded” appearing in status bar of SAP GUI.

Finally t-code SNOTE is used to implement the corrections of the SAP Notes.

Sunday, January 17, 2016

How to recognize between 3.x and 7.x BEx query?

SAP BW in its versions starting with 7.0 introduced many changes to BEx queries.  This resulted in a situation that there are two types of queries. First there are “old” or 3.x based queries. These were created with BEx Query Designer 3.x tool. On other hand we have “new” or 7.x based queries created in BEx Query Designer 7.x tool.

As a side note sometimes in SAP documentation they refer to 3.x BEx as “Business Explorer 3.5” or “BI BEx Suite 3” or “NW 2004” and to 7.x as “NW 2004s” or “BI BEx Suite 7” or “BEx 7”.

SAP advised to perform 3.x based queries migration to 7.x fashion right after the 7.x version popped up. However customers were neglecting it. The fact is that even in SAP BW 7.3 the 3.x based queries still run without problems. In version SAP BW 7.4 the BEx tools (Query Designer and Analyzer) of version 3.x are not available but Analytic Engine of BW 7.4 can still execute these queries.

Even we still can run the 3.x queries in BW 7.4 it is highly advisable to migrate it finally at this point of time. The BEx queries have gotten many new features in BEx 7.x. Also new BEx Query Designer of 7.x was redesigned so therefore it makes no sense to keep the query in old fashion.

Now how to recognize what queries are in the SAP BW system which the 3.x based? Version of the BEx tool that was used to edit particular BEx Query elements is captured in table RSZCOMPDIR. The table has column called VERSION which hold information about version of the reporting component. And exactly this is the field that tells us either it is query of 3.x or 7.x. As per value of the column; if it is higher than 100 it means that 7.x query if it is less than 100 means it is 3.x.

In case you want to perform the migration of old queries you might be interested to read further. The migration is quite easy in fact. All that needs to be done is to open the BEx 3.x query in BEx 7.0 Query Designer and save it. Once you hit SAVE button on the toolbar the query is migrated. It means you can open it only in 7.x BEx Query Designer and it can’t be opened in BEx 3.x Query Designer again. On such an attempt you will get a following message:

This component was edited with a more recent version of the Editor. You also have to use the more recent version to edit further. Further processing not possible. Update your front end'.

There is one more thing. If you open the old query in new BEx Query Designer the system performs automatic backup of the query. It stores the backup of the query and its component which was originally created in 3.x version of BW. The backup components can be recognized by value “B” of column OBJVER of table RSZCOMPDIR. Unless the query is saved in the BEx Query Designer 7.x it still can be opened in old BEx QD even it has backup version. There is an ABAP report (COMPONENT_RESTORE) provided which can be used to convert migrated query to 7.x back to 3.x version. Needless to say this is not foreseen to be used too much; of course. Also notice that once restore is done then all modifications done with QD 7.x are lost.

There is a possibility to prevent creation of the backup version of the query. It can be achieved by implementing following parameter in the table RSADMIN and setting its value to X: QDEF_NO_3X_BACKUP

Useful information:
1932461 - SAP BW 3.5 BEx tools / BW 3.5 frontend add-ons are incompatible with BW7.4
1807522 - BEx 3.5 Objects Migration to BEx 7.0
1097674 - NW2004s: Administration of backup object version
949330 - NW04s: Query backup and restore
1410878 - Maintenance for BW 3.5 front-end add-ons

Monday, January 11, 2016

How to prove your SAP certification?

SAP Consultants work hard to earn certification. Once it is secured they also want to make it visible that they have it. This is important to distinguish between those who really have it and “those” who just claim to have it. How to make prove that someone who claims to have it really has it?

SAP is providing dedicated tool where it is possible to do kind of “certification check” on person who claims having the SAP certification. Once someone earns the SAP certification he or she can manage the certification(s). Also it is possible to update personal information, review current certifications etc. The most important feature of the tool is that it allows publishing one’s credentials to so called “SAP Certified Consultant Registry”.

How does it work? It is very simple. After successful completion of the SAP certification a logon credentials to the tool are provided by SAP. After that the consultant can manage it by himself. You can prepare URL which points into your certification and include it in your CV.

The tool is available via link: here you can lookup someone’s certification.
SAP Credential Manager: here you can manage the certification.

Notice that it takes 10-14 days after you have passed an SAP certification exam to see it in the registry. If you earned the certification in the past and you do not have an account into the tool you can request it via SAP Education Department. Once you have it but facing logon issue you can request reset of password via:

More information:
Certification Credential Manager

Saturday, January 9, 2016

Simple SAP related flow in MuleSoft application – IDOC based

Similarly as in my previous post I’m sharing a little about my experience while working with MuleSoft Mule ESB platform.

In next text I depict simple flow in the mule which listens for incoming data coming into the mule’s app from an IDoc generated in SAP. Once the IDoc of certain type is created in the SAP it is displayed in the app’s console. Needless to say that the IDoc gets generated in the SAP when some business data gets modified (created/changed/deleted). There is quite extensive configuration to be done at SAP side with regards to ALE customizing in order to setup the IDoc generation. On the mule side there is just an SAP Connector configured which acts as the IDoc listener. The IDoc Basic Type needs to be specified in its Object Name field. All parameters for connection form the mule app to the SAP are taken via parameters form file.

Here’s the mule app’s console output looks like:

Related post:

Simple SAP related flow in MuleSoft application – BAPI based

Recently I worked for one integration focused assignment. We used integration platform from MuleSoft called Mule ESB (Enterprise Service Bus). The Mule ESB is a lightweight integration platform based in Java used to integrate different systems. As my background is mostly SAP and in this space the SAP has its own integration platform called SAP PI it was whole new world to me to work with the mule.

In next paragraphs I depict simple flow in the mule which calls a BAPI at the SAP side and shows the data returning by the BAPI. The application is started by triggering URL (http://localhost:8081/) on which HTTP Listener element listens. After that a call of the BAPI in the SAP is executed and returned data is written by Logger into the app’s web page where it was triggered from.

From configuration point of view there must be whole setup of ALE customizing done at the SAP side. At the mule’s side there is SAP Connector used in the flow. It is acting as trigger of the BAPI call. The BAPI name is specified in Object Name of the SAP Connector element’s properties. Along the Object Name also XML Definition (see below) needs to be provided. 

Here’s how the XML definition for BAPI looks like:

Here’s the mule app output:

How to programmatically activate ABAP report

Recently I wrote blog post about topic of syntax checking from ABAP reports. Now as next logical step let’s talk about an activation of the ABAP report programmatically from the ABAP. Usually every dictionary object has to be activated before it can be used. The ABAP reports are not an exception.

By activation process a source code of the ABAP report is being checked for syntax errors and afterwards active version of the report is generated. As last step of the activation process a load version is generated.

There is also a process of the ABAP report generation. Unlike activation process this one only generates a new load version of the program. So no activation part takes place.

Below I’m providing to simple program for the ABAP report activation.

1. Activation leveraging FM REPS_OBJECT_ACTIVATE:

REPORT zmm_abap_activate01.

PARAMETERS: p_prg  TYPE e071-obj_name,
            p_otyp TYPE sewor_working_area-object DEFAULT 'REPS'. "REPS=report, METH=method

    object_name = p_prg
    object_type = p_otyp
   not_executed = 1
   others       = 2.

Source code available: here

2. Activation via statement “INSERT REPORT”:

REPORT zmm_abap_activate02.

PARAMETERS: p_prgsrc TYPE sy-repid, "report where source code is read from
            p_prgtgt TYPE sy-repid. "target report that will be created

DATA: lt_source  TYPE TABLE OF string,
      ls_type(1) TYPE c VALUE '1'. "1=Executable program

READ REPORT p_prgsrc INTO lt_source.


Source code available: here

Related posts:
How to programmatically check syntax of ABAP report

Friday, January 8, 2016

How to find out InfoArea for particular BW object type?

I run into this issue quite often. I need to find out where in BW object’s tree in modeling area of RSA1 the object is precisely located. I mean what is an InfoArea where particular object is located. Well I can search for it and once it is found the system gets me directly into its position. However it gets worse when I do not have an authorization to access the object. In such a case even search does not find it. Therefore I have to lookup particular InfoArea manually. Here I’m posting a kind of cheat list with all the tables which can help to lookup the InfoArea of different BW object types.

Kindly notice that list of BW object types is not comprehensive but it server with few basic and most used types.

BW obj type
Input field
Field which has InfoArea’s name
Composite Provider
Data Flow
HANA Analysis Processes
HANA CompositeProvider
Planning Sequence

Guide: e.g. for InfoObject go to table RSDIOBCIOBJ and for given IO name in field IOBJNM value of field INFOOBJCAT gets InfoArea.