Wednesday, November 18, 2020

SAP TCI Notes - Transport based Correction Instructions

While searching on SAP support site one may encounter type of SAP Notes having a Transport-Based Correction Instructions (TCI). Normally the SAP Notes are delivering a fix (correction) of some issues within SAP software. Software correction within SAP Note can be delivered via following channels:

·        SAP Notes automatic correction instructions

·        SAP Notes manual correction instructions

·        Support Packages (SP)

Since 2016 SAP offers one more type of the correction delivery. The TCI corrections are a new type of a channel to ship ABAP corrections with SAP Notes. On top of either manual or automatic correction instructions the TCI correction are having a set of additional attributes.

ABAP transport associated with a TCI Note has set of attributes needed for its installation like software component version, minimal SP, languages etc. TCI has its validity that restricts it to restricted to a certain SP range. Dependencies to other corrections and SPs can be defined. It is created out of correction code line and integrated into standard correction and upgrade process. The TCI is dedicated functionality affected only.

All these are enabling faster consumption of the TCI comparing to regular SAP Note with either manual or automatic correction instructions. Person who does the correction implementation does not need to have developer skills as all normally manual activities performed by the system during installation process. The TCI can be de-implement or rolled back. It supports of all transport enabled ABAP objects such as DDIC, table Content, MIME objects etc. No need for manual adjustment activities unlike during SP import and upgrade for SAP standard objects (t-codes SPAU and SPDD).

The TCI are available for NetWeaver system starting from SAP NetWeaver 7.00 SP09 and above. This type of correction is not activated in the SAP NetWeaver by default. It needs to be enabled. See SAP Note 1995550 for details on how to do it.

 

More information:

Online docu

Central Note about TCI: 2187425 - Information about SAP Note Transport based Correction Instructions (TCI)

1995550 - Enabling SNOTE for transport based correction instruction

2543372 - How to implement a Transport-based Correction Instruction

2764122 - How to check if a TCI note can be de-implemented or not

2489679 - How to identify TCI Note

Difference between SAP notes

Difference between SAP Note and KBA article

Tuesday, November 3, 2020

BW templates for generation of runtime objects

Runtime versions of BW objects are generated based on generic templates. The templates are represented as ABAP includes. They usually follow namespace RSTMPL*. Few examples:

 

IO object related templates:

RSTMPLIHEADER - Template for generation of the IOBJ routines (header)

RSTMPLIMDT - Template for generation of the IOBJ routines (master data / texts)

RSTMPLIOBJ - Template for generation of the IOBJ routines (generated)

RSTMPLIR - Template for generation of DB routines for basic chars

RSTMPLISID - Template for generation of the IOBJ routines (SID)

 

The runtime version is normally generated upon creation/activation of particular new BW object. However in case there is any ABAP code change done in the source code of the template (e.g. correction delivered by a new Support Package or by an upgrade) then the generation status of all programs that were generated based on changed template is reset. In such a case, in the BW system one can observe message like see 'Program code does not match the runtime version (generation status set)'. In particular, for BW transformation this can be seen in RSA1 while on Transformation screen in menu Extras -> "Display Transformation Program".

This means the generation status needs to be set. This can performed in several ways:

1. Manual object reactivation: In case of development system, the object can be reactivated by switching to Edit mode and activating it.

2. By object execution: During the execution of the load in case object is transformation or DTP

3. By special ABAP tools: There are some ABAP programs available in the BW system to be used for regeneration of the runtime objects, few examples:

RSDG_RSTMPLIR_GEN_ALL - Regenerates the master data update routines of the characteristics (IOs) generated based on the template 'RSTMPLIR'.

RSDG_TRFN_ACTIVATE - Reactivation GP* report of BW transformation.

 

More information:

1907561 - Program code does not match the runtime version (generation status set)

1790338 - Lock related errors during DTP data loads

1881372 - Consulting: DTP load runs infinitely long and hang after you upgrade your BW support package

Tuesday, October 20, 2020

SAP BW and GDPR

EU’s regulation regarding to data protection and privacy known as General Data Protection Regulation (GDPR) came to a force on 25 May 2018. Briefly, it gives EU residents better protection and control of their personal data. It regulates how organization can handle the data (from perspective of collecting, storing, and transferring it). In addition, as well how they use the data. The organization in and outside the EU that process data of EU residents must follow the rule. In this post, I would like to summarize how the GDPR or other data protection laws can be supported by SAP BW systems. In further text, I just use term the BW that means BW and BW/4HANA as well.

The SAP BW has so called Data Protection and Privacy (DDP) features which can help the organization comply with the GDPR. There are following 4 areas of the DDP:

1 Read Access Logging (RAL):

Is used to log and monitor read access to sensitive data. It is contained within NetWeaver Platform (ABAP Stack) infrastructure.  It can be used to log access of SAP BW: Master data maintenance, InfoProvider administration (“Display Data” e.g. function in t-code RSA1, t-code LISTCUBE etc.), PSA and table maintenance (t-codes SE16, SM320 etc.) and Update simulation. In the SAP BW, it is recommended to use LOPD authorization based read access logging for transactional data. The BW provides a mechanism for logging all LOPD relevant access to data in reporting and planning applications. The LOPD only works only with new Authorization Concept (called Analysis Authorization) that was introduced in BW 7.x. It does not work with 3.x Authorization Concept (that one was based on authorization objects). Following Analysis Authorizations are checked when data in BW is accessed: Reporting  in  all  BEx  front  ends  (BEx Analyzer in MS Excel, Web reporting, F4   help, Planning  applications  (Integrated  Planning  and  BW-BPS), BW  interfaces  that  read  data  (RSDRI,  RSCRM_BAPI,  open  hub  service),  Most  data  sources  in  Analysis  Process  Designer (APD).

The name LODP comes from Spanish data protection law, which was introduced after year 2020. Basically; the LOPD is logging all these above-mentioned activities and stores the information in its tables:

RSECLOPDLOGC - Store for LOPD Logs

RSECLOPDLOGF - LOPD Protocol: Filter

RSECLOPDLOGH - LOPD Log: Control Data

RSECLOPDLOGI - LOPD Log: Details

RSECLOPDQFILTER - Filter within Queries

RSECLOPDQIOBJ - LOPD-Relevant Objects Within Queries

RSECLOPDQSTAT - LOPD-Relevant Objects Within Queries

 

Moreover below are basic costuming tables of the LOPD:

RSECLOPDIP - InfoProviders  registered  as  relevant for the LOPD

RSECLOPDIOBJ - groups of InfoObjects are registered that represent LOPD relevant access

 

The LOPD logs can be reviewed in t-code RSECPROT. In case LOPD is enabled in the BW system all access to LOPD-relevant InfoProviders and queries done by all user are documented in here.

 

2 Information report:

SAP BW provide tools supporting users to analyze usage of sensitive information (e.g. where-used list, master data maintenance).

 

3 Deletion of personal data:

Sensitive data can be selectively deleted in SAP BW. Where-used list to support identification of InfoProviders containing the values to be deleted is provided. Possibility to automate regular deletion tasks of transactional data within Process Chains.

 

4 Log changes to personal data:

Track changes to master and transactional data. Audit and Change Logs available to monitor changes to transaction data.

 

On top of the LOPD in the newest version of the SAP BW (7.5 or BW4/HANA) SAP has provided tool so called Data Protection Workbench (t-code RSDPP) - DPW. The DPW manages identification of sensitive data and selective deletion of corresponding transactional and master data records. SAP Information Lifecycle Management (ILM) ensures data retention management in operational systems (ERP like SAP’s ECC or S4/HANA) from data protection & privacy compliance perspective. The framework of the ILM allows persisting notifications of deleted (personal) data during ILM processes (e.g. deletion of personal data). These ILM notifications are then replicated from operational system to BW. Technically the notifications are loaded to BW’s Data Store Object, via DataSources.  There is a mapping of SAP ILM object (e.g. ‚Sales Order‘) to BW DataSources (in the latest B4/HANA 1.0 and 2.0 systems there can extraction be based on CDS views). Finally, in the BW there is DPW. It provides data protection notifications, which contain information about ILM events based on ILM objects (for example, data archiving or data destruction for a business object instance, like a sales order) mapped to application-specific data sources. So sensitive data is identified and their corresponding transactional and master data records are selective deleted.

 

More information:

933441 - Frequently asked questions on BW (BW/4HANA) and read access logging for data protection

2590321 - Upgrade recommendations to support GDPR compliance

901648 - LOPD and data protection compliance in BW 7.0

2748685 - Business Suite Data Protection Notifications for SAP BW/4HANA and SAP Business Warehouse (SAP BW)

2824456 - SAP S/4HANA Data Protection Notifications for SAP BW/4HANA and SAP Business Warehouse (SAP BW)

2642676 - NW 7.50 - BEx 7.x Java runtime – deletion of data - excluding personal user

Introducing the Data Protection Workbench of SAP BW/4HANA 2.0

Data Protection Workbench for SAP BW/4HANA   

Data Protection Workbench for SAP BW              

Monday, October 19, 2020

What SAP software still using Adobe Flash?

Adobe Flash as platform to enable animations, rich web applications, games, video or a multimedia in general in mobile and desktop web browsers has come to end of its life. As predicted long time ago (approx. in 2010) by Steve Jobs in Thoughts on Flash due to its vendor lock-in, limited accessibility, security issues, rapid energy consumption, poor performance on mobile devices etc. the other technologies (mostly HTML5) proved to be better than the Flash. Thus, the Flash Player has been deprecated and has an official end-of-life on December 31, 2020. Web browser vendors will stop supporting it means whatever software using the Flash; it will not be possible to run the flash objects in the web browser anymore.

SAP has used the Flash technology in some of its products for web user interface therefore these products will no longer function beyond 2020. It is necessary to upgrade components of SAP software that is still using the flash to remain the SAP software functional. Below I provide a short overview of some SAP software in which the Flash technology was (is) used.

 

SAP Jam – within video functionality like screen capture and webcam recording

Sybase - SAP IQ COCKPIT

SAP Data Services – in Data Services Management Console (DSMC)

SAP BusinessObjects Business Intelligence Platform (SAP BI) - SAP BI LaunchPad, Central Management Console (CMC) – uses Flash prompt screen for the parameters, Xcelsius 2008, Dashboard Design 4.0, Crystal Reports for Enterprise, Crystal Reports Designer

SAP SuccessFactors - SAP SuccessFactors Learning administration (LOD-SF-LMS), SAP SuccessFactors Recruiting Marketing "Recruiter Dash" (LOD-SF-RMK), other Advanced UI features within the SuccessFactors (e.g. lineage charts and instructional videos)

SAP BPC – the BPC version needs to be upgraded to BPC 10.1, where Adobe Flash is replaced by HTML5 technology. Component that needs to be upgraded from is:

CPMBPC        801     CPM Business Planning and Consolidation


More information:

2458598 - Deprecation of Flash Support in Browsers

2935567 - BPC 10.0 for Microsoft and BPC 10.0 for NetWeaver regarding Adobe Flash end of support

2919654 - When is the end of maintenance for the BPC10.0 NW product?

2513517 - When does mainstream maintenance end for BPC 10.0?

2929829 - BPCMS 10.1: Retirement of Management Console component based on flash


Wednesday, October 7, 2020

SAP’s divestments over years

As follow up on my other blog called SAP’s acquisitions over years I try to collects divestments of SAP too. There are not much information on this topic available on internet. Thus, my guess is that most of information will only be added in future when it will come to selling of assets.

07/2020 - Qualtrics IPO - approximately 20 months after its acquisition the Qualtrics is set to go public via preparing its IPO.

05/2020 - SAP Digital Interconnect - to be acquired by Sinch. The Digital Interconnect division was added into the SAP via to a company called Mobile 365 Inc., which Sybase acquired in 2006. The Sybase became part of SAP when the company bought Sybase in 2010.

Thursday, October 1, 2020

How to make ABAP programs selection screen test portable

While ABAP report developing; standard developer tools are having an option how to enter texts to elements of selection screen. It is available within t-code SE38 in menu Goto -> Text Elements -> Selection Texts. However, maintain the text in this way makes our ABAP programs not portable. This is because the texts entered there are not part of the source code. In case we want to move the program from one system to another just via copy & paste the Selection Texts won’t be moved and they need to be entered into target system again manually via the menu path.

However, there is a way to overcome this obstacle. The Selection Texts can be adjusted within the ABAP source code as well. For that, we can use ABAP program events like AT SELECTION-SCREEN OUTPUT or INITIALIZATION. Within those events it is possible to manipulate with variables created by PARAMETERS and SELECT-OPTIONS (also frames defined in the report can be covered like this) ABAP statements. Let say I have small ABAP program like below with the two parameters on its selection screen: 

DATAlt_adr6 TYPE adr6"just for SELECT-OPTIONS

PARAMETERS p1 TYPE uja_appset_info-appset_id.
SELECT-OPTIONSs_rec FOR lt_adr6-smtp_addr.

AT SELECTION-SCREEN OUTPUT"Set labels for sel scr
  %_p1_%_app_%
-text 'Environment Name' ##NO_TEXT .
  %_s_rec_%_app_%
-text 'Email Recipients' ##NO_TEXT .

In this case, the Selection Texts are taken not from menu but from the ABAP report source code itself.