Search This Blog

Friday, February 21, 2020

sybase shutdown commands and usage

This article shows us the various shutdown methods of ASE database from isql prompt

1. Normal Shutdown of ASE DB:  Adaptive Server will be shut down from which the shutdown command is issued
Usage
>shutdown
>go

2. Shutdown with no wait:  Adaptive Server will be shut down immediately
Usage
>shutdown with nowait
>go

3. shutdown SYB_BACKUP: Shutdown local backup server
usage
>shutdown SYB_BACKUP
>go

4. shutdown REM_BACKUP: Shutdown remote server backup
usage
>shutdown REM_BACKUP
>go

5. shutdown cluster: Shuts down the current cluster
usage
>shutdown cluster
>go

6. shutdown ase1: Instance “ase1” will be shut down leaving the cluster running
usage
>shutdown ase1
>go

Restore and recover ASE databse



This article helps us with the procedure of Restore and Recovery of Sybase ASE database

Before Loading (restore) and recover, ensure that no-one is connected to DB using below command

 isql -Usa -STST -w300 -P -X

> (Provide password)

>sp_who

>go


Once you confirm that anyone is not connected to DB, then start loading the database
Load database from "


example

>Load database TST from "/Dumpdir/TST_bkp1.dmp"
>stripe on "/Dumpdir/TST_bkp2.dmp"
>stripe on "/Dumpdir/TST_bkp3.dmp"
>go


once database is loaded, we've two options here


1. Bring the database online

2. Recover the database.

As i might wish to means the recover option also, we'll accompany second option

recover the database using below command


>load transaction TST from "/Dumpdir/TST.trn
>with until time= 'January 16, 2019 10:32 am
>go


Up on the recovery of database, bring the database online using below command


>online database TST
>go


your database in now online.



Thursday, February 20, 2020

Reconfiguring Public-key certificates



This article shows the procedure to re-configure public key certificates post refresh/migrations

Procedure:
Run Netweaver administrator and go to configuration management --> Security tab and select Certificates and Keys

Select the TicketKeystore entry and delete the SAPLogonTicketKeypair and SAPLogonTicketKeypair-cert entries in "Key Storage view details" section at rock bottom of the page


Create a brand new Key pair and Public Key certificate

Click Create


Enter the following information

Entry Name: SAPLogonTicketKeypair

Algorithm: DSA

Key Length: 1024

Store Certificate: Ensure checked


Click next and enter

countryName: DE

organizationalUnitName: J2EE

comonName: 


Click Next


Click Finish


Export the certificate:

Select the SAPLogonTicketKeypair-cert entry and click export entry


Click on the download link


Click save (and save it to a local file)

Import certificate:

Login to SAP system and run transaction STRUST.

Import the certificate just exported (Menu path Certificate --> Import). Make sure that the file format is that the same as that wont to export the certificate


Click on Add to Certificate list.


Your public key is ready now

Edit INTEGRATION_SERVER Business



This document allows us to understand the procedure of editing Integration server business in SAP PI/PO system.

Procedure:
Edit Business system INTEGRATION_SERVER_<SOURCE_SID> in the SLD and adjust to use the <TARGET_PI> technical system

Access the SLD in <TARGET_PI> and select Business systems


Locate the entry  INTEGRATION_SERVER_<SOURCE_SID>


Go to the small print screen and choose the integration tab


For the technical system line, click on Change

Change the system to <TARGET_PI> and select the correct client in <TARGET_PI>


Click on the save button


Fix the pipeline URL and the configuration URL to point to <TARGET_PI>.  don't make any changes to the Group to be updated by the PI Apps team

Click on the associate with XI button then click save


On the installed software tab, make sure that the installed checkbox for SAP Netweaver PI product is ticked and click on save




Restore the JAVA system connections and destinations as PI refresh post action



This procedure is one among the post refresh action of SAP PI/PO system.
It explains on the way to restore the Java system connections (JCO) and destinations post refresh.

Run the NWA and access “Jco RFC Destinations” (Menu path à Configuration Management--&gt; Connectivity--&gt; Jco RFC provider).

For every connection, set the configuration details from details taken before;


Delete all the Jco connections for the <SOURCE_PI> System (*_<SOURCE_SID>), replacing them with connections for <TARGET_PI>.


Access “SLD Data Supplier Destinations” (Netweaver admin: Configuration Management--&gt;Connectivity--&gt;Destinations). 

Update all connections with the data saved prior to the refresh.  Use the ping option to test each connection

Check the connections in the ABAP engine using transaction SMGW (Goto --&gt; Logged on Clients)

All connections should be for <TARGET_SID>



Change all spool servers to the new one

Spool server is the one in which all the network printers are assigned. it has to be reassigned in below cases.

system refresh
migrations
If spool server is changed

Below is the procedure to change the spool server assignment to new one.

Run Transaction SPAD and from the menu àutilities->for output devices->assign server.
Enter the following;
Output device *
Old spool server *
New spool server <click on the drop down box and select>
Display list

Reconfigure the transport system as post refresh task

Below procedure shows us on the way to re configure TMS within the refreshed system.

With user DDIC, logon to STMS Domain Controller in client 000 
Choose System Overview
Delete from the transport domain

Logon to 000 client with DDIC user
Run transaction STMS
Enter details as appropriate
Save

On STMS Domain Controller

Run transaction STMS again
Select and approve back into the transport system.

Choose System Overview – Select , Extras -> Distribute & Activate Configuration

Also, check and correct the transport routes

Now TMS configuration is prepared within the refreshed system.

Secure store Key Phrase

Below command is required to see secure store key phrase during Java export.
If we don’t have the key phrase, the export taken is of no use.
This is the most pre-requisite for Java migration (export/import) procedure.

Check the key phrase as follows;

Login to <SOURCE_PI> as user <s_sidadm>
cd <Global directory>

Execute below command from the global directory

/sltools/checkKeyPhrase.sh -f /security/data/SecStore.properties

Enter the phrase when prompted and you ought to get the message "The key phrase is correct." if you've got entered the right value

This will be essential during the system copy phase


Note: If Keyphrase is not correct, we need to solve it before exporting Java DB.



Tuesday, February 18, 2020

SAP Host agent auto upgrade procedure



We should maintain latest version of saphostagent in sap environment as solman gets the info from satellite systems wit the assistance of saphostagent.

This topic is to point out the feature to upgrade saphost agent automatically without manual intervention.
Only thing is we'd like to form sure the SAR file is downloaded and staged within the auto_upgrade directory.

Procedure to enable Auto-Upgrade feature for SAP Hostagent

SAP Hostagent has an auto upgrade feature which may be enabled as per note 1473974.


Please add the subsequent Parameters to SAP Hostagent Profile file for Linux (/usr/sap/hostctrl/exe/host_profile).


hostexec/autoupgrade_delay = 1440

DIR_NEW = //SAP/SAPHOSTAGENT/Linux/auto_upgrade

service/EnableRemoteDeployment = true

service/protectedwebmethods = NONE


1440 in hostexec/autoupgrade_delay is mentioned in minutes which translates to 24 hours (24*60 = 1440)


For Windows and HP-UX, use below paths present.

*DIR_NEW=//SAP/SAPHOSTAGENT/HP-UX/auto_upgrade

*DIR_NEW=//SAP/SAPHOSTAGENT/Windows/auto_upgrade


Note: Please restart Hostagent with below command for the parameters to require effect.


As root

Change to below dir

/usr/sap/hostcontrol/exe

./saphostexec -restart


If these parameters are activated, Hostagent automatically takes care of the upgrade by checking the trail mentioned in DIR_NEW and initiated an upgrade automatically when there's a replacement version available in this directory.



SAP GUI SNC Configuration

Below mentioned configuration is essential to enable the secure network communications (SNC) between SAP GUI and SAP ABAP systems.

Prerequisites:

Along with SAP BASIS related transcations, we'd like below additional transactions.

SNCCONFIG

SNCWIZARD


We also need below details

SAP System ID

Fully qualified message server hostname

Installation number

CommonCryptoLib version must be at least CommonCryptoLib 8.5.2.

snapshots of SAP instance, default profiles,SNCCONFIG and STRUST settings.

Transaction RZ10 > Import the most recent version of profiles

Take backup of profiles at OS level


Procedure:

Configure SNC

Transaction RZ10 > Import the newest version of profiles

Transaction SNCWIZARD


Continue

Copy and paste the details like  SNC identity parameter generated by the wizard here:

p:CN=, OU=, OU=SAP Web AS, O=SAP Trust Community, C=DE


Replace the parameter value with the subsequent format, per your client CA requirement:

p:CN=, OU=, L=, O=, SP=, C=, EMAIL=<email>


Please note:

The message server host is defined within the SAP Logon pad. 

The installation number, OU=, is unique to each SAP environment. 


Continue

Continue

Continue


If you are prompted to configure Kerberos Credentials, click on Skip.

Continue


Transaction STRUST opens in a separate window.

Expand folder and double-click on SNC SAPCryptolib

The self-signed SNC SAPCryptolib certificate created via SNCWIZARD earlier occurs here.

Click on to Create Certificate request

Select all and replica the certificate (without empty lines)

Paste in Notepad (without empty lines) and reserve it as “_SNC.csr”.
Exit transaction STRUST and return to SNCWIZARD

Complete

Request client signed certificate

Update DEFAULT.PFL

While expecting the signed certificate, update the subsequent parameters in DEFAULT.PFL.


Verify the file libsapcrypto.so exists on the OS level, in /usr/sap//SYS/exe/run directory.

Transaction RZ10

Parameter Required value

snc/gssapi_lib usr/sap//SYS/exe/run/libsapcrypto.so

spnego/enable 0

Save changes.

Need to restart SAP application once parameter changes are done.. 

Import client signed certificates (*.p7b file)

Double-click to open the *.p7b file


Expand certificates

It contains 3 certificates - Issuing, Root & Server.


All 3 certificates must be exported and combined in a single text file. Here is how …

Right click on the server certificate “<host>.<domain>.com” > All Tasks > Export in Base-64 encoded X.509 format, save each *.cer to your desktop location.


Next

Select “Base-64 encoded X.509 (.CER)” > Next

File name = Next

Finish

OK


Repeat an equivalent steps above to export "root" and "issuing" certificates

Close the certmgr screen.

Open each *.cer file with Notepad, combine all 3 certificates into 1 document , during this specific order - server, root and issuing.

Delete any extra empty lines or carriage returns.

Then, save as a text file. For example: __signed.txt



Login to SAP system

Execute transaction STRUST

Click on to switch to change mode


Expand folder and double-click on SNC SAPCryptolib

Under Own Certificate, select "Import certificate response"


Copy and insert the certificate chain - server, root & issuing, confirm there are not any empty lines at the start and end of the file.


Continue

SNC certificate is now signed.


Click on to save changes.


Restart SAP after succesful  SNC configuration, Update the GUI entry and test SNC connection.





BW on HANA migration procedure

BW on HANA important SAP links


Below Links are considerably useful to urge the complete information on preparation, execution and post processing. Please undergo the links and obtain an summary on BW on Hana migration.