Professional Documents
Culture Documents
1.2 Locations...................................................................................................................................................4
2.4 SAP System & Client Landscape Diagram Redraw to show each landscape horizaontally (R/3, CRM, APO, BW) Transports Paths go from Dev to
QAS, QAS to Prod. Showing DEV path directly to PROD is misleading. The diagram of the SAP Landscape does not require every server at each layer to be
displayed...................................................................................................................................................................6
3. NETWORK ENVIRONMENT...............................................................................10
3.1 Network Topology Diagram...................................................................................................................10
3.1.1 Wide Area Network..............................................................................................................................10
3.1.2 Local Area Network.............................................................................................................................10
3.1.3 SAP Network........................................................................................................................................10
5. DESKTOP ENVIRONMENT.................................................................................18
5.1 Desktop Environment Overview...........................................................................................................18
9.2 Users.........................................................................................................................................................32
9.2.1 R/3 Users..............................................................................................................................................32
10.4 Upgrades..................................................................................................................................................33
11.2 Recovery...................................................................................................................................................37
11.2.1 Restore After Disk Failure.....................................................................................................................37
11.2.5 Restore after User Fault..........................................................................................................................38
11.2.6 Restore after Database Corruption.........................................................................................................38
11.2.7 Move to Different Hardware..................................................................................................................39
1.2 Locations
Data Center :
Users :
The Spacely Sprockets project will implement one SAP components: R/3 Enterprise 4.7 Extension Set 2.00 (R/3).
Spacely Sprockets will purchase Dell Windows using servers for its Development and Quality Assurance instances and
IBM eServer xSeries servers for Production instances. IBM will be the vendor of choice for obtaining SAN storage arrays.
The OS of choice is Windows 2003 and the database will be MS SQL Server 2000.
Further implementation will create the need for servers to support Portals so ESS (Employee Self-Service) and MSS
(Manager Self-Service) subsystems can be used.
Spacely Sprockets has elected to implement the SAP recommended Three System Landscape. This landscape provides
for a Development system, a Quality Assurance system, and a Production system in a separate, self-contained
environment.
A three system landscape provides the maximum protection for isolating destructive changes, allows developer
testing without impacting the performance of other systems, and provides more flexible user training.
Quality
System
Develo
pment
Assurance Production
System System
Spacely Sprockets will be implementing a combination of two-tier, three-tier and three-tier distributed setups. Low use,
low priority systems such as the Development system will be installed with the Database Instance (DB), Central Instance
(CI), and Dialog Instance (DI) installed on one server while mission critical systems like the Production environment may
be spread across two or more servers. The last layer of the tier is always the presentation layer, which can either be
SAPGUI for Windows, SAPGUI for Java, or SAPGUI for HTML. This is the diagram of the SAP Tier System:
No configuration will be
entered in the Golden
Client. The Golden Client
will receive Transports from
the Configuration Client.
The only exception to this is
that client 100 will be the
parent client for CUA and
will contain all users, roles,
and profiles for R3D Client
200 and R3P Client 300.
SAProuter is a software router provided by SAP to communicate between SAP systems and SAP Support (formerly
known OSS). In the past, SAProuter was only available to clients willing to invest in the hardware and
implementation costs of X.25, frame relay, etc. connections. In the past few years, however SAP has adopted
technology to allow VPN communication with its clients via the internet. However SAP still has very exactly
protocol requirements due to security, and must be FAXed information as the clients expected means of
communication. This information includes client server and VPN IP addresses, type of router, etc.
You must use SAProuter to control and log the connections between SAP and your R/3 System. SAProuter is used
at SAP Active Global Support.
SAProuter will be installed on a Dell Model 2650 2.4Ghz-Dual-512K 1GB-2D which it will share with a SAP Web AS
instance supporting Solution Manager. The SAProuter table will be resides on the same server.
The denied and permitted routes and IP addresses have yet to be determined.
3.2Network Systems
4.2.1.2 OS-Users
4.2.3.2 OS-Users
SAP has exacting technical specifications for workstations supporting SAPGui. These
specifications vary depending on the operating system, patch level of the operating
system, and SAP components to be accessed via the SAPGui instance.
In order to use the most current version of SAPGui which is SAPGui 6.40 Patch Level 4, the
following criteria must be met.
SAP breaks down printer into three categories: local printing, front-end printing,
and remote printing. Local printing is the fastest print method.
Spacely Sprockets will provide a list of all local and remote printers at all supported
locations with IP address, printer model, etc. to be added to SAP. These printer will
be added in the SAP Development systems and ported into the Quality Assurance
and Production environments.
6.2.1.1 Local Printing
When you print locally, the SAP spool process sends the data to a printer that is set
up on the operating system of the application server. The print request is then
forwarded from the spool system of the operating system to the relevant printer.
You can connect the printer locally to the computer or you can access it over the
network.
The SAP spool process can access any printing system in the network that can
handle the lpr/lpd protocol. This protocol originates from BSD UNIX and is an
industry standard for controlling printing. It is supported by many modern
operating systems and by network-enabled printers.
The line printer requester is a client and sends the print data to the server (lpd
side). Using this protocol, various data formats, for example, PostScript or PCL can
be transmitted.
Window PCs do not usually have a line printer daemon (lpd). To be able to print
using lpr/lpd, SAP developed its own lpd program for PCs called SAPlpd, which is
installed with the SAP frontend. SAPlpd contains some extensions of the lpd
Remote printing is the slowest way to print from SAP. Unfortunately, most of the
hand-held output devices will need to be used via remote printing.
Another option when printing from the SAP System is front-end printing, which lets
you access printers that are not defined in the SAP spool system.
The output data is transmitted directly over the SAPGui to the front-end PC. To do
this, the existing connection between the SAPGui and the application server is used,
so that an additional network connection is not required. The SAPGui starts SAPlpd
on the front-end PC and transmits the print data to it. SAPlpd then sends the data to
the Windows standard printer or to another printer installed on the operating
system.
SAP components must be installed as detailed in the SAP Technical Installation guide for
that component.
This document will not get into the specifics of these or any other installation steps as the
SAP installation procedures are a constantly changing and evolving technology. The latest
version of the installation manuals can be downloaded from
http://service.sap.com/instguides.
Spacely Sprockets will be installing SAP R/3 Enterprise 4.70 SR 1 on Windows 2000 using
Oracle 9.2.
The installation will consist of a database instance and a central instance, plus an
additional dialog instance for R3P. For the R3D environment, all three instances will be
installed on one server. For the R3Q environment, the database will be installed on one
server with the central instance on another server. For the PRD environment, the database
instance, central instance, and application instance will be installed on separate servers.
Spacely Sprockets has elected to implement the following R/3 Enterprise Core products:
The SAP system includes a collection of tools closely linked to the ABAP workbench and the
customizing functions, which are very important for managing and coordinating development and
customizing work within a group of SAP systems. These tools form the overall Change and
Transport System (CTS).
The CTS components are in charge of performing essential functions in the overall development
and customization environment, and thus in the implementation process as well as in the
operation and support after productive start.
Integration of the CTS into the SAP landscape is dependent on the correct configuration of the
whole transport chain. The following summary guideline provides the necessary steps for
configuring the transport system, although these steps only have to be performed once.
Configuration steps are made up of three basic tasks:
Configure the transport directory and TPPARAM. The transport directory \usr\sap\trans is
created by the installation program, and is unique within SAP system type. In other words,
a \usr\sap\trans directory is created for all R/3 instances but only one directory is the
controlling transport directory for all the R/3 instances. You have to make sure that this
directory can be accessed correctly among systems within a transport group. As of R/3
release 4.6, no manual configuration of TPPARAM is necessary.
Initialize the change and transport organizer (CTO). This is accomplished by transaction
SE06 and is one of the first tasks to perform after installation of the R/3 system.
Create a default development class. To be able to transport development objects, you
must define a class which is not local (such as $TMP) or for test purposes (all starting with
T). You should define the development class in the range allowed for customers, starting
with Y or Z.
Configure transport systems and routes. This configuration step is performed using
transaction STMS. Configuration using transaction STMS should be performed in client 000
of the transport domain, that is the SAP instance controlling the flow of transports.
Spacely Sprockets will use the standard three systems in a group recommended by SAP, following
the design below. Please note that the Delivery route is determined by the functional team once
standards for Change Release and Approval have been designed.
System System
nt
SAP Delivery
R3D will be the CTS domain controller for the SAP R/3 landscape. All R/3 transport cofiles,
data files, logs, etc. will be stored in the \usr\sap\trans directory created during the
installation of the R/3 R3D system. It is mandatory that the R3D \usr\sap\trans directory be
accessible by the other R/3 instances, R3Q and R3P, as well as any application servers
dedicated to R/3 added later.
Change request creation will be limited to the R3D 100 and 130 clients.
The ZR3D transport layer will be used to facilitate transport flow from R3D to R3Q and R3P.
Transport
ZR3D
R3Q R3P
R3D
SAP Delivery
Change requests may be migrated by users between certain clients in the SAP Development
system R3D using transaction SCC1. The transports do not need to be released before this
migration can be done.
Change requests are moved from the Development instance R3D to the Quality Assurance
instance R3Q automatically. Once transports are released from in instance R3D, they are
automatically added to the R3Q import queue. A job is scheduled to import these changes into
the R3Q instance every 15 minutes. The transports in the R3Q import queue go to clients 200 and
210.
Before a change can be imported into the Production R3P instance, it must be approved using the
STMS_QA transaction by:
The Basis Support team will perform all manual transports across SAP instances.
Transports will occur between the SAP Development R3D instance and the R3Q instance
every 15 minutes. This schedule is subject to change.
Special requests for transports outside of the normally scheduled times will be performed
due to emergency situations only (ie a Production system is crashing, etc.) Poor planning is
not an emergency.
8.4.2 Releasing Change Requests for Population in the SAP Quality Assurance System
The owner of the change request, or a member of the Core Team designated to this task by
one of the project managers, will release the change request when it is ready to go into the
R3Q Quality Assurance system. Releasing change requests are not the responsibility of the
Basis Support Team. Once the Change Request is released in the R3D Development
system, it will automatically be sent to the transport queue of the R3Q Quality Assurance
system. Any change request appearing in the queue of the SAP Quality Assurance system
will automatically be transported during the next scheduled transport run. More than one
entry per change request will appear in the import queue due to movement to multiple
clients in R3Q.
Developers need to be cognitive of the fact that transports are moved into R3Q Quality
Assurance and R3P Production systems in the order that they appear in the transport
queue (ie in the order in which they were released). If any change requests must be run in
a specific order, the Basis Support Team must be notified BEFORE the change requests
have been released in order to prevent improper transport.
8.4.3 Moving Changes from the Quality Assurance System to the Production System
All Change Requests must be approved by both the functional group team leader and a
project manager before being moved into the R3P Production environment. The approval
process is in the hands of the Core Team and can be inserted here at a later date. In order
to insure that the Production environment correctly matches the environment where
changes were tested, an approval for production Change Request may be delayed pending
approval of prior Change Requests.
Approval for moves into Production can be either a transactional or written process. SAP
supplies the STMS_QA transaction to facilitate the approval process. This transaction can
be configured to meet Spacely Sprockets needs. If a written approval form is to be used,
the form will need to take into account the 4 component nature of the Spacely Sprockets
landscape.
The following page contains an example of a Change and Transport Request Form.
Requestor Date
Change requests can require post-processing after successfully being moved to a target
SAP system. While the Basis Support Team will make every effort to intercept non-zero
return codes generated from a transport run, it must be remembered that a return code of
4 often happens and is commonly ignored. It is ultimately the responsibility of the Core
Team member owning the change request to verify the proper transportation of the change
and to notify the Basis Support Team if assistance is needed with any post-processing
instructions.
At the end of each business day, the Basis Support Team will distribute a list of Change
Requests transported that day. This list will be distributed via e-mail using a Spacely
Sprockets distribution list.
The description entered at the time of the Change Request creation must follow the following
standard:
Where:
WWW is the initials of the owner of the change request
XX is the 2 letter abbreviation of the component
YYY is the client where the change request was generated
ZZZ... is a short description of the change made
Example:
JCS: BC: 000: Application of OSS Note 752052 FI Fix for GL
All SAP users will be assigned roles matching their respective job assignments. These roles
will be initially created by copying a standard SAP supplied role and modifying the copy to
match Spacely Sprockets needs. The authorization objects and authorizations contained in
each role will be designated by the Functional Team and implemented by the Basis Support
Team. All role and user configuration will take place in R3D Development instance client
100.
Once the roles have been created, users will be attached. Users and roles for R/3 will be
moved to the R3Q Quality Assurance system and imported into the Training Golden Client.
All users trained in SAP functionality will be required to use their real user IDs given to
them on the final day of user training. The users supervisor will be required to verify that
the user has shaken out their assigned role and can successfully perform all tasks for
which they have received training.
9.2 Users
9.2.1 R/3 Users
R3D: Core Team Members will be assigned a security role designed to allow
them as much access as possible while still securing the R3D instance. At
this time 3 roles have been identified: core team leaders, core team
members, and ABAP programmers. These roles will to designed to facilitate
speedy configuration, customization, and development.
R3Q: Core Team Members will have the same authorizations as in the R3D
system.
R3P: Core Team Leads will have the same authorizations as in the R3D
system until post GoLive when they will be assigned to roles fitting their
regular SAP duties. Core Team Members, including Experio consultants, will
be assigned to a display only version of the SAP_ALL role.
9.2.1.2 Communication Users
The Basis Support Team will be directly connected to the SAP_ALL and
SAP_NEW profiles. The SAP supplied users SAP* and DDIC will have their
passwords changed as soon as post-installation work as been completed.
9.2.1.4 Non-Core Team Users
All users outside of the Core Team must be assigned to a limited security role
in all R/3 systems.
Spacely Sprockets will implement Central User Administration (CUA). R3D Client 100 will
be the parent client with R3Q Client 200 and R3P Client as children in the CUA model. The
Basis team will create and maintain this model using CUA specific transactions SCUA,
SCUM, and SCUL as well inbound and outbound RFC/ALE queue functions such as SMQS.
SAP maintenance comes in the form of support packages and kernel replacements.
Support packages are changes and fixes to SAP ABAP code, and thus must be applied from
within the SAP instance using transaction SPAM in client 000 by a non-DDIC user.
Kernel patches are changes and fixes to SAP executable files stored on the operating
system of the SAP server. Kernel patches may require that the SAP instance be taken down
in order to replace programs in use when an instance is up. They are applied by a simple
file overwrite by the <sid>adm of the SAP instance.
It is important to note that it is in Spacely Sprockets best interest to install and maintain
one Basis version 6.20 and avoid having different Basis version combinations like 4.6D and
6.20. This will provide uniformity for moving changes between systems as well as making
the system maintenance process easier to perform.
All released support packages will be applied immediately after SAP system installation.
After initial installation, support packages will be installed every two months, and in an
emergency on demand. Application of support packages will be stopped six weeks before
GoLive and only SAP Notes application to correction known problems.
The support packages will be applied in the Development instance of the SAP landscape.
After one week, the support package will be applied to the Quality Assurance instance
following by installation in the Production instance a week after that.
Mass generation of all ABAP programs will be performed after every support package
application.
The newest kernel for the R/3 software will be downloaded and applied at installation time.
On other kernel patches will be done unless it is a SAP recommendation to resolve an issue.
A kernel patch will first be applied to the R3D Development instance of the SAP landscape.
As soon as the patch can be successfully tested, it will be moved into R3Q Quality
Assurance and R3P Production.
10.4 Upgrades
Upgrades to new versions of SAP software is not covered in the scope of this project.
11.1 Backup
The database of a SAP system contains critical company data, which is protected by a
backup strategy. A backup strategy must be planned carefully to meet a company's
individual requirements and tested to see if it works.
An intact and current database backup is crucial for database recovery. Recovery time is a
critical factor as R/3 is primarily an online transaction processing application. The backup
strategy should clearly define procedures for fast restore and recovery.
There are two basic types of failure which require database recovery:
Data Files
Log Files
Hitachi Consulting has provided Spacely Sprockets with a DOS Batch file that will backup
the database and log files on each R/3 server. It consists of the following code:
@echo off
rem For R3D---Create a directory on <backup_server> called R3DBackup
if exist e:\usr\sap\R3D\SYS\exe\run\saposcol.exe (
net stop MSSQLSERVER
xcopy \\10.2.5.10\R3DDATA1\R3DDATA1.mdf \\<backup_server>\R3DBackup
/Q /H /S /Y
xcopy \\10.2.5.10\R3DDATA2\R3DDATA2.ndf \\<backup_server>\R3DBackup /Q /H
/S /Y
xcopy \\10.2.5.10\R3DDATA3\R3DDATA3.ndf \\<backup_server>\R3DBackup /Q /H
/S /Y
xcopy \\10.2.5.10\R3DLOG1\R3DLOG1.ldf \\<backup_server>\R3DBackup /Q /H
/S /Y
net start MSSQLSERVER
goto :AllDone
)
rem For R3Q---Create a directory on <backup_server> called R3QBackup
if exist e:\usr\sap\R3Q\SYS\exe\run\saposcol.exe (
net stop MSSQLSERVER
xcopy \\10.2.5.11\R3QDATA1\R3QDATA1.mdf \\<backup_server>\R3QBackup
/Q /H /S /Y
xcopy \\10.2.5.11\R3QDATA2\R3QDATA2.ndf \\<backup_server>\R3QBackup /Q /H
/S /Y
xcopy \\10.2.5.11\R3QDATA3\R3QDATA3.ndf \\<backup_server>\R3QBackup /Q /H
/S /Y
Backups can be done with the database either online (hot) or offline (cold). Performing
online backups instead of offline backups:
Since online backups put an extra load on the hardware resources of the database server,
online backups should be performed when system activity is low and no time critical jobs
are running, (for example, at night).
In addition to the database backup, you need to backup the offline redo log files. If any one
of the offline redo log files is unusable, for example, due to a physical tape error, complete
recovery is not possible. Therefore, you should save each offline redo log file twice on
different tapes.
All redo log files in the archive directory which have been archived once are
written to tape.
All redo log files which have been archived twice are deleted from the archive
directory.
All offline redo log files which have not yet been archived are written to tape SAP
recommends repeating this procedure daily, to:
There are different reasons why errors may occur that make it necessary to restore the
database:
Disk failure
A disk may crash resulting in the loss of the transaction log or database files.
User fault
A user may, for example, unintentionally delete a file or import a wrong transport.
Database corruption
In rare cases, a logical error may be discovered in the database.
Move to different hardware
A disaster might have destroyed existing hardware or a move to faster hardware
might be necessary.
After a power failure the database does not have to be restored. When the power is cut off,
the system shuts down abruptly and the execution of transactions is interrupted. The SQL
Server has an automatic recovery mechanism to deal with this situation. When the
database is restarted, an automatic recovery mechanism starts working. This means open
transactions are rolled back and completed transactions that were not written to the data
files at the time of shutdown are re-executed.
The most effective method to restore a database depends on the type of error that has
occurred. Finding out exactly what happened is therefore the first step in any restore
process. The following describes different error situations and gives an overview of the
steps required to restore the database in these situations.
The procedure to follow in order to repair a damaged database after disk failure differs,
depending on how files have been allocated to disks and which of these disks have been
damaged. This documentation assumes that you have distributed your system to 3
different disk systems. This complies with SAPs recommendations that at least the
following components of your system should be located on different disks:
The SAP database normally resides on a RAID5 storage system for increased protection
against data loss. If a single disk fails it simply needs to be replaced and will not disrupt
database operation. However, if the whole RAID system crashes, the consequences are
serious. The SAP database will be damaged, work in the system will come to a standstill
and a database restore will have to be performed before resuming normal work.
To restore the database after this type of failure, you first have to immediately backup the
most recent transaction logs. Once this has been done, you can restore the database by
loading the latest database backup and applying the succeeding transaction log backups.
The SAP log records all the changes that are made to the database. They enable
transactions to be redone when a database is restored and therefore play a central role in
any restore operation. For this reason, SAP recommends that they be written to a RAID1
storage system that ensures data is protected against loss by a mirroring strategy. The
transaction log will only be lost, if the original and mirrored log disk fail.
If the entire log disk system crashes, you need to proceed in the same way as for a failure
of the SAP data disk. The only difference is that you will not, in a first step, be able to
backup the transaction logs that were in use at the time of the failure. You have to begin by
restoring the most recent database backup and then continue with the application of the
available transaction log backups.
You can only restore your database to the state it had at the time of the last log backup. All
the following changes are lost because the current transaction log is damaged and it is
therefore impossible to re-execute the changes it contains.
If your disk system with all other files except the transaction log and SAP data files fails,
this has far reaching consequences for the system. The Windows operating system, SAP
executables, SQL server executables, msdb and master databases will be gone.
The best way to rectify the situation is to restore the crashed disk on the basis of the last
available full Windows backup.
When you recognize that the data in your database is corrupted you need to diagnose the
problem more precisely. The optimal method of restoring the integrity of the database
depends on the extent and cause of the damage. You probably need assistance from your
SAP Basis consultant, in order to analyze the error and find the most effective solution. It
may be possible to repair the corrupted database. Other options are:
Database and transaction log restore
Point in Time Recovery
11.2.7 Move to Different Hardware
There are two reasons why you may need to restore the entire system on different
hardware: