If you are having performance issues, of if you have done intensive data archiving or technical cleanup in your system running on Oracle, you need to consider the Oracle statistics. Without proper statistics the performance of your system will be sub-optimal or even bad.
Questions that will be answered in the blog are:
How to run Oracle index statistics update?
How to use the update as part of technical cleanup?
Oracle index statistics update
To run the Oracle index statistics update, go to transaction SE38 and start program RSANAORA:
To redo the statistics of an index fill out the table and index in the format: table~index. In this example the main index (0) of table BALDAT is chosen: BALDAT~0.
Run the update and wait for it to be finished:
Repeat this for every index defined in your system (lookup in SE11, button Indexes).
Runtime will depend on the amount of entries in the table and the type of infrastructure. Test on acceptance system before running in productive server.
Index run for almost empty tables
If your table is empty or almost empty you can also run RSANAORA with the option Alter index rebuild online. This will speed up read performance for that table index.
Regular runs
If you have setup regular technical clean up jobs as explained in this blog, you can opt to schedule a last step in the clean up job the update of the statistics program RSANAORA. This will ensure best performance while it will hardly cost you time.
The new solution has 2 locking transactions: SM01_DEV for client independent locking and SM01_CUS for client dependent locking.
SM01_DEV locking transaction
Start tcode SM01_DEV:
In this example we will lock transaction SE30_OLD. On the next screen select the transaction and press the lock button. Fill out the transport number. End result:
When starting SE30_OLD you now get this error message:
SM01_CUS locking transaction
In this example we want to lock transaction S_ALR_87012271. The start screen is identical to SM01_DEV. If you want to lock the transaction you get a popup screen in which you can differentiate for WinGui or non WinGUI.
The transaction will be locked, but not be put into a transport. If you want to transport the lock, you have to use the transport button.
After locking tcode S_ALR_87012271 and starting it you get this message now:
The transaction is now only locked in the local client. If you have more client or want a full central lock, then you have to run SM01_CUS from client 000.
Differences SM01_DEV and SM01_CUS
Differences between the 2 transactions:
SM01_DEV locks global and has mandatory transport
SM01_CUS locks per client and has an optional feature to transport
Overview of locked transactions
Program RSAUDITC can be used to get an overview of all locked transactions.
This blog will explain the steps need to make the SAP workflow engine to work. If you have to set up the SAP workflow engine in S4HANA, please read this dedicated blog.
Questions that will be answered are:
How to execute the automatic workflow configuration?
What are common issues with workflow configuration?
How to test the automatic workflow configuration?
What other settings are to be done for custom workflow building?
Automatic workflow configuration
To setup workflow configuration start transaction SWU3. This brings you to the Automatic Workflow Customizing screen.
If the system is new then you see most of the icons are red. Hit the Automatic Customizing button.
Depending on your version all actions might be completed. In this step in the background the user WF-BATCH is created along with the RFC connection WORKFLOW_LOCAL_<CLIENT>.
In the newer versions of SAP netweaver this automatic step might end up with this status:
Zooming in on the RFC connection issue:
You will see as analysis that the user WF-BATCH is not yet created. In the newer SAP versions SAP expects you to create WF-BATCH first, before you run the automatic workflow configuration. If you have done the auto configuration and get this message, just create WF-BATCH user in SU01. Then restart SWU3 and repeat the step for automatic customizing. It will be correct:
Testing the workflow setup
On the SWU3 screen hit the Start Verification Workflow button (if needed accept the event linkage activation). Be patient now for at least 5 minutes, since in the background normally a lot of code is compiling. Then go to the inbox to check if you validation workflow was properly launched. In S4HANA the button is no longer there on the SWU3 screen to jump to the inbox. You still can use the inbox button on the SAP start screen or use transaction code SBWP.
In the inbox you should see an item. Open it and make a decision:
This will end the verification.
Common issues
Most common issue is to execute the automatic customizing without sufficient authorizations.
Best practice from SAP basis: execute SWU3 directly after installation with SAP_ALL still attached to your user ID. Then only hand over the system to the authorization team. After activation, you can remove SAP_ALL and provide the authorizations as explained in OSS note 1574002 - WF-BATCH and SAP_WFRT Authorizations.
How to use changes in operation mode during runtime issues?
Operation modes explanation
In SM50 you can see the overview of work processes (in SM66 for all servers if you have more). The work processes are divided into online DIA, background BTC, update UPD, etc. The number of work processes is limited. During a working day normally more dialog processes are need for end-user usage. During the night typically more background batches are running.
This is where the operation modes come into the picture: you can setup these different modes and assign them to a timetable. The system will then have for example less dialog and more batch processes available during the night.
Operation modes setup
Start transaction code RZ04 for setting up the operation modes screen. Hit the create operation mode button:
Give a short key name and description for the operation mode. In our example we will set up simple DAY and NIGHT.
The initial screen after creation is empty:
You now need to maintain the instance data and assign the created operation modes:
It is import to check if this is active or not. When in doubt select the menu Instance and entry Set to active.
Also in these screens: press the save button locally and on the top of the screen.
Later on you can always change the work process distribution:
Put the cursor on the type (example Background) and use the plus and minus to increase or decrease the amount.
Make sure both DAY and NIGHT are properly setup now. Check in RZ04 start screen.
Amount of DIA versus non-DIA processes
To avoid issues, make sure the amount of DIA work processes is always greater than the amount of non-DIA work processes. See point 4 of the SAP OSS note 1970757 – Outbound qRFC scheduler with status RES_LACK. This note explain issues you can get in your system if you don’t apply this rule.
Time table assignment
Now that we have the two operation modes DAY and NIGHT, we need to tell the system when to use which one.
In the RZ04 main screen choose menu Operation Mode and then Timetable (or transaction SM63 directly). You reach the initial time table screen:
Choose the normal operation. Here you assign the operation mode to the time table:
This UI is bit unfriendly: double click on first time, then on last time, then assign operation mode. When done save the input.
Result in RZ04:
Activation of operation mode
Now this is done, you might check in SM50 to see nothing has changed. This is because the operation mode is defined, but not activated yet to run.
Go to transaction RZ03 and choose the operation mode you want to go to by selecting the Choose operation mode button.
In the menu select Control, Switch Operation Mode, All servers. Confirm the switch.
Now if you check in SM50 you see the switch is almost immediately effective.
Change of operation mode during system issues
During system issues you might want to use the switch in operation mode or change the work process distribution.
Use case 1: project team needs to do conversion on the fly in the system and did not notify basis team. All batch processes are filled up. Temporary quick solution: switch to NIGHT profile.
Use case 2: somehow the update processing is slow and you see bottleneck in UPD processing. Temporary quick solution: change the DAY profile to have 1 or 2 more UPD processes and less of something else. Save DAY profile and goto RZ03 to activate. After issue is resolved, don’t forget to revert back to normal. In this case it might be due to growth that anyhow more UPD processes were needed in the system.
Bug fix OSS notes
Please check following bug fix notes in case of issues:
Transaction SBPT brings you to the parallel background test environment:
Here you can evaluate your settings.
Real live use
Some SAP transaction use parallel execution. Example is transaction code FAGL_MM_RECON.
More on load balancing
Parallel processing is an important part of load balancing across multiple application servers. More on load balancing can be read in this dedicated blog.
In the blog on readiness check 2.0 we explained how you can perform analysis on your system as preparation for the S4HANA upgrade. This blog will explain how to run detailed analysis on your custom code as preparation for S4HANA upgrade. Pre-condition is that you have installed 7.52 netweaver system and done the configuration for remote ATC as described in this blog.
Questions that will be answered in this blog are:
What do I need to do in order to set up the remote S4HANA readiness check in ATC?
How to run the remote S4HANA readiness check?
How to handle the results of the remote S4HANA readiness check?
How to set up remote ATC for S4HANA readiness check?
To run the remote ATC for S4HANA readiness check you must install a netweaver 7.52 system and configure the remote ATC. Instructions can be found in this blog.
In the SAP code inspector (for details see this blog) you can now find the S4HANA readiness variants:
How to run the S4HANA readiness in ATC?
To run the S4HANA readiness variant create in the ATC tool (for all details see this blog) a special S4HANA readiness run series:
In this run it is important to put your analysis system object provider into the variant!
Now start the ATC run and be patient. The run might take a few hours pending on your system size and Z code base sizing.
You can monitor the progress in the ATC run monitor:
You can also see here if any tool issues were reported. If tool issues are present, click on the underlined number and see if you can solve them. Most issues are SAP bugs and you need to apply an OSS note. Before creating new message for SAP make sure you have applied all recent notes for the S4HANA readiness check (2436688 – Recommended SAP Notes for using S/4HANA custom code checks in ATC) and all the remote ATC notes as explained in the remote ATC blog.
How to handle the results?
If the ATC run is finished you can look at the results in the central system:
The results consist of a code point where a potential issue is. If you click on the code point you jump to the analyzed systems code.
There is also a note number which explains what you need to check.
Now basically 3 things can happen:
You can fix the issue directly: nice, the next run the issue is gone.
You read from the OSS note the function has changed or is no longer present in S4HANA. Read the OSS note for alternatives or check with your functional consultant on functional alternatives. Example of change is the way output and pricing is done. You know now it will be changed, but you cannot prepare in the current system. Use the list as input for project management for work estimation.
You read from the OSS note the potential issue and conclude it is not relevant for your situation. Example is material number length handling. If you use material numbers properly this is not relevant for you, but the tool will generate massive amounts of alerts. But maybe in some cases you need to intervene.
To distribute the results, apply OSS note 2499684. This enables you to download the ATC results into xls spread sheet. From here it is easier to follow up if action is needed for long list (like material number length) or not.
More important, you need to run the ATC a few times, after every main clean up round. But some notes you might have detected as not relevant and you want to exclude them.
To do this copy the SCI S4HANAREADINESS variant to your own variant. Then change the SCI variant to exclude the OSS notes you don’t want to see any more:
Now rerun the ATC with the new variant. The list you get will be smaller. Repeat this iterations as long as needed.
Don't change the originally SAP delivered SCI variants. New features and bug fixes by SAP will update this variant. If you have an updated SAP variant, simply copy it again to your Z variant and redo the exclusion of OSS notes.
S4HANA 1809 update and beyond
If you previously installed remote ATC for a 1709 check and want to run now for S4HANA 1809 or higher version, there are a few update steps to follow.
Step 2 is to update the simplification content to version 1809. You have to download the content from SAP software site and upload it in your ATC 7.52 system. For this step follow the instructions from OSS note 2241080 – SAP S/4HANA: Content for checking customer specific code.
Short summary of these steps in this note: download the most up-to-date simplification database:
In the 7.52 central ATC system use tcode SYCM to upload this file.
Now you are good to go for the S4HANA 1809 readiness check for custom code.
For S4HANA 1909, S4HANA 2020 and S4HANA 2021 the notes have different numbers:
If you set this to 1 then only people with the right privilege can log on to the system. The parameter is immediately effective. All non-privileged users will get this error when they try to log on to the system:
After the system maintenance you can set the parameter back to normal and everybody can log on again. User history is not touched.
Be aware this is a dynamically switchable parameter. If you set the value to 1 and need to restart the system during your maintenance the value after restart is back to 0, which means everybody can log on again.
How to assign the privilege to log on to basis administrators?
First you need to create or extend the user security policy for basis admins using transaction SECPOL. Add the policy attribute SERVER_LOGON_PRIVILEGE and set it to value 1.
Now you can add this security policy to all basis team members in SU01:
All persons with security policy ADMIN are now still allowed to log on during the maintenance when parameter login/server_logon_restriction is set to 1 in RZ11.
Other use of security policies
Security policies can also be used to enhance security of specific user groups (like basis team). See this blog for more on this feature.
This blog will explain how to get text on the SAP logon screen before users logon and on the screen after users logon.
If you want to load a picture after the logon screen, please read this blog.
Questions that will be answered are:
How to add a text to the logon screen?
How to include icons?
How to put a text after the logon screen in stead of a picture?
How to put a clickable URL in the text after the logon screen?
Setting text before logon
The text to be shown before logon is maintained via transaction SE61. Select General text and for the name select ZLOGIN_SCREEN_INFO.
Now press change:
Enter the text you want to show to the users.
If you want to show SAP icons in the text start transaction SE38 and run program RSTXICON. Run it as ABAP list. Look for the icon you want and lookup the code. Please it between 2 @ symbols.
After the logon screen you can either add a picture or a web url. But no text or text with hyperlink. To achieve this we will do a small development trick. We put the text on a web dynpro page and add the web dynpro page as URL for the start screen.
First develop the web dynpro in SE80:
We will call the web dynpro ZSTARTPAGE. In our example there is a text (caption) and a LinkToUrl. The LinkToUrl has a text and a hyperlink and will show as a clickable element to the user. Save and generate the web dynpro. Test the web dynpro and note down the URL of the web dynpro.
Start transaction SM30_SSM_CUST to maintain the customizing for logon screen and other items. In the parameter SESS_URL fill out the web dynpro URL. If the parameter SESS_URL does not yet exist, just create it.
This blog will explain how to setup SAP batch job interception.
Questions that will be answered in this blog are:
How to activate SAP batch job interception?
How does an intercepted job look like?
Activating SAP batch job interception
Before you can begin the setup of the batch job interception you must run program INITXBP2 in SE38:
Next you have to start transaction CRIT and create the profiles.
First create the default SAP profile by clicking on the SAP logo. Activate it. Next step is to create the profile in which you want to do the interception. In the screen above click on the create profile button. Now enter a criteria. For simplicity we have called it interception. In our case we intercept all except a list of authorized users. In the user list we include the basis users and the background users (in this example WF-BATCH). Save the data.
Next step is to activate this profile:
Working of interception
When a batch job is planned the interception checks if the job should be intercepted or not. As a test logon as end user and launch a job. In our case the user ENDUSER tries to launch a job from SLG2 transaction to delete application logs. This jobs is intercepted and shows like this in SM37:
The job does not start immediately, but shows in intercepted state. If user with release rights now goes to SM37 for this job, he can release the intercepted job.
This blog focuses on SAP mail sending tips and tricks.
Questions that will be answered are:
How can I add a disclosure to the mails I send form non-productive systems?
How do I restrict access to transaction SOST?
Which batch job to plan for sending mails?
How can I send encrypted or signed mails?
Is there a display only version of SCOT available?
How to send hyperlink in mail using ABAP?
Adding disclosure from to mails from development and test systems
If you want to send mails from development and test systems, but don’t want any risk that it looks like a productive mail, you can add a disclosure to the mail.
In SOST mail settings go to the disclosure function:
Or you can go directly there using the SODIS transaction.
In SODIS you key in the disclosure text:
If you want you can test for any mail address if the disclosure will be shown or not by using the Routing Test function:
When sending mails from the SAP system the receiver now gets the disclosure. The real mail is pushed as text in the attachment of the mail (see OSS note 2842085 – Email body becoming to attachment in receiver side). You need to open the attachment to see the body of the text. Hyperlinks in the body will still work.
Restricting access to SOST transaction: give SOSG access
As admin you might want to restrict access to SOST transaction. This transaction is also often used by functional consultants to see if their mail is sent or not. When having access to SOST all functions like deletion and stopping of mails is also granted. What you can do is fully restrict access to SOST and grant the functional consultants access to transaction SOSG to display the mail status. It looks same as SOST, but has additional authorization checks. See also OSS note 2351372 – User access to transactions SOST, SOSV, SOSG and SOSB.
SAP mail sending can also use mail receipts. This might be wanted, but most of the times it is not wanted. More about read receipts is explained in OSS note 2161462 – How does Read Receipt work in SAPConnect?
