Professional Documents
Culture Documents
Duet e Depl Guide Installation Guide
Duet e Depl Guide Installation Guide
Duet e Depl Guide Installation Guide
Copyright
Copyright 2011 SAP AG. All rights reserved. SAP Library document classification: PUBLIC No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. Microsoft, Windows, Excel, Outlook, and PowerPoint are registered trademarks of Microsoft Corporation. IBM, DB2, DB2 Universal Database, System i, System i5, System p, System p5, System x, System z, System z10, System z9, z10, z9, iSeries, pSeries, xSeries, zSeries, eServer, z/VM, z/OS, i5/OS, S/390, OS/390, OS/400, AS/400, S/390 Parallel Enterprise Server, PowerVM, Power Architecture, POWER6+, POWER6, POWER5+, POWER5, POWER, OpenPower, PowerPC, BatchPipes, BladeCenter, System Storage, GPFS, HACMP, RETAIN, DB2 Connect, RACF, Redbooks, OS/2, Parallel Sysplex, MVS/ESA, AIX, Intelligent Miner, WebSphere, Netfinity, Tivoli and Informix are trademarks or registered trademarks of IBM Corporation. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. Adobe, the Adobe logo, Acrobat, PostScript, and Reader are either trademarks or registered trademarks of Adobe Systems Incorporated in the United States and/or other countries. Oracle is a registered trademark of Oracle Corporation. UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group. Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered trademarks of Citrix Systems, Inc. HTML, XML, XHTML and W3C are trademarks or registered trademarks of W3C, World Wide Web Consortium, Massachusetts Institute of Technology. Java is a registered trademark of Sun Microsystems, Inc. JavaScript is a registered trademark of Sun Microsystems, Inc., used under license for technology invented and implemented by Netscape. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer, StreamWork, and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries. Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, Crystal Decisions, Web Intelligence, Xcelsius, and other Business Objects products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Business Objects Software Ltd. Business Objects is an SAP company. Sybase and Adaptive Server, iAnywhere, Sybase 365, SQL Anywhere, and other Sybase products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Sybase, Inc. Sybase is an SAP company. All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary. These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.
Table of Contents
1. Introduction ................................................................................................................................................... 1 1.1 Before you begin .................................................................................................................................... 1 1.2 Coordination between SAP and Microsoft ................................................................................................... 2 1.3 SCL Overview ........................................................................................................................................ 2 1.4 Planning the System Landscape ...............................................................................................................2 1.5 Hardware and System Requirements for Duet Enterprise ............................................................................. 3 1.5.1 Gathering Information for Installation .............................................................................................. 5 1.6 Performing Installation Using the Duet Enterprise for Microsoft SharePoint and SAP Wizard ............................. 6 Wizard Prerequisites............................................................................................................................... 7 1.6.1 Pre-Wizard Installation Procedures ................................................................................................ 10 1.6.2 Using the Duet Enterprise for Microsoft SharePoint and SAP Wizard ................................................... 11 1.6.2 Post Wizard Installation Procedures ............................................................................................... 11 1.7 Prerequisites ........................................................................................................................................ 12 1.7.1 Important SAP Notes ................................................................................................................... 12 1.7.2 Activating the Services ................................................................................................................. 13 1.7.3 Setting Profile Parameters ............................................................................................................ 14 2. Installing Duet Enterprise .............................................................................................................................. 15 2.1 Installing the SCL Components ............................................................................................................... 15 2.2 Configuring Settings for the SCL ............................................................................................................. 16 2.3 Setting Up User and Authorization Administrator for the SCL ..................................................................... 17 2.3.1 Create and Assign SCL Administrator Role ...................................................................................... 17 2.3.2 Create and Assign SCL User Role ................................................................................................... 19 2.4 Activating BC Sets ................................................................................................................................ 22 2.5 Specifying Configuration Settings of the SharePoint Server ........................................................................ 23 2.5.1 Configuring the SLD ..................................................................................................................... 23 2.5.2 Defining Settings for Idempotent Services ...................................................................................... 24 2.5.3 Creating RFC Destination for Outbound Queues ............................................................................... 24 2.5.4 Registering the bgRFC Destination for Outbound Queue ................................................................... 25 2.5.5 Creating bgRFC Supervisor Destination .......................................................................................... 26 2.5.6 Checking bgRFC Configurations ..................................................................................................... 26 2.5.7 Creating RFC Destination for WSIL Service ..................................................................................... 27
2.6 Establishing Connections to an SAP System and the SharePoint Server ....................................................... 28 2.6.1 Configuring the SCL Host to use SAML Authentication ...................................................................... 29 2.6.2 Mapping User Data in the SAP System and the SharePoint Server ..................................................... 36 2.7 Creating Endpoints for Duet Enterprise Services ....................................................................................... 41 2.7.1 Creating and Activating Endpoints for all Scenarios .......................................................................... 41 2.7.2 Create the Duet Enterprise SAML Profile ......................................................................................... 42 2.7.3 Release Duet Enterprise Services .................................................................................................. 43 2.7.4 Loading and Preparing the BDC Models .......................................................................................... 45 2.7.5 View Archives of Uploaded BDC Files .............................................................................................. 48 2.8 Specifying SCL Configuration Settings to SAP Systems .............................................................................. 49 2.8.1 Defining Trust between the SCL Host and your SAP Systems for Type 3 connections ............................ 49 2.8.2 Creating a Type 3 RFC destination on SCL Host to SAP System ......................................................... 50 2.9 Create Type G RFC Destination to the SCL ............................................................................................... 53 2.10 Configuring Notification Mails ............................................................................................................... 55 2.11 Setting Up Role Synchronization ........................................................................................................... 56 2.12 Activate the SharePoint Server as a Consumer ....................................................................................... 57 2.13 Activating the SCL .............................................................................................................................. 57 3. Configuring Duet Enterprise Specific Content ................................................................................................... 58 3.1 Configuring Workflow ............................................................................................................................ 58 3.1.1 Activate Workflow BC Set ............................................................................................................. 58 3.1.2 Maintain Workflow Context Data .................................................................................................... 59 3.1.3 Retrieve Endpoint Information ...................................................................................................... 60 3.1.4 Create a Logical Port .................................................................................................................... 61 3.1.5 Customizing Duet Workflows Patterns ............................................................................................ 62 3.1.6 Customizing Workflow Patterns ..................................................................................................... 63 3.1.7 Running Scheduled Reports (Jobs) ................................................................................................. 65 3.1.8 Creating Roles and Assigning Authorization Objects in SAP System .................................................... 67 3.1.9 Manage SAP System Aliases for Workflow ....................................................................................... 68 3.1.10 Check Event Handler .................................................................................................................. 70 3.1.11 Check Adapter Class .................................................................................................................. 71 3.1.12 Create Consumer Proxy .............................................................................................................. 71 3.2 Configuring Reporting ........................................................................................................................... 74 3.2.1 Activate Reporting BC Set............................................................................................................. 74 3.2.2 Defining the Number Range Interval for Reporting Objects ............................................................... 76 3.2.3 Managing System Time Points ....................................................................................................... 77
1. Introduction 1.1 Before you Begin 3.2.4 Retrieve URL for Logical Port ......................................................................................................... 78 3.2.5 Create a Logical Port .................................................................................................................... 78 3.2.6 Manage SAP System Aliases for Reporting ...................................................................................... 79 3.2.7 Manage Source Systems, Report Types and Formats on the SCL ....................................................... 80 3.2.8 Configure a Report ...................................................................................................................... 81 3.2.9 Check Event Handler.................................................................................................................... 83 3.2.10 Check Adapter Class .................................................................................................................. 83 3.2.11 Create Consumer Proxy .............................................................................................................. 84 3.3 Configuring Starter Services .................................................................................................................. 86 3.3.1 Activate Starter Services BC Set.................................................................................................... 86 3.3.2 Configure the Service Provider for Starter Services Endpoints ........................................................... 89 3.3.3 Retrieve External Identifier ........................................................................................................... 91 3.3.4 Export the Profile ........................................................................................................................ 91 3.3.5 Manage Web Services .................................................................................................................. 91 3.3.6 Create a System Connection ......................................................................................................... 92 3.3.7 Create the Account Maintenance User ............................................................................................ 93 3.3.8 Create a Business Scenario Configuration ....................................................................................... 93 3.3.9 Manage SAP System Aliases ......................................................................................................... 94 3.3.10 Add the System Alias and Roles to all Starter Services Relevant Object Groups ................................. 95 3.4 Configure Code Lists ............................................................................................................................. 97 3.5 Caching Code Lists ............................................................................................................................... 98 3.6 Configure Document Upload Option ........................................................................................................ 99 3.7 Configuring User Profile Synchronization ............................................................................................... 100 3.8 Retrieving the URL for the "View Inquiry in SAP System" Link .................................................................. 100 Appendix 1 Service Consumption Layer Overview ............................................................................................. 101 Cross-Phase Documentation ...................................................................................................................... 101 Overview of the Service Consumption Layer ................................................................................................ 102 Architecture of the Service Consumption Layer ...................................................................................... 102 How Service Consumption Layer Works ................................................................................................ 104 Appendix 2 - Duet Enterprise Deployment Worksheet ......................................................................................... 106 Deployment Worksheet ............................................................................................................................. 106
1. Introduction
1. Introduction
Duet Enterprise enables customers and partners a way to consume and extend SAP applications through Microsoft SharePoint and Microsoft Office 2010 The product brings together the two different worlds of process (SAP Applications) and collaboration (Microsoft SharePoint), by providing an Interoperability layer (the service consumption layer (SAL) that ensures all the basic plumbing between the two systems is addressed so that customers and partners can focus on innovation. Besides the ability to create Duet Enterprise Composite solutions, Ready to Use Capabilities ensure quick time to value, for example, ability to Collaborate on the fly around data from SAP applications or enable SAP workflow items to surface in Microsoft SharePoint or Outlook with additional contextual information from SAP and can be collaborated around This guide provides the steps for installation and configuration of Duet Enterprise on the service consumption layer (SCL). The SCL is a framework that connects Duet Enterprise business users to SAP systems. This guide does not contain the installation and configuration procedures for Duet Enterprise on the SharePoint server. The SharePoint related procedures are included in the Duet Enterprise Deployment Guide for SharePoint Administrators. This section contains:
Before you begin Coordination between SAP and Microsoft SCL Overview Planning the System Landscape Hardware and software requirements for Duet Enterprise Prerequisites
icon.
SharePoint Server
SAP system
You implement SCL components such that the SharePoint server components are in a host separate from the host of SCL components interfacing with your SAP systems. Install, and configure Duet Enterprise in the testing landscape, after you complete all configurations and testing, you can make Duet Enterprise available in your production landscape for use by a large audience. To build your own Enterprise Service based application on top of Duet Enterprise, you require an Enterprise Service Repository (ESR). For more information, refer to System Landscape on the SAP Help Portal.
The following are the minimum software requirements for Duet Enterprise: Requirements NetWeaver stack .NET framework Microsoft SharePoint Microsoft Office Client Client -Browser Database/s (Server MS) SAP system Kernel Part II (for Basis 7.02) WEBCUIF Specification NW 7.0 Eph 2 SP05 .NET 3.0/3.5 SharePoint Enterprise 2010 ( 64- bit) OS Windows 2008 ( 64- bit) Office 2010 Pro Plus* IE 7.0 or higher, Firefox 3.x, Safari 4.x - SQL 2008 or SQL 2005 (Enterprise, Standard) Server 64 bit only R/3 4.6c or higher Kernel Patch Level 35
The following are the minimum requirements for the SAP systems: Requirements Software Specification SAP Business Suite Application Platform SAP NetWeaver Application Server 7.0 (NW 04s) SP 15, or SAP NetWeaver Application Server 6.40 (NW04) SP22 for Workflow ERP 2004, Release SAP_BASIS 640 (SP level 0022), or ERP 6.0 (2005), Release SAP_BASIS 700 (SP Level 15) for Reports. NW BI 3.5: Release SAP_BW 350 (SP Level 0022), or NW BI 7.0: Release SAP_BW 700 (SP Level 17) for Reports. Starter Services require ERP 2004 and higher. ERP 2004: SA_BASIS 640 (SP level 0022) or higher ECC-SE 604 SP06 In addition, make sure that you read and implement the most current SAP notes that apply to the required software listed above. You can find these notes at service.sap.com/notes.
Relevant SAP notes that apply to SAP NetWeaver ABAP 7.02 SP3 for deploying Duet Enterprise. Note Number 1465067 Description Corrections and Enhancement note for the SCL SP1 Property EnableEncryption is unknown for profile-based EPs Explanation This note describes all corrections and enhancements done for the Service Consumption Layer SP01. This note is used to correct the program error in the SOAMANAGER when displaying selected Binding WSDL URLs for profile-based endpoints. Sample Services uses Enterprise Service Oriented Architecture (eSOA) services for various business flows. End points for these services have to be configured with an SAP Assertion Logon method as a security mechanism in the SAP ERP system so that these services can be consumed from Service Consumption Layer (SCL) system. This note describes the procedure for doing this.
1451537
1480794
1. Introduction 1.6 Performing Installation Using the Duet Enterprise for Microsoft SharePoint and SAP Wizard
SAP system For each SAP system to which you want to connect, the SCL server you need the following information: System ID, System number Server name HTTP / HTTPs port Administrator credentials Consumer-specific information For several steps you will require information from the SharePoint administrator. Some of the information will only be available once SAP specific data has been handed over to the SharePoint administrator, other data can be provided right away. For example: HTTPS URL: https://ilvms025.tlv.sap.corp:10001 ADS Information for Usermapping Sync AD Server: dev24dc1 Port: 389 User: devwdf24\d044410 Password: xxx User Base DN: CN=Users,DC=dev24,DC=devwdf,DC=sap,DC=corp
Server Name = duet System ID = DUE System Number = 00 HTTP = 80 HTTPS = 8001
1.6 Performing Installation Using the Duet Enterprise for Microsoft SharePoint and SAP Wizard
Note: Before you open the wizard, make sure you have implemented all notes appearing under Composite Note 1539888. The Duet Enterprise for Microsoft SharePoint and SAP Wizard, together with the pre- and post- wizard installation procedures covers all the steps necessary to deploy Duet Enterprise in your system. If the wizard runs smoothly, there is no need to continue with the rest of the tasks that are outlined in this document. To start the wizard, you require some basic information from the SharePoint administrator. You will be able to obtain this information using the Duet Deployment Worksheet located at http://go.microsoft.com/fwlink/?LinkId=207604. Information that has to be handed over to the SharePoint administrator is clearly mentioned throughout the wizard. In the wizard, you can skip as many steps as you want if they should not be automated due to security / traceability reasons (for example, when you only want to run the wizard in your Sandbox / Test environment, but only part of it in your productive environment). Also, if you encounter an error for a certain step, skip this step, perform it manually, and continue using the wizard.
1. Introduction 1.6 Performing Installation Using the Duet Enterprise for Microsoft SharePoint and SAP Wizard
The wizard does not only perform configuration steps on the SCL server, but also some required steps on the SAP system (like establishing trusts or creating logical ports). The Wizard assumes the following starting point: NetWeaver 7.02 SP5+ is installed End-users and groups are created (at least one user and group; used for activating BC sets) Profile settings are set for SSO [1.6.2 Setting Profile Parameters] and SSL [http://help.sap.com/saphelp_nw70ehp2/helpdata/en/49/23501ebf5a1902e10000000a4218 9c/frameset.htm]
Wizard Prerequisites
Authorizations
To execute the Wizard, several authorizations are required on the SCL and SAP system. On the SCL, the authorization template /IWTNG/LCMWIZARD can be used which contains all required permissions. You can create a role out of the template following the instructions outlined in section 2.3.1 Create and Assign SCL Administrator Role > To create the administrator role and assign it to users using the template /IWTNG/LCMWIZARD instead of the template /IWFND/RT_ADMIN instructed there On the SAP System the following permissions are required to create RFC destinations, exchange certificate and create logical ports: Authorization Template S_ADMI_FCD S_CTS_ADMI S_DATASET Permissions S_ADMI_FCD=NADM CTS_ADMFCT=TABL PROGRAM=SAPLRSPOR ACTVT=06,33,34,; FILENAME=* S_GUI S_RFC ACTVT=61 RFC_TYPE=FUGR RFC_NAME=RSPOR, SAIO, SBDC, SBUF, SCCA, SCUST_RFC_GENERATE, SICM, SSFP ACTVT=16 S_RFC_ADM ACTVT=01 RFCTYPE= RFCDEST=* [<RFC to SCL Server>, <RFC to SCL-Server HTTP>] ICF_VALUE=
1. Introduction 1.6 Performing Installation Using the Duet Enterprise for Microsoft SharePoint and SAP Wizard
RFC_SYSID=* [SID of SCL Server] ACTVT=01 TCODE=LPCONFIG; PROXY=/OSP/CO_REP_ADAPTER_WSVI_DOCUM; /OSP/CO_RMWRAPPER_VI_DOCUMENT; CO_OSPWACTION_ITEM_VI_DOCUMENT; LP_NAME=LP_PORT_REPORTING [Name of Logical Port]
S_TCODE S_TRANSPRT
Customizing Tables
There is a possibility that when starting the Wizard via /IWTNG/LCM, the required customizing entries from tables /IWTNG/LCMCONFIG, /IWTNG/LCMSTCONF and /IWTNG/LCMSTEPS are not transported from client 000 to the productive client you are currently working on. In this case, the following error message is displayed: In View cluster :BC-RFC3-RFCDESCR :BC-RFCH-RFCDESCR :BC-RFCH-PATH required customization entries missing :BC-RFC3-RFCDESCR :BC-RFCH-RFCDESCR :BC-RFCH-PATH. To solve this: 1. Go to Note 1544169 which contains a BC set with the required customizing. Implement the correction instructions in the note 2. Open transaction SCPR20. 3. From the BC SET menu, select Upload. The Business Configuration Sets: Activation page is displayed. 4. In the Short Text field, press F4 and select the BC set file attached to the note. 5. Click Activate. The required customizing tables are populated and the Wizard should work.
1. Introduction 1.6 Performing Installation Using the Duet Enterprise for Microsoft SharePoint and SAP Wizard
SSL certificate file name and location STS certificate file name and location AD DS Server name
\\contoso\UpdatedModels\DuetSSLCert.cer
\\contoso\UpdatedModels\DuetSTSCert.cer
contosoDC Tip: This must be the NetBIOS name of the computer running the Active Directory Domain Services (AD DS) where the user accounts that are used by SharePoint are stored. Note: If the usernames in the AD DS and the SAP System are the same, you do not need to connect the SCL to the AD DS. Instead, follow the instructions in the Mapping User Data when the User IDs in SharePoint and the SCL Host are the Same section.
Port number of AD DS AD DS account and password Attribute in AD DS where SAP user name is maintained
389
1. Introduction 1.6 Performing Installation Using the Duet Enterprise for Microsoft SharePoint and SAP Wizard
Example
https://contoso:445/sites/Reports/_VTI_bin/OBAFileReciever.asmx?WSDL Tip: The SAP administrator must have a SharePoint user account that is granted a minimum of Read access to this file.
Description
10
1. Introduction 1.6 Performing Installation Using the Duet Enterprise for Microsoft SharePoint and SAP Wizard
If Reporting, Workflow or Starter Services should be configured, the corresponding roles have to be configured. See 2.3.2 Create and Assign SCL User Role.
1.6.2 Using the Duet Enterprise for Microsoft SharePoint and SAP Wizard
To use the wizard: 1. Open transaction /n/IWTNG/LCM. 2. Click Next at the top and provide the required information. Additional help and explanations is available for each step by clicking the icon.
11
3. For configuring Reporting, activate the local reports. a. Open transaction SE38. The ABAP Editor: Initial Screen is displayed. b. In the Program field, enter /IWCNT/DEMO_REP_LP_CONFIG. c. Click Execute. This program will configure the required RFC destinations and logical ports. d. To restart ICM (and reset the buffer), form the SCL, open transaction SMICM > [Menu] Administration > ICM > Exit Soft > Global. 4. For configuring Workflow, perform the procedures described in the following sections in this document: 3.1.5 Customizing Duet Workflows Patterns 3.1.6 Customizing Workflow Patterns 3.1.7 Running Scheduled Reports (Jobs) 3.1.8 Creating Roles and Assigning Authorization Objects in SAP System 5. For configuring Starter Services, perform the procedures described in the following sections in this document: 3.5 Caching Code Lists 3.6 Configure Document Upload Option 3.7 Retrieving the URL for the "View Inquiry in SAP System" Link 6. Configure the user profile synchronization, as described in section 3.7 Configuring User Profile Synchrnonization. At this stage, Duet Enterprise should be completely deployed in your machine.
1.7 Prerequisites
During the installation, several basic configuration steps have to be performed and will be outlined. However, the following steps can be performed before you begin, independently of any Duet Enterprise specific configuration.
Title
Comment
12
13
14
15
To install the SCL components: 1. Download all versions of the .SAR files located at: service.sap.com/swdc > Installations and Upgrades > Installation and Upgrades Entry by Application Group > SAP Application Components > Duet Enterprise > Duet Enterprise 1.0 > Installation. Download DVD1 (containing the IW_FND and WI_CNT .SAR files) and DVD2 (containing the IW_TNG .SAR file) at that location. 2. Download the .SAR files of the latest Service Pack from the following location: service.sap.com/patches> Support Packages and Patches A - Z Index > D > DUET ENTERPRISE > DUET ENTERPRISE 1.0 > Comprised Software Component Versions. Download the SAP IW CNT 100, the SAP IW CNT 100, and the SAP IW FND 100 files. 3. Extract all >SAR files to \\<server>\sapmnt\trans\eps\in 4. Log on to the SAP system in which you want to install the SCL components, and enter the transaction SAINT. For detailed information about importing the installation packages, see Installing and Upgrading Add-ons, on the SAP Help Portal. 5. Download the Microsoft latest Service Pack from the following location: service.sap.com/patches> Support Packages and Patches A - Z Index > D > DUET ENTERPRISE > DUET ENTERPRISE 1.0 > Comprised Software Component Versions > DUET ENTERPRISE CONTENT 1.0 > Windows Server on x64 64bit. Download the Duet Enterprise 1.0 SP 02 file. 6. Deploy the Duet Enterprise 1.0 SP 02 file to the SharePoint server. For more information, refer to http://technet.microsoft.com/en-us/library/ff972427.aspx.
16
2. Installing Duet Enterprise 2.3 Setting Up User and Authorization Administrator for the SCL
The Role Maintenance page is displayed. 5. In the Role field, enter any of the basis roles, for example: SAP_BC_BASIS_ADMIN SAP_BC_CTS_ADMIN SAP_BC_BASIS_MONITORING SAP_BC_BATCH_ADMIN SAP_BC_BDC_ADMIN SAP_BC_WEBSERVICE You can choose any of the listed standard administrator roles, or enter an existing one. 6. Click Copy Role to create a copy of the standard role.
7. In the Query dialog box, enter a name for the new role in to role, for example, Z_SAP_BC_BASIS_ADMIN . Click Copy all. The Change Roles dialog box is displayed and the role is created.
17
2. Installing Duet Enterprise 2.3 Setting Up User and Authorization Administrator for the SCL
8. In the Role Maintenance page, click the 9. Select the Authorizations tab.
Edit icon.
10. Click Change Authorization Data under the Maintain Authorization Data and Generate Profiles section. 11. Select Edit > Insert Authorization(s) > From template. The Choose Template page is displayed. 12. Select /IWFND/RT_ADMIN from the list. 13. Click the 14. Click checkmark. Generate.
The Generate profile dialog box is displayed. 15. Select the Generate option. 16. In the Assign Profile name for Generated Authorization Profile dialog, maintain the profile name according to your requirements. For example T-SCL550. 17. Click the checkmark. The Change role: Authorizations page is displayed. The status of the profile is displayed as Generated. 18. Go back to the Change Roles page, and select the Users tab in the User Assignment section. 19. Enter the names of the users you want to assign to this role. 20. Click Save. 21. Click User comparison. The Complete Role Master Record page is displayed. 22. Click Complete comparison. 23. Click Save.
24. Check that the role was properly created and assigned. Checkpoint: Log on to the SCL system using the user you just assigned. You should be able to access transaction SIMGH and search for the entry Service Consumption Layer Administration You can logon to the SCL host with the administrator user you have created to configure the SCL components and content, and install consumer applications.
18
2. Installing Duet Enterprise 2.3 Setting Up User and Authorization Administrator for the SCL
In this procedure, you will provide information to the SharePoint administrator. Open the Duet Enterprise Worksheet located at http://go.microsoft.com/fwlink/?LinkId=207604. You must access the WSDL from SharePoint using a specific user created for that purpose. To create the user: 1. On the SCL, open transaction SU01. 2. Enter a user name. For example, SP_Access. 3. Click Create. 4. Maintain all required data including password. 5. Do not assign any roles. 6. Click Save.
7. Enter this user name and password in the Duet Enterprise Worksheet, in the User name for WSDL access and Password for WSDL access rows. Checkpoint: Log on to the SCL system using the user you just created. Providing the password you just maintained, you should see the SAP Easy Access page.
19
2. Installing Duet Enterprise 2.3 Setting Up User and Authorization Administrator for the SCL
To create users roles and assign them to users: 1. On the SCL, open the Service Consumption Layer Administration IMG. 2. Click the 4. Click the Display icon. Execute icon to configure roles in the Role Maintenance. Copy Role.
5. In the Role field, enter SAP_BC_ENDUSER, and then click The Query page is displayed.
6. In the to role field, enter a name for the new role, for example, Z_WORKFLOW. 7. Click Copy all. The Role Maintenance page is displayed showing the role you just created. 8. Click Edit to change the role. 9. Select the Authorizations tab. 10. Click Change Authorization Data under the Maintain Authorization Data and Generate Profiles section. 11. Select Edit Insert Authorization(s) From template. The Choose Template page is displayed. 12. Select the /IWCNT/RT_USER_WF template from the list. 13. Click Generate.
The Generate profile dialog box is displayed. 14. Select the Generate option. 15. In the Assign Profile name for Generated Authorization Profile dialog, maintain the profile name according to your requirements. For example T- SCLWF550003. 16. Click the checkmark. The Change role: Authorizations page is displayed. The status of the profile is displayed as Generated. 17. Go back to the Change Roles page, and select the Users tab in the User Assignment section. 18. Enter the names of all users that have the Workflow, Reporting or Starter Services role assigned to it. 19. Click Save. 20. Click User comparison. The Complete Role Master Record page is displayed. 21. Click Complete comparison. 22. Click Save.
Once you have assigned the users to the relevant roles, you can log on with this user and work with it.
20
2. Installing Duet Enterprise 2.3 Setting Up User and Authorization Administrator for the SCL
Note: Repeat these steps for all roles that you need. For example, Z_REPORTS for users that should get Reporting and Z_SAMPLESERVICES for users that should get Starter Services. Note: For the users performing the Grant user access to SAP workflow tasks procedure in SharePoint ONLY, make sure you assign the authorization object S_Service to the role. To assign the SAP_BC_WEBSERVICE_CONSUMER role to all end users: 1. On the SCL, open the Service Consumption Layer Administration IMG. 2. Click the 4. Click the Display icon. Execute icon to configure roles in the Role Maintenance. Edit.
5. In the Role field, enter SAP_BC_WEBSERVICE_CONSUMER and click 6. Select the Users tab in the Role section. 7. Enter the names of the users you want to assign to this role. 8. Click Save. 9. Click User comparison. The Complete Role Master Record page is displayed. 10. Click Complete comparison. 11. Click Save.
Checkpoint: Take some of the users assigned to the different roles (for example, Z_REPORTS and SAP_BC_WEBSERVICE_CONSUMER), and make sure that you can log on successfully. To allow certain users to fetch roles from the SAP system: 1. Create a user as described in the To create users roles and assign them to users procedure above. 2. In step 12, instead of selecting the /IWCNT/RT_USER_WF template, select the S_USER_AGR the authorization object. 3. Continue with the procedure.
21
5. In the Request field, press F4. 6. Select a customizing request and click the The Activation Options page is displayed. 7. In the Select Activation Mode section, select the Expert Mode radio button. 8. Click the checkmark.
The /IWTNG/BC_GENERAL_CUSTOMIZING BC set is activated. Checkpoint: Refer to chapter Defining Consumer Issuer Certificate to check if customizing entries were done like outlined in each chapter.
22
2. Installing Duet Enterprise 2.5 Specifying Configuration Settings of the SharePoint Server
For more information regarding the SLD, refer to the following link on the SAP Help Portal: Architecture Overview of Data Supplier. For more information on how to register an ABAP-based SAP system and its clients in the landscape description of the SLD, refer to the following link on the SAP Help Portal: Registering ABAP-Based SAP Systems.
23
2. Installing Duet Enterprise 2.5 Specifying Configuration Settings of the SharePoint Server
3. Select Connection Settings > SCL to Consumer > Define Settings for Idempotent Services. 4. Click the Execute icon.
The Program SRT_WS_IDP_CUSTOMIZE page is displayed. 5. Enter the default values: for Period Hours in Document, the value is 6, and for Document ID, the value is 12. 6. Click the 7. Click the Execute icon. checkmark. A message confirming that the job has been scheduled is displayed.
Checkpoint: a. Open transaction SM37. The Simple Job Selection page is displayed. b. In the Job name field, enter SAP_BC_IDP_WS_SWITCH* . c. In the User name field, enter *. d. In the Job status section, select the Sched. checkbox. e. Click on Execute You should see some entries for the two jobs SAP_BC_IDP_WS_SWITCH_BD and SAP_BC_IDP_WS_SWITCH_BDID.
3. Select Connection Settings > SCL to Consumer > Create RFC Destination for Outbound Queues. 4. Click the Execute icon.
24
2. Installing Duet Enterprise 2.5 Specifying Configuration Settings of the SharePoint Server
5. Click the
Create icon. The RFC Destination page is displayed. 6. In the RFC Destination field, enter IWFND_BGRFC_DEST.
4. Select Connection Settings > SCL to Consumer > Register RFC Destination for Outbound Queues. 5. Click the Execute icon. The bgRFC Configuration page is displayed. 6. Select the Define Inbound Dest. tab. 7. Click Create. The Configure Inbound Destination page is displayed. 8. In the Inb. Dest. Name field, enter IWFND_BGRFC_DEST. 9. Press Enter and then click Save. 10. In the New Prefix field, enter IWFND_CNP and click Create, repeat the step using IWCNT_WF. 11. Click 13. Click Save. Create. 12. Select the Scheduler Destination tab. A message asking if you want an outbound or inbound destination is displayed. 14. Click Inbound. The Create Scheduler Settings for Inbound Destination page is displayed. 15. In the Destination field, enter IWFND_BGRFC_DEST. 16. Click Save. 17. In the bgRFC destination page, click Save.
25
2. Installing Duet Enterprise 2.5 Specifying Configuration Settings of the SharePoint Server
26
2. Installing Duet Enterprise 2.5 Specifying Configuration Settings of the SharePoint Server
3. Select Connection Settings > SCL to Consumer > Create RFC Destination for WSIL Service. 4. Click the 5. Click Execute icon. The Configuration of RFC Connections page is displayed. Create. The RFC Destination page is displayed. 6. In the RFC Destination field, enter IWFND_WSIL_LOCAL_DEST. 7. In the Connection Type field, enter H and then click the 9. Press Enter. 10. In the Target Host field, enter the SCL Host. 11. In the Service No. field, enter the HTTP Port. 12. In the Path Prefix field, enter the path of the local WSIL Service. For example, /sap/bc/srt/wsil. Note: The SAP/BC/SRT/WSIL service must be activated via SICF. To obtain the WSIL URL: a. Log on to the SCL system you specified as a provider, and enter transaction SICF. b. In the Type Hierarchy field, enter SERVICE. c. Enter WSIL for the service name. d. Click Execute. The WSIL service should now be listed. The default value for the URL is: http://<host_name:port>/sap/bc/srt/wsil Note: The WSIL service lists the configuration of all Web services exposed by the system. Note: You can double-click on the service to obtain the URL. 13. Click Connection Test. 14. Click Save. Checkpoint: Click Connection test. The result in the Test Result tab should contain the Status HTTP Response 200. checkmark.
27
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
28
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
3. Select Connection Settings > SCL to Consumer > Configure Web Service MessageBased Authentication. 4. Click the Execute icon The Configuration of WSS_SETUP page is displayed. 5. Select ICF Node Update. Note: If this is the first time you run this activity, the ICF Node Update checkbox is not available. Skip this step, and after the procedure is complete, go back to Connection Settings > SCL to Consumer > Configure Web Service Message-Based Authentication and click the Execute icon again.
29
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
This option specifies and repairs the user, DELAY_L_<SID> in all ICF nodes. This may be necessary if the user DELAY_L_<SID> has been locked or changed, or if its password has been changed. 6. Select Provider Configuration in the Secure Token Service (Service Conversation) section. This is a dedicated service required to obtain the SecureContentToken. 7. Specify the following in the WS Security Options section: Algorithm Suite: Select TripleDesSha256RSA15 for the algorithm suite. Note: Make sure that TripleDesSha256RSA15 is listed. If it is not listed, check the SSFLIB Version using transaction STRUST, then go to Environment Display SSF Version. You need SSFLIB Version 1.555.28 or higher, using an updated SAPCrypto Lib. Clock Skew: Specify the value 120, this is the tolerance to compensate for time difference between the consumer server and the SCL host. Select Detect message replays to detect and prevent Web service messages that are being called repeatedly. SAML 1.1 Trust: Choose Use SAML Trust. 8. In the Test Run section, unselect Test Run, and click multiple times. Execute. You can run this report
The result displays many details, including, the list of services activated and the message: Configuration for WS Security logon successfully checked. Note: On the first run there might be an error due to missing users. It is recommended to run it a second time to ensure that no errors are displayed. Note: If the provider configuration cannot be created, open transaction SICF and activate node /sap/bc/srt/xip/sap. Checkpoint: a. Run the WSS_SETUP again by executing steps 1 to 4. b. Leave all settings as default and click on Algorithm Suite:TripleDesSha256Rsa15 Clock Skew(sec):120 Detect message replays SAML 1.1 Trust:SAML2 execute. The following lines should be displayed in the WS Security Options section:
30
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
For information about configuring the STS host as a trusted system, see the Service Consumption Layer: SAP Security Guide at SAP Service Marketplace at: http://service.sap.com/instguides SAP Business Suite Applications Duet Enterprise Enterprise 1.0. Requirements: Make sure that you have:
Duet
Activated HTTP security session using transaction SICF_SESSIONS. A list of all of the clients that exist in the system appears. Select the relevant client and choose Activate. Information about the STS issuer name, and STS public-key certificate, as you need to provide details of the STS system in the SCL host. This information has to be provided by the SharePoint administrator. You use the SAML 2.0 wizard, a browser application, to do the following: Specify the local provider information. Configure HTTP security in the SCL host. Specify the Web service policy To specify the local provider details: Note: If you have SAML 2.0 support enabled, you can skip steps 6-9 in this procedure. 1. On the SCL, open the Service Consumption Layer Administration IMG. 2. Click the Display icon.
3. Select Connection Settings > SCL to Consumer > Configure Consumer STS. 4. Click the Execute icon.
The SAML 2.0 Local Provider Configuration wizard is displayed using the URL: https:/<SCL_hostname:port>/sap/bc/webdynpro/sap/saml2 Note: You need the user and password to logon. 5. Click Enable SAML 2.0 Support. The SAML 2.0 Local Provider Configuration is displayed. 6. Enter the following in Initial Settings and click Next: Provider Name: Enter the provider name, making sure there are no spaces in the name. For example, SCL_Provider. Operation Mode: Do not change the specified value, Service Provider. 7. In General Settings, enter 120 in Clock Skew Tolerance and click Next. 8. In Service Provider Settings, specify the following (default settings): In the Selection Mode field under Identity Provider Discovery, select Manual. In the Affiliation Name field under, do not make any change. In the Supported Bindings field under Assertion Consumer Service, select HTTP POST, HTTP Artifact, and PAOS. In the Supported Bindings under Single Logout Service, select HTTP Redirect, HTTP POST, HTTP Artifact, and SOAP. Under Artifact Resolution Service, select Enabled in Mode, and specify 60 in Artifact Validity Period.
31
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
9. Click Finish. A summary of the local provider details in the SAML 2.0 Configuration wizard of ABAP System:<system_name>/<client_number> is displayed.
To configure HTTP security in the SCL host: 1. Select the Trusted Providers tab and do the following: In Show under List of Trusted Providers, choose Secure Token Services, click Add, and then select Manually. The New Trusted Secure Token Services Provider wizard is displayed. In the Name field, enter SharePoint and click Next. This a unique name identified by the SAML Issuer attribute in a SAML assertion. Click Browse and then Upload File and specify the location of file for the signed certificate from the STS system, and then click OK. Upload the STS file from SharePoint. Open the Duet Enterprise Worksheet and copy the file information from the SSL certificate file name and location row. 2. Click Next in Signature and Encryption. Information about the signing certificate is displayed. 3. Click Next. The Endpoint page is displayed. 4. Click Add; the following details about the STS system display: In the Provide Location URL field, enter the URL of the STS system. For example, http://<WebApp URL in the farm>/_vti_bin/sts/spsecuritytokenservice.svc/windows In the MEX URL field, enter the MEX URL for the STS system: For example, , http://<WebApp URL in the farm>/_vti_bin/sts/spsecuritytokenservice.svc?wsdl Note: The name of the <WebApp URL in the farm> has to be handed over from the SharePoint administrator in the Duet Enterprise Worksheet, in row URL to Web application for report router site. 5. Click Finish. 6. From the Trusted Provider tab, select the STS system, and then click Edit. The Details of Security Token Provider <Name_of_Provider> page is displayed. 7. For Supported SAML Versions, select SAML 1.1, and make sure that SAML 2.0 is not selected. 8. Set the Assertion-Validity (Holder-of-Key) to the value defined in SharePoint, by default 600. 9. Select the Identity Federation tab, and then click Add. 10. Select Unspecified from the list in Supported NameID Formats and click OK. 11. In Source under Details of NameID Formats <Unspecified>, select Mapping in USREXTID Table from the list. 12. Click Save and then click Enable.
32
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
To specify the Web service policy: 1. From the Policies tab, select Web Service Policies from the list. The list contains STS entries from the table WSS_STS_URL_TAB. 2. Click Add. The SAML 2.0 Configuration window is displayed. 3. In the Policy name field, enter SharePoint. 4. Select the name of the STS provider from the list in Security Token Service Provider. 5. Select the placeholder URL of the STS system from the list in STS Location URL. The MEX URL is automatically added. 6. In SAML Type, select Asymmetric consumer key, STS as a tester, and in SAML Version select SAML 1.1, and then click OK. Note: Write down the Policy name as you will need it when importing the SAML profile in SOAMANAGER.
3. Select Connection Settings > SCL to Consumer > Define Consumer Issuer Certificate. 4. Click the Execute icon.
The Define Consumer Details page is displayed. 5. Click New Entries. 6. In the Consumer Type field, press F4, and select SHAREPOINT_INT. 7. In the Issuer Name field, enter SharePoint. Note: this entry is case sensitive. 8. In the Issuer Certificate field, enter CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US 9. Click Save. The SCL maps users in a specific consumer server to SCL users based on the SAML token issued by an STS.
33
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
Configuring the Use of SSL between the SCL Host and SharePoint
To complete this procedure, you will require input from the SharePoint administrator. Open the Duet Enterprise Worksheet located at http://go.microsoft.com/fwlink/?LinkId=207604
You configure the SCL host, SAP NetWeaver AS ABAP, to use SSL for communications with SharePoint. For more information about SSL settings in the SCL landscape, see the Service Consumption Layer: SAP Security Guide at SAP Service Marketplace at: http://service.sap.com/instguides SAP Business Suite Applications Duet Enterprise Duet Enterprise 1.0. Requirements Make sure that you have: Information about the SSL public-key certificate, you need to provide details of the SSL system in the SCL host. To implement SSL for use between the SCL host and the consumer server, you must configure SSL in the two systems. Configure the SharePoint server to use SSL. To configure SSL for use in the SharePoint server, see the specific SharePoint server documentation. Configure the SCL host to use SSL. If you have already configured the SCL host to use SSL, you can skip the following procedures. To configure the use of SSL in the SCL host: 1. On the SCL, open the Service Consumption Layer Administration IMG, and select Connection Settings > SCL to Consumer > Manage Security Trust. 2. Click the Execute icon.
The Trust Manager page is displayed. 3. Generate key pairs for SSL. a. Right-click on SSL server Standard. b. Click Create. c. Maintain the correct data for Name, Org, Comp, Country, CA, Algorithm and Key Length checkmark. and click the d. If needed adjust the Distinguished Name for the displayed hosts and click the checkmark. Note: A self signed certificate is created. If required, you can sign this certificate by a Certificate Authority.
34
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
Note: Make sure that an HTTPS port is set in the profile parameters as shown in the Configuring the AS ABAP for Supporting SSL help topic found at: http://help.sap.com/saphelp_nw70ehp2/helpdata/en/49/23501ebf5a1902e10000000a42 189c/frameset.htm. To verify that the HTTPS port is active: i. Open transaction SMICM. The ICM Monitor page is displayed. ii. From the menu bar, select Goto > Services. The ICM Monitor Service Display page is displayed. iii. In the Active Services table, check that the HTTPS entry is Active. 4. Export the SSL server certificate. a. Under SSL server (Standard), double-click the certificate displayed. The Own certificate is displayed. b. Double click on the certificate. The certificate is displayed in the Certificate area. c. Click Export Certificate. d. In the File path field, enter a file name, for example, C:\SCL-SSL.cer. e. In the File format section, select the Binary radio button. f. Click the checkmark to export the certificate to the file system. g. Add the certificate name and location to the Duet Enterprise Worksheet, in the SSL Certificate location and file name row. 5. Import the certificate. a. Right-click SSL client SSL Client (Anonymous) and select Create. b. Click the d. Click checkmark. Import Certificate. c. Double-click the certificate displayed. The Import Certificate page is displayed. e. Enter the SharePoint SSL server certificate. To find the certificate, see the Duet Enterprise Worksheet, SSL certificate file name and location row. Note: The imported certificate must be in .CER format. f. Click the checkmark. Save. g. Click Add to Certificate List. h. Click i. Repeat this procedure steps for all the certificates you received from the SharePoint administrator. Checkpoint: To verify that the SharePoint SSL certificate was successfully created, create an RFC type G destination to the SharePoint server (for further information, refer to the Create Type G RFC Destination to the SCL section). Perform a connection test, and make sure that you do not get any ICM_HTTPS_SSL certificate error.
35
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
2.6.2 Mapping User Data in the SAP System and the SharePoint Server
User mapping maps a user ID in the SharePoint server to the user ID in the SAP system for the same user. User mapping is required if users have different user IDs in the SCL host and in the SharePoint server; passwords are not mapped. If the user ID on the SharePoint is domain\username and in the SAP system it is only username this is still considered as being different user IDs. The user's ID in the SharePoint server and the users ID in the SCL host are stored in the user's logon ticket for single sign-on. When the user tries to access an SAP system, the system extracts the user ID from the logon ticket.
Mapping User Data when the User IDs in SharePoint and the SCL Host are the Same
If the usernames on SharePoint are the same as on the SCL server, you do not have to connect the SCL to the Active Directory Domain Service to perform mapping. Instead, you can use the BAdI included in Note 1542681 and perform the steps below. To map the SAP user names to SharePoint: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Administration IMG. 3. Click 5. Click Display. Execute.
4. Select Consumer Settings > Map SAP User Names to Consumer. The Enter Correct SNC Names in Table View VUSREXTID page is displayed. 6. In the External ID Type field, select SA. 7. In the Prefix of External Name field, enter SharePoint:: domain, where DOMAIN is the domain in which the users are located, for example, SharePoint::devwdf24 8. In the Suffix of External Name field, delete any existing data. 9. In the Optional: Name of Issuer field, enter CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US (This is the Issuer name of the SharePoint Security Token Service certificate that you previously imported when running the SAML2 Wizard.) Note: You cannot use the F4 help here. 10. Select the BAdI Implementation radio button. 11. In the BAdI Implementation field, press F4 and select Simple bulk user mapping. 12. Under Further Options, deselect the Test Mode checkbox. 13. Click Execute. The Enter Correct SNC Names in Table View VURSEXTID page is displayed. 14. Check that the Number of External Names Added is greater than 0. Checkpoint: a. Open transaction SM30. b. In the Table/View field, enter VUSREXTID.
36
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
c. Click
Display.
The Determine Work Area: Entry page is displayed. d. In the External ID Type field, enter SA. e. Click the checkmark. The Assignment of External ID to Users table is displayed. It should include a list of all the users that were mapped.
Mapping User Data when the User IDs in SharePoint and the SCL Host are Different
To create an RFC destination for the LDAP connection: 1. On the SCL, open transaction SM59 The Configuration of RFC Connections page is displayed. 2. Click Create. The RFC Destination page is displayed. 3. In the RFC Destination field, enter a name for the RFC destination, for example, RFCDEV24DC1. 4. In the Connection Type field, enter T. 5. In the Description field, enter a description, for example, Connection to DEVWDF24 for LDAP Sync. 6. Click Edit.
7. Select the Technical Settings tab. 8. Under the Activation Type section, select the Registered Server Program radio button. 9. In the Program ID field, enter a program ID, for example, PROG-DEVWDF24. 10. In the Gateway Options section, enter the following information: Gateway Host: <host of the SCL server>, for example, vmw2065.wdf.sap.corp Gateway service: <port of the SCL server>, for example, sapgw<Sys NR> 11. Click Connection Test. The test will fail at first with a Logon Connection Error message. To create a user for the LDAP connection: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Administration IMG. 3. Click 5. Click Display. Execute.
4. -Select Consumer Settings -> Configure LDAP Server for Mapping Users. The Directory Service Connection page is displayed. 6. Click System Users.
37
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
The Display View LDAP System User: Details page is displayed. 7. Click Edit.
8. Click New Entries. The New Entries: Details of Added Entries page is displayed. 9. In the User ID field, enter the name of a system user, for example, SCL-DEV24. 10. In the Distinguished Name field, enter the service user used to connect to the ADS and read user entries, for example, devwdf24\d044410. 11. In the Credentials checkbox, click Edit. The System User dialog box is displayed. 12. In the Password field, enter the password for the user name previously entered. 13. In the Repeat Password field, enter the password for the user name previously entered again. 14. Click the checkmark.
To configure the LDAP server the LDAP connection: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Administration IMG. 3. Click 5. Click Display. Execute.
4. Select Consumer Settings -> Configure LDAP Server for Mapping Users. The Directory Service Connection page is displayed. 6. Click LDAP Servers. The Display View Server Names: Details page is displayed. 7. Click Edit.
8. Click New Entries. The New Entries: Details of Added Entries page is displayed. 9. In the Server Name field, enter a name for the server, for example, SRV-DEV24DC1. 10. In the Host Name field, enter the name of the ADS server, for example, dev24dc1.wdf.sap.corp. 11. In the Port Number field, enter the port number of the ADS server, for example, 389. 12. From the Product Name drop-down list, select Microsoft Windows 2003 Active Directory (Domain Mode) (even if you have ADS 2008, see Note 983808). 13. From the Product Version drop-down list, select LDAP Version 3. 14. From the LDAP Application drop-down list, select User. 15. Select the Default checkbox. 16. In the Base entry field, enter: the base entry on which the users are stored in the ADS, for example, CN=Users,DC=dev24,DC=dev-wdf,DC=sap,DC=corp. 17. In the System logon field, press F4 and select the previously created user (SCL-DEV24).
38
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
18. Click
Save.
To activate the LDAP connection: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Administration IMG. 3. Click 5. Click Display. Execute.
4. Select Consumer Settings -> Configure LDAP Server for Mapping Users. The Directory Service Connection page is displayed. 6. Click LDAP Connectors. The Display View LDAP Connector (Maintenance View): Details page is displayed. 7. Click 8. Click the Edit. checkmark.
A message is displayed warning you that the table is cross-client. 9. Click New Entries. The New Entries: Details of Added Entries page is displayed. 10. In the Connector Name field, press F4 and select the previously created RFC destination, for example, RFC-DEV24DC1. 11. In the Application Server field, press F4 and select the active instance, for example, vmw2065_DUE_00. 12. From the Status drop-down list, select Connector is active. 13. From the Trace Level drop-down list, select Trace Off. 14. Leave the Max. Retention Period and the Code Page fields blank. 15. In the Page Size field, enter a page size (entries per page) if your ADS has more than 1000 entries, for example, 200. 16. Click 17. Click Save. Start Connector.
The Current Status icon should change to yellow. 18. Click Save.
The Current Status icon should change to green To configure the user mapping types: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Administration IMG. 3. Click Display.
39
2. Installing Duet Enterprise 2.6 Establishing Connections to an SAP System and the SharePoint Server
5. Click
Execute.
A message informing that individual entries cannot be put into the change request is displayed. 6. Click the checkmark. The Change View Configuration table for Bulk User Mapping: Overview page is displayed. 7. Click New Entries. The New Entries: Overview of Added Entries page is displayed. 8. In the LDAP/FILE based user mapping column, open the drop-down list and select LDAP based user mapping. 9. In the Config Index column, check the currently existing entries, and enter the next highest number. If this is the first entry, enter 1. 10. In the LDAP server: symbolic name column, enter the value specified in the To configure the LDAP server the LDAP connection section above, for example, SRV-DEV24DC1. 11. In the LDAP Attribute for BE Name column, enter the ADS field in which the SAP usernames are stored. If the user name used in the ADS and in the SAP System is the same, enter SAMACCOUNTNAME. 12. Select the Active/Inactive checkbox. 13. Click Save.
Checkpoint: Verify that the RFC destination is now working. a. Open transaction SM59. b. The Configuration of RFC Connections page is displayed. c. Open the TCI/IP Connections module. d. Select the RFC destination previously created, RFC-DEV24DC1. e. Click Connection Test. The Connection Test should now work fine. To map the SAP user names to SharePoint: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Administration IMG. 3. Click Display. Execute.
4. Select Consumer Settings > Map SAP User Names to Consumer. 5. Click The Enter Correct SNC Names in Table View VUSREXTID page is displayed. 6. In the External ID Type field, select SA. 7. In the Prefix of External Name field, enter SharePoint:: 8. In the Suffix of External Name field, delete any existing data. 9. In the Optional: Name of Issuer field, enter CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US (This is the Issuer name of the SharePoint Security Token Service certificate that you previously imported when running the SAML2 Wizard.)
40
2. Installing Duet Enterprise 2.7 Creating Endpoints for Duet Enterprise Services
Note: You cannot use the F4 help here. 10. Select the BAdI Implementation radio button. 11. In the BAdI Implementation field, press F4 and select SharePoint Integration bulk user mapping. 12. Under Further Options, deselect the Test Mode checkbox. 13. Click Execute. The Enter Correct SNC Names in Table View VURSEXTID page is displayed. 14. Check that the Number of External Names Added is greater than 0. Checkpoint: a. Open transaction SM30. b. In the Table/View field, enter VUSREXTID. c. Click Display. The Determine Work Area: Entry page is displayed. d. In the External ID Type field, enter SA. e. Click the checkmark. The Assignment of External ID to Users table is displayed. It should include a list of all the users that were mapped.
Prerequisites
An RFC destination for WSIL must be created. For information about creating an RFC destination, refer to the Creating RFC Destination for WSIL Service section.
41
2. Installing Duet Enterprise 2.7 Creating Endpoints for Duet Enterprise Services
The import wizard is displayed. 8. Enter the profile name and click Next. 9. Make sure the WS-A Message ID radio button is selected and click Next. 10. Check the default transport settings and click Next. 11. Make sure the Single Sign-On using SAP Assertion Ticket and the Secure Communication Only checkboxes are selected and click Finish. An SOA Management dialog box is displayed prompting you to activate the profile. 12. Click Yes.
42
2. Installing Duet Enterprise 2.7 Creating Endpoints for Duet Enterprise Services
5. Select Connection Settings > SCL to Consumer > Configure Service Endpoint. The SOA Management page is displayed. 7. Click Profile Management. 8. Check that both the DUET_ENTERPRISE_SAML and the DUET_ENTERPRISE_ASSERTION profiles appear in the Profile Management page. 9. On the SOA Manager main page, select the Service Administration tab. 10. Click the Business Scenario Configuration link. The Business Scenario Configuration page is displayed. 11. Click Import. 12. In the Enter File Path field displayed, enter the path to the scenario_DUET_ENTERPRISE_ALL file you saved in step 1. 13. Click Import. The Business Scenario wizard is displayed. 14. Click Next to move to the Provider side step. 15. Make sure the following services appear in the list displayed: a. Configured as SAML Reporting:
IWXManageReports_In_V1
Workflow:
IWXRead_UserRoles_in IWXRoleSearch_In
43
2. Installing Duet Enterprise 2.7 Creating Endpoints for Duet Enterprise Services
44
2. Installing Duet Enterprise 2.7 Creating Endpoints for Duet Enterprise Services
n. Make sure that the following lines are displayed in the WSDL document: <sp:AlgorithmSuite> <wsp:Policy> <sp:TripleDesSha256Rsa15 /> </wsp:Policy> </sp:AlgorithmSuite> <sp:RequestSecurityTokenTemplate> <wst:KeyType>http://docs.oasis-open.org/ws-sx/wstrust/200512/PublicKey</wst:KeyType> <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile1.1#SAMLV1.1</wst:TokenType> </sp:RequestSecurityTokenTemplate Note:If you encounter a problem with this: i. Disable the DUET_ENTERPRISE_ALL profile as mentioned in step 20. ii. Check the SAML configuration once more. iii. Clean the ICM cache by executing transaction SE37 > ICFBUFFER_INIT iv. Activate the DUET_ENTERPRISE_ALL scenario again. v. Perform the checks mentioned above again.
To complete this procedure, you will require the Duet Enterprise Worksheet located at http://go.microsoft.com/fwlink/?LinkId=207604
Note: Before uploading the new BDC models it is recommended to delete all previously existing models or resources (for example, due to an older system copy).
45
2. Installing Duet Enterprise 2.7 Creating Endpoints for Duet Enterprise Services
To delete previously existing models: 1. On the SCL system, open transaction SIMGH. 2. Select the Microsoft SharePoint Integration Activities IMG. 3. Click the 5. Click the Display icon. Execute icon.
4. Select BDC Publisher > Create Models. The Display View View for customizing BDC Model: Overview page is displayed. 6. Click Select All.
All the entries in the View for customizing BDC Model table are selected. 7. Click Delete (or press <Shift> + F2). 8. Click Save.
9. Return to the IMG and select BDC Publisher > Create Mapping Between Services and BDC Models. The Display View View for mapping BDC/Resource with services: Overview page is displayed. 10. Click Select All.
All the entries in the View for mapping BDC/Resource with services table are selected. 11. Click Delete (or press <Shift> + F2). 12. Click Save.
To upload the new BDC models: 1. On the SCL system, open the Microsoft SharePoint Integration Activities IMG. 2. Click the Display icon.
3. Select BDC Publisher > Load BDC and Resources to Database. 4. Click the Execute icon. Execute icon.
The Load Models and Resources to Database page is displayed. 5. Browse for the ZIP file containing the BDC models and click the
The ZIP file is created after running the setup.exe file and is saved at the following location on the SharePoint server by the SharePoint administrator: \Program Files\Duet Enterprise\1.0\SAP Service Models > SAP Service Models.zip.
The following models are provided: Account.xml AccountDocumentStorageCategory.xml AccountDocumentTypeStatus.xml AccountDocuments.xml AccountTitle.xml
46
2. Installing Duet Enterprise 2.7 Creating Endpoints for Duet Enterprise Services
BOM.xml Contact.xml ContactTitle.xml CountryCode.xml CustomerInquiry.xml CustomerInquiryItem.xml CustomerInquiryPartner.xml CustomerQuotation.xml CustomerQuotationItem.xml CustomerQuotationPartner.xml Employee.xml InquiryItemDocument.xml InquiryItemDocumentStorageCategory.xml InquiryItemDocumentTypeStatus.xml JobFunction.xml Product.xml ProductDocument.xml ProductDocumentStorageCategory.xml ProductDocumentTypeStatus.xml QuotationItemDocument.xml QuotationItemDocumentStorageCategory.xml QuotationItemDocumentTypeStatus.xml ReportTemplate.xml Role.xml UserRoles.xml UserSubscription.xml Workitem.xml 6. Check that all the models are properly uploaded. 7. In the IMG, select BDC Publisher > Create or Update Properties of BDC Models. 8. Click the Execute icon. Save.
9. In the Change View View for maintaining BDC Property: Overview page, enter an SSL-enabled URL to SharePoint for PropertyID SharePointResourceUrl and click
Note: You can find this URL on the URL to Web application for report router site row of the Duet Enterprise Worksheet. 10. In the IMG, select BDC Publisher > Generate BDC and Resource Files. 11. Click the Execute icon.
12. Enter your criteria for generating the BDC models. a. Select the Generate Models Automatically radio button to specify a namespace and generate the BDC models automatically for the scenarios you specify.
47
2. Installing Duet Enterprise 2.7 Creating Endpoints for Duet Enterprise Services
If you used the profile and business scenario configured delivered on the DVD, then all the endpoints are created with the namespace Binding_T_HTTPS_A_WSSE. b. Select the checkboxes of the scenarios for which the BDC models must be generated. 13. Click the Execute icon to generate the model and resource files. Save. 14. In the pop-up displayed, browse to the folder in your local system where you want the files to be saved and click
15. Copy this location to the Duet Enterprise Worksheet, in the BDC models ZIP file location row. The Generate BDC and Resource Models page is displayed, showing a list of all models that were created. 16. Compare the list displayed to the list above. Checkpoint: a. Open the previously created BDC.ZIP file. b. Check that the models.xml file is located in the file. c. View a non Resource file, for example, UserRoles.xml. d. Check that the following properties have been updated: WcfMexDocumentUrl (under LobSystems -> LobSystem) The URL should point to your SCL server (for example https://vmw3425.wdf.sap.corp:8001/sap/bc/srt/wsdl/bndg_0050569D4D991DDF9C9B8F D94997BE44/soap12/wsdl11/allinone/ws_policy/document?sap-client=001). WcfEndpointAddress (under LobSystems -> LobSystemInstances) This URL should also point to your SCL server (for example https://vmw3425.wdf.sap.corp:8001/sap/bc/srt/pm/iwtng/iwxread_userroles_in/001/due t_enterprise_saml/1/binding_t_https_a_wsse__-iwtng_iwxread_userroles_in_duet_enterprise_saml)
48
2. Installing Duet Enterprise 2.8 Specifying SCL Configuration Settings to SAP Systems
2.8.1 Defining Trust between the SCL Host and your SAP Systems for Type 3 connections
You define trust relationship between your SAP system and the SCL host by configuring the SAP system to be the trusting system, and the SCL host to be the trusted system. For detailed information about configuring trust relationship in the SCL landscape, see Service Consumption Layer: SAP Security Guide at SAP Service Marketplace at: http://service.sap.com/instguides SAP Business Suite Applications Duet Enterprise Duet Enterprise 1.0. Note: This is just a technical RFC destination used to establish the trust. It will not be used during runtime. To configure trust: 1. On the SAP system, open transaction SM59. The Configuration of RFC Connections page is displayed. 2. Click Create.
Value to enter Enter an RFC destination name in the following format: <SystemID>CLNT<Client>. For example,SCLCNT100. 3 Enter a description. For example, RFC Destination to SCL Server.
Explanation Select the relevant radio button according to your systems settings. Enter the (message) server name of the SCL system. For example, vmw3425.wdf.sap.corp. Enter the SCL system number. For example, 00.
The RFC destination is saved. 7. Open transaction SMT1. The Display and Maintain Trusted Systems page is displayed. 8. Click Create.
49
2. Installing Duet Enterprise 2.8 Specifying SCL Configuration Settings to SAP Systems
9. In the Destination field, enter the RFC destination you created, e.g. SCLCNT100. An RFC logon to the SCL host occurs, and the necessary information is exchanged between the systems. 10. Logon to the SCL host using your administrator user and password. The trusted entry for the SCL host is displayed. 11. Click Save. Note: For end-users to use a trusted connection, they must have authorization object S_RFCACL assigned to them (for more details, refer to http://help.sap.com/saphelp_nw70ehp2/helpdata/en/d3/5b5c8ac5a93941b9f4e 2f09b50beb4/frameset.htm)
3. Select Connection Settings > SCL to SAP System > Manage RFC Destinations. The Configuration of RFC Connections page is displayed. Create. 6. Enter the following:
Value to enter Enter an RFC destination name in the following format: <SystemID>CLNT<Client>. For example, BKDCNT200. 3 Enter a description. For example, RFC Destination to SAP Server.
Explanation Select the relevant radio button according to your systems settings. Enter the (message) server name of the SAP system. For example, vmw4000.wdf.sap.corp. Enter the SAP system number. For example, 00.
10. Enter the SAP systems client number. 11. Select the Current User checkbox.
50
2. Installing Duet Enterprise 2.8 Specifying SCL Configuration Settings to SAP Systems
12. Select the Trust Relationship Yes radio button. Note: Make sure that you have created the trusted relationship before as outlined in the Defining Trust between the SCL Host and your SAP Systems for Type 3 connections section. 13. Click Save.
Checkpoint: Click Connection Test. The connect test should pass. If the user ID with which you are logged on to SCL and your user ID for the SAP system is the same, and they have the object S_RFCAC assigned to it on the SAP system, click Remote Logon. You should not get any error messages in the status. (If any problem persists, check Note 128447 Trusted/trusting systems for troubleshooting tips.)
The Display Profile Default Version 000XXX page is displayed. 6. Check that the value of the login/accept_sso2_ticket parameter is 1 and the value of the login/create_sso2_ticket parameter is 2. If these are not the values displayed in the table, edit them. To change the value of the parameters: a. Click Edit. b. Find the desired parameter. c. In the Parameter value column, change the value. 7. Go back to the Edit Profiles page and click Save.
8. Open transaction SSO2 to run the SSO2 administration wizard. The Logon Ticket Administration for Single Sign-On(SSO) page is displayed.
51
2. Installing Duet Enterprise 2.8 Specifying SCL Configuration Settings to SAP Systems
Note: If SSO2 does not work use STRUSTSSO2 to import the certificates from SCL server, you must import them manually. For further details, refer to http://help.sap.com/saphelp_nw70ehp2/helpdata/en/78/f1a8490e7011d6999500508b6b8a9 3/frameset.htm. 9. Enter the type 3 RFC destination created above or the <host name> and <system number> for the SCL system in the appropriate fields. For example, SCLCNT100. 10. Click Execute. The Logon page is displayed. 11. Enter your password. The SSO2 administration report for the designated SAP system is displayed. 12. Select Edit > Activate to configure the SAP system. Note: This trust is required for connections used by Starter Services. Note: If SSO2 does not work use STRUSTSSO2 to import the certificates from SCL server, you must import them manually. For further details, refer to http://help.sap.com/saphelp_nw70ehp2/helpdata/en/78/f1a8490e7011d6999500508b6b8a9 3/frameset.htm. Checkpoint: Repeat steps #2 to #5 and make sure that the first three traffic lights under the Profile Parameters login/create_sso_ticket =2 section are green.
Configuring the SCL Host to Accept Assertion Tickets from SAP Systems
You must configure your SCL host to accept SAP assertion tickets from the SAP system for message-based Web service communication. To configure the SCL host to accept SAP assertion tickets: 1. From the SCL, open transaction RZ10. The Edit Profiles page is displayed. 2. In the Profile field, press F4. 3. Select DEFAULT and press the checkmark. 4. In the Edit Profile section, select the Extended Maintenance radio button. 5. Click Display.
The Display Profile Default Version 000XXX page is displayed. 6. Check that the value of the login/accept_sso2_ticket parameter is 1 and the value of the login/create_sso2_ticket parameter is 2. If these are not the values displayed in the table, edit them. To change the value of the parameters: a. Click Edit. b. Find the desired parameter. c. In the Parameter value column, change the value. 7. Go back to the Edit Profiles page and click Save.
8. On the SCL, open transaction SSO2 and to the SSO2 administration wizard.
52
2. Installing Duet Enterprise 2.9 Create Type G RFC Destination to the SCL
The Logon Ticket Administration for Single Sign-On(SSO) appears. Note: If SSO2 does not work use STRUSTSSO2 to import the certificates from SAP System manually. 9. Enter the type 3 RFC destination or the <host name> and <system number> for the SCL host in the appropriate fields. For example, BKDCNT200. 10. Click Execute. Note: You might be asked to provide a user name and password. The SSO administration report for the designated SAP system is displayed. 11. Select Edit > Activate to configure the SAP system. Note: If SSO2 does not work use STRUSTSSO2 to import the certificates from SCL server, you must import them manually. For further details, refer to http://help.sap.com/saphelp_nw70ehp2/helpdata/en/78/f1a8490e7011d6999500508b6b8a9 3/frameset.htm. Note: To import the certificate from the SAP System to the SCL, you need to export the PSE certificate from SAP System first. Checkpoint: Repeat steps #2 to #5 and make sure that the first three traffic lights under the Profile Parameters login/create_sso_ticket =2 section are green.
5. Click
The Import Certificate page is displayed. 6. Enter the SCL SSL server certificate that you created in the Configuring the Use of SSL between the SCL Host and SharePoint section. Note: The imported certificate must be in .CER format. 7. Click the 9. Click checkmark. Save. 8. Click Add to Certificate List. Note: This destination will be used by logical ports in Workflow and Reporting to connect to the SCL.
53
2. Installing Duet Enterprise 2.9 Create Type G RFC Destination to the SCL
1. On the SAP system, open transaction SM59. The Configuration of RFC Connections page is displayed. 2. Click Create. 3. Enter the following:
Value to enter Enter an RFC destination name in the following format: <SystemID>CLNT<Client>-HTTP. For example, SCLCNT100-HTTP. G Enter a description. For example, HTTP Destination to SCL Server.
Explanation Enter the (message) server name of the SCL. For example, vmw3425.wdf.sap.corp. Enter the SCL HTTP(s) Port number. For example, 8000. Note: For HTTPS, enter the SSL port.
7. In the Logon Procedure section, select the Basic Authentication radio button. A dialog box asking if you want to change the HTTP logon procedure is displayed. 8. Click Yes. 9. Select the Send SAP Logon Ticket checkbox. a. In the Status of Secure Protocol section, select the SSL Active radio button. b. From the SSL Client Certificate drop-down list, select the entry to which you imported the SSL certificates. For example, ANONYM SSL Client (Anonymous). Checkpoint: Perform a connection test. The test without the Path Prefix should result in Return code 404. Note: If you want to perform a connection test, enter a Path prefix (for example, /sap/public/info) and perform the test. The result should be 200. After the test make sure to remove the prefix again. Note: If you get an ICM SSL error, make sure that you have imported the SCL SSL certificate in the correct Cert List and have restarted the ICM via transaction SMICM: Administration > ICM > Exit Soft > Global.
54
4. Select Connection Settings > SCL to Consumer > Configure Notification Mails . The SAPconnect: Administration (system status) page is displayed. 6. Click the INT node and then click The SAPconnect: Select Node Type page is displayed. 7. Select the SMTP radio button and click the 8. A wizard for creating nodes is displayed. 9. In the Node field, enter the desired nodes name. 10. In the Description field, enter the nodes description. 11. Click Continue. 12. In the Mail-Host field, enter the address of the server containing the e-mail addresses of the SharePoint users. 13. In the Mail-Port field, enter the SMTP port to connect to this server and click Continue. 14. Select the Internet radio button and click Continue. 15. In the Address area text box, enter the domain of the users' e-mail addresses. Enter "*" for the user names (for example, *@sap.com). Click Continue. 16. Accept the default options and click Continue until the wizard is completed. When the wizard is completed the SAPconnect: Administration (system status) page is displayed. 17. Click Job.
The SAP connect: Active and Scheduled Send Jobs page is displayed. 18. Click Create and select the Schedule for INT option. 19. Click Continue. The Send Job: Select Variant page is displayed. 20. Click Continue to precede with the default options. 21. Specify the interval that defines how often queued notification mails must be sent from the SCL to the consumer. 22. Click Save.
55
To complete this step, you will require input from the SharePoint administrator. Open the Duet Enterprise Worksheet located at http://go.microsoft.com/fwlink/?LinkId=207604 Requirements Make sure that you have installed and configured the consumer server applications. To setup role synchronization: 1. On the SCL, open the Service Consumption Layer Administration IMG. 2. Click the 4. Click the Display icon. Execute icon.
5. In the Role field, click New Entries and enter the name of the desired role. 6. In the Consumer Type field, enter SHAREPOINT_INT. For example, specify the role, Z_STARTERSERVICES and the name of the consumer server in which it is used. 7. Repeat steps 5 and 6 for all the roles you need to synchronize to SharePoint. 8. Click Save. 9. Open the Service Consumption Layer Administration IMG. 10. Click the Display icon.
11. Select Consumer Settings > Synchronize Roles to Consumers. The Synchronize Roles to Consumer Job page is displayed. 12. In the Consumer Type field, press F4 and select SHAREPOINT_INT. 13. Press F4 to select the role to synchronize, and click Execute and Save. Important: Also, configure role synchronization in the consumer server.
56
3. Select General Settings > Activate or Deactivate Consumers. The Change View Consumer Activation Overview page is displayed. 5. Click New Entries. 6. In the Identifier field, enter SHAREPOINT_INT. 7. Select the Active checkbox. 8. Click Save.
3. Select General Settings > Activate or Deactivate SCL. A message is displayed. 5. Click Activate. A message about the status is displayed.
57
The Prompt for Customizing Request page is displayed. 5. In the Request field, press F4. 6. Select a customizing request and click the checkmark.
The Enter Variable Field Values table is displayed. 7. Fill in the fields in the table according to the following:
Description This is the system alias to your SAP system for all the Workflow . The naming convention for this is <SID>_<CLIENT> In this Business Object Group, the Business Objects for Reporting are grouped. You can specify any name.
Example BKD_200
SPI_WORKFLOW
58
This is the RFC destination to the SAP system on which the Workflow will be executed. Select the RFC destination to your SAP system using the F4 help. This role specifies which roles should be synchronized with the SharePoint server.
BKD_200
SPI_WORKFLOW
8. Click Copy Values. The Activation Options page is displayed. 9. In the Select Activation Mode section, select the Expert Mode radio button. 10. Click the checkmark.
The /IWTNG/BC_WORKFLOW BC set is activated. Note: A Warning message might be displayed concerning tables without data. This message can be ignored. Once the BC Set is successfully activated, you must do the following: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Administration IMG. 3. Click the 5. Click the Display icon. Execute icon.
4. Select General Settings > Manage Business Object Groups. The Display View Manage Business Object Groups: Overview page is displayed. 6. Clear the Active checkbox for the IW_WF Business Group. 7. Click Save
59
5. Click the
Execute icon.
The Change View Context Data Registration Table: Overview page is displayed. 6. Assign new context data. a. Click New Entries. b. In the Consumer Type field, press F4 and select SHAREPOINT_INT. c. In the Task Name field, enter the Workflow task name (GPW Bound Item Type) as defined in the in the SAP system. This value is case-sensitive. To obtain the GPW Bound Item Type: i. In the SAP system, open transaction SIMGH. ii. Select the Duet Implementation Guide IMG. iii. Click Display. iv. Select Open Workflow Pattern Customization > Workflow Pattern Customization. Execute.
The Change View Applications: Overview page is displayed. the Applications list, select the application where the Workflow was configured. the Dialog Structure, double-click on Workflow-ID. the Workflow ID list, select the relevant Workflow (can be inbound or outbound). Dialog Structure, double click on Tasks.
v. From the Tasks section, write down the GPW Bound Item Type. d. In the Property Name field, enter the property name as defined in the custom Handler SharePoint BizDoc and SAP system workflow customization. This value is case-sensitive. e. In the External Field Name field, enter the relevant number. Enter the next integer value for each new table entry starting with 1. 7. Click Save.
60
10. Write down the URL displayed in the Calculated Access URL field. Note: If you used the Create Endpoints for Duet Enterprise Services, then the path should be /sap/bc/srt/pm/iwcnt/actionitemvi_document/001/duet_enterprise_assertion/1/binding_t_ht tps_a_http__-iwcnt_-actionitemvi_document_duet_enterprise_assertion where 001 is the client of the SCL system. 11. Repeat these steps and search for RMWrapperVi_Document in Step #4. The result should look like /sap/bc/srt/pm/iwcnt/rmwrappervi_document/900/duet_enterprise_assertion/1/binding_t_ht tps_a_http__-iwcnt_-rmwrappervi_document_duet_enterprise_assertion
13. Repeat this procedure to create a logical port for Proxy Class /OSP/CO_RMWRAPPER_VI_DOCUMENT using the end-point retrieved before for RMWrapperVi_Document as the Path Suffix in Step #8
61
4. Select Workflow Pattern Customization, and click the Workflow Filter Settings. 5. Under Dialog Structure, double-click Business Scenario. 6. Select OSP and double-click Filter Basic Data. 7. Select OSP_DELTA and double-click Filter settings. The list of settings for the selected filter type is displayed.
8. For the TASK parameter, enter the workflow task ID to be captured within Duet. To add more entries, click New Entries and enter the parameters. 9. Double-click Filter Basic Data. 10. Select OSP_FULL and double-click Filter settings. 11. For the TASK parameter, enter the workflow task ID to be captured within Duet.
62
5. Double-click Roles to see the list of user roles configured for Duet. 6. Double-click Applications and select the business application for which the workflows are defined. 7. Double-click Workflow-ID. The list of configured workflows is displayed. 8. Select the desired Workflow and double-click Custom Handlers. 9. Click New Entries, and enter the following parameters to define a new workflow.
Field
Application ID Workflow ID
Description
Displays the application ID for which the workflows are defined. Specifies the workflow ID. Note: There is a one-to-one mapping between the application ID and the workflow ID.
Select the custom handler flag, whether inbound calls or outbound. Select inbound if you want to define services where data from the Outlook client is updated in the SAP system (for example, creating a leave request in Outlook and updating it in the SAP system). Select outbound if you want to define services where data from the SAP system is sent to the Outlook client (for example, sending a notification mail to the approver about an employees leave request).
For more than one APIs called for the workflow, specify the sequence of the API to be called. Enter S_OSP_WF_PAT_DEFAULT_CH_IB for Inbound or S_OSP_WF_PAT_DEFAULT_CH_OB for Outbound.
Note: The pre-delivered default workflow pattern implementations for Custom Handler are: Inbound: S_OSP_WF_PAT_DEFAULT_CH_IB Outbound: S_OSP_WF_PAT_DEFAULT_CH_OB 10. Double-click Tasks. The list of sub-workflows for a workflow is displayed. 11. Click New Entries.
63
12. Enter the following parameters to define a new sub-workflow. Field Application ID Workflow ID Sub-Workflow ID Description Select the application for which the workflow is defined. For example, CRM. Select the workflow from the template for which the task is defined. For example, WS80000002. Enter the name for a nested workflow which is part of a Workflow. (If there are no sub-workflows, enter the main workflow ID.) For example, WS80000002. Enter the step ID from the workflow template. This is called a step or node ID which uniquely identifies the step in a Workflow. For example, 183. Groupware Object Type Recipient Role Type Sub-Workflow Type Select the consumer object (task or mail) to be created for the corresponding task. The consumer object can be sent to people with different roles. This field is a placeholder for storing bound-item details for various roles. For example, Approver. Specifies the type of Sub-workflow associated with a workflow. For example, 0 Standard Workflow.
Workflow Step
Workflow Task ID
Task Agents Role Type
4. Select Workflow Pattern Customization and click the 5. Double-click Action. The list of actions for the user role is displayed.
64
6. Click New Entries, and enter the following parameters to define a new action: Field In-Status Code New-Status Code Role Type Action Object Typ Object ID Active Description Select the initial status of the item before the workflow action is done. Select the status of the item after the workflow action is done. Select the user role for which the action is defined. Select the action for the object. Select the object for which the Action column is defined. Select whether the object type is bound, a notification or an error. Select Active for all objects of type Task .
65
The ABAP: Variants Initial Screen page is displayed. 5. In the Variant field, enter the name of the variant. For example, DuetE1. 6. Click Create. 7. The Maintain Variant: Report page is displayed. 8. In the Scenario field, enter OSP. 9. In the Filter field, enter OSP_DELTA. 10. Click Attributes. The Variant Attributes page is displayed. 11. In the Description field, enter the variants description. 12. Click Save.
The Maintain Variant: Report page is displayed. 13. Click Save to save the value of the variants.
To schedule background jobs: 1. On to the SAP system, open transaction SM36. The Define Background Job page is displayed. 2. Click Job Wizard to create a new job. 3. In the wizards opening page, click Continue. 4. In the Job Name field enter a name and click Continue. 5. Select the ABAP program step radio button and click Continue. 6. In the ABAP Program Name field enter the report name and click Continue.
66
7. Leave the Add additional steps (optional) checkbox empty, and click Continue. 8. Select the Immediately radio button and click Continue. 9. In the Periodic jobs section, select the Period checkbox and click Continue. 10. Select None of the above and click Other periods. 11. In the Minute(s) field, enter 15. 12. Click Create. 13. Click Continue. 14. Click Complete. To update background jobs: As mentioned above, system timepoints for Duet must be in the format TP_BROADCASTING_<ID>. The transaction for updating a job is /nSM37. For help on updating a job, refer to the topic Background Job Monitoring Monitor on the SAP Library at http://help.sap.com/saphelp_nw70ehp1/helpdata/en/1d/ab3207b610e3408fff44d6b1de15e6/fra meset.htm and to the topic Managing Jobs from the Job Overview on the SAP Library at http://help.sap.com/saphelp_wp/helpdata/en/c4/3a8009505211d189550000e829fbbd/frameset .htm
The Manual selection of authorizations page is displayed. 7. Enter the authorization object in the Authorization Object field and press Enter. The authorization object is inserted. 8. Click on the Authorization object fields.
67
The Field Values page is displayed. 9. Enter the interval and click Save. Save.
4. Select Connection Settings > SCL to SAP System > Manage SAP System Aliases.
The Change View: Manage SAP System Aliases Overview page is displayed. 6. Click New Entries. 7. Enter the following details for the system alias: SAP System Alias: Name of the system alias. For Workflow this name must be created using the following format: <SID>_<CLIENT>, for example BKD_200. Description: Descriptive text for the system alias. For example, System alias for Workflow Local SCL: Leave unchecked. RFC Destination: Specify the RFC destination defined for your SAP system. For example, BKDCNT200 Software Version: Specify the version Default, which is required by Workflow. 8. Click Save.
We recommend that you check the system alias configurations using Check SAP System Aliases.
68
4. Select General Settings > Manage Business Object Groups. The Change View Manage SCL Business Object Groups:Overview page is displayed. 6. From the Manage SCL Business Object Groups table, select IW_WF. 7. In the Dialog Structure section, double click Assign SAP System Aliases. 8. Click New Entries. 9. In the SAP System Aliases column, press F4. 10. Select the system alias that points to the SAP system on which the Workflow will be executed, for example, BKD_200. 11. In the User Role column, enter a role which contains users who should use Workflow in the system of the SAP System Alias, for example, Z_WORKFLOW. 12. Click Save.
13. Double-click Manage SAP System Aliases and make sure that the Active checkbox is selected for the SCL Business Object group you have created for Workflow.
4. Select Connection Settings > SCL to SAP System > Check SAP System Aliases. A status report of the listed checked items is displayed.
69
4. Select Outbound Flow > Events > Event Handler Registration. The Change View Handler and event type combination: Overview page is displayed. 6. Select the /IWFND/CL_EVT_MESSAGE_U_NOTIF Event Type with the /IWCNT/WF_WI Handler ID. 7. Select the /IWFND/CL_EVT_MESSAGE_C_NOTIF Event Type with the /IWCNT/WF_WI Handler ID. Note: If these configurations do not exist, you must create them manually. To create a configuration manually: a. On the SCL, open transaction SIMGH. b. Select the Service Consumption Layer Development IMG. c. Click the e. Click the f. Display icon. Execute icon. d. Select Outbound Flow > Events > Event Handler Registration. The Change View Handler and event type combination: Overview page is displayed. Click New Entries. g. In the Event Type field, enter the missing Event Type, for example /IWFND/CL_EVT_MESSAGE_C_NOTIF. h. In the Handler ID field, enter the missing Handler ID, for example /IWCNT/WF_WI. i. j. l. Click Save. Select the newly created line in the Handler and event type combination table. Click New Entries. Save.
k. Under Dialog Structure, double-click Assignment to objects. m. In the SCL Business Object table, enter IW_WF_TASK. n. Click
70
4. Select Outbound Flow > Content Publisher > Consumer Adapter Classes. The Content Publisher Consumer Adapter Class table is displayed. 6. Check that the following configuration appears in the table: Consumer Type: SHAREPOINT_INT Content Publisher Operation Type: /SEH/SEND_WFTASK SCL Business Object: IW_WF_TASK Class Interface: /IWTNG/CL_CP_TANGO_WI_TASK_A Note: If this configuration does not exist, you must create it manually.
4. Select Connection Settings > SCL to Consumer > Configure Service Endpoint. 5. Click the Execute icon.
The SOA Management tool is displayed. 6. Select the Service Administration tab. 7. Click the Single Service Configuration link. The Web Service Administration page is displayed. 8. From the Search by drop-down list, select Consumer Proxy. 9. In the Search Pattern field, enter /IWTNG/CO_TASKFLOW_WEB_SERVICE. 10. From the Field drop-down list, select Both Names.
71
11. Click Go. 12. Select the TaskflowWebServiceSoap Web service and click Apply Selection. The Details table is displayed below. 13. Select the Configurations tab. 14. Click Create Logical Port. 15. In the page displayed, fill in the Logical Port settings. a. In the Logical Port Name field, enter LogicalPortForWorkflow. b. Select the Logical Port is Default checkbox. c. Enter the description. d. From the Configuration Type radio buttons, select WSDL Based Configuration. e. From the WSDL Base radio buttons, select Via HTTP Access. f. In the URL for WSDL Access User field, enter the WSDL URL found in the Duet Enterprise Worksheet, on the URL to OBAWorkflowService for Workflow row (for example, https://<hostname>:<portnumber>/_vti_bin/OBAWorkflowService.asmx?wsdl).
g. In the WSDL Access User field, enter the SAP workflows service account username found in table 3 of the Worksheet. h. In the WSDL Access Password field, enter the SAP workflows service account password found in table 3 of the Worksheet. i. j. Click Apply Settings to save the logical port. The list of configuration subjects is displayed. Click Apply Settings. 16. Click Save. The Logical Port is created. To update the RFC destination with the login details: 1. In the details view of the proxy, go to the Configurations tab. 2. Select the logical port you have created and click The details of the logical port are displayed. 3. Go to the Additional Information tab. and note down the value displayed in the HTTP Destination field. This is the name of the RFC destination. 4. Open transaction sm59. 5. Search for the HTTP destination obtained before in the Additional Information tab and click Go. 6. Go to the Logon and Security tab and select the Basic Authentication radio button. 7. Enter the SharePoint user in charge of sending data from the SCL to SharePoint. The user name appears in the Duet Enterprise Worksheet, table 3, SAP workflows service account and password row . 8. Save and perform a connection test. Display.
72
To perform Routing - Maintain Logical ports for Proxy: 1. On the SCL, open transaction SIMGH. 2. Select the Microsoft SharePoint Integration Activities IMG. 3. Click the Display icon.
4. Select Routing - Maintain Logical Ports for Proxy. 5. Click the Execute icon.
The Display View Customizing table for Logical ports routing: Overview page is displayed. 6. For each Logical port that was created in the Create Consumer Proxy section above, insert: Proxy Class name - /IWTNG/CO_TASKFLOW_WEB_SERVICE Logical Port Name - the logical port name from the SOAMANAGER transaction (defined in the Create Consumer Proxy section above, step 15a, for example, LogicalPortForWorkflow). Routing URL the URL directing to the sites logical address within SharePoint.
73
LOCAL_REP
LOCAL
SPI_REPORT
SPI_REPORT_MD
Rep Category for Local Demo Reports Rep Category for Sales&Des Reports RFC to local system
LD SD SCL
74
This RFC destination has to be left empty due to the way this BC set is configured. Via the F4 help select the RFC destination that points to a connected BW system All users in this role will be assigned to the BW reports. You can select the role via the F4 help. All users in this role will be assigned to the local reports. You can select the role via the F4 help (this can be the same as in Role for BW Reports) This role will be synchronized to SharePoint. You should select the role from Role for BW Reports This role will be synchronized to SharePoint. You should select the role from Role for Local Demo Reports BKD_100
SPI_REPORTING_BW
SPI_REPORTING_DEMO
SPI_REPORTING
SPI_REPORTING_2
6. Click Copy Values. The Activation Options page is displayed. 7. In the Select Activation Mode section, select the Expert Mode radio button. 8. Click the checkmark.
The /IWTNG/BC_REPORTING BC set is activated. Note: A Warning message might be displayed concerning tables without data. This message can be ignored. Note: To use the local reports: a. Open transaction SE38. The ABAP Editor: Initial Screen is displayed. b. In the Program field, enter /IWCNT/DEMO_REP_LP_CONFIG. c. Click Execute. This program will configure the required RFC destinations and logical ports. Note: If an error message is displayed while trying to use the local report, go to SAP Note 1458454 and implement the correction instructions described there. Once the BC Set is successfully activated, you must do the following: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Administration IMG. 3. Click the Display icon.
75
4. Select General Settings > Manage Business Object Groups. 5. Click the Execute icon. The Display View Manage Business Object Groups: Overview page is displayed. 6. Clear the Active checkbox for the following Business Groups: IWREPT IWRPMD 7. Click Save
6. Click Insert, and save the setting. 7. Repeat steps 3 to 7 entering /osp/ERPNR in the Object field.
76
8. Close the Start time page to return to the Define Background Job page
The Step List Overview page is displayed. 12. Check that the /OSP/IW_TIMEPOINT_PROCESS program has been added. 13. Click Create. The Create Step 2 page is displayed. 14. If you are using a BW client, in the ABAP program section, enter RSRD_BROADCAST_FOR_TIMEPOINT in the Name field. 15. Click Save.
The Step List Overview page is displayed. 16. Check that the RSRD_BROADCAST_FOR_TIMEPOINT program has been added. Note: The names should be entered in the same order as given above. 17. Click Save.
77
78
10. Create System alias for SAP systems on which the Reports are executed 11. Create a System Alias for the trusted system with Software version ERP on which the Reports will be executed. Note: Since Workflow with Software Version DEFAULT must use the System alias <SID>_<CLIENT>, this naming cannot be used for Reporting if both point to the same SAP system
79
3.2.7 Manage Source Systems, Report Types and Formats on the SCL
Note: If you activated the /IWTNG/BC_REPORTING BC set, these settings should already be available. There is no need to perform this procedure. 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Reporting Administration IMG. 3. Click the 5. Click the Display icon. Execute icon.
4. Select Peripheral Settings > Manage Source Systems, Report Types and Formats. The Delivery Formats page is displayed. 6. Check that the Delivery Formats table is populated with the following types:
80
The Manage Reports and their Properties page is displayed. 5. Click New Entries. 6. In the SAP System Alias field, enter the SAP system alias previously created. 7. In the Report Type field, e.g. AL. 8. Enter the reports specific details. 9. Click Save.
10. In the Dialog Structure section, select Report Parameters and Values. 11. Check the information on the page and save the settings. 12. In the Dialog Structure section, select Report Formats for Report Type. 13. Check the information on the page and save the settings. 14. In the Dialog Structure section, select Report Roles. The Report Roles page is displayed. 15. Click New Entries. 16. Assign the role obtained from the SCL Reporting template to the report. (This is the role to which the users that should be able to see this specific report are assigned.) 17. Click Save.
18. Go back to the Manage Reports and their Properties page. 19. Select the Active checkbox for the report. 20. Click the Check icon to check the reporting configuration.
To manage report categories: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Reporting Administration IMG. 3. Select Report Settings > Manage Categories. 4. Click the Execute icon.
81
5. Click New Entries. 6. In the Category column, enter the desired category name. 7. Click Save.
To manage the context variables: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Reporting Administration IMG. 3. Select Report Settings > Manage Context Variables. 4. Click the Execute icon.
The Change View Manage Context Groups: Overview page is displayed. 5. Click New Entries. 6. In the Manage Context Groups table, enter the context group, the context group description, and the value type in the relevant column. 7. Select the desired row in the Manage Context Groups table and, in the Dialog Structure section, select Manage Context Groups > Manage Context Variables. The Manage Context Variables page is displayed. 8. Click New Entries to add a new variable. 9. In the Manage Context Variables table, enter the context variable, the context variable description, and the control type in the relevant column. 10. Click Edit to change a variable
13. Select a variable and, in the Dialog Structure section, select Manage Context Groups > Manage Context Variables > Enable Context Variables. 14. Click New Entries. 15. In the Enable Context Variables table, enter the SAP System Alias and the Implementation Class Name. 16. Click Save.
To manage system time points: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Reporting Administration IMG. 3. Select Report Settings > Manage System Time Points and Data Change Events. 4. Click the Execute icon.
The Manage System Time Points and Data Change Events page is displayed. 5. Click Edit to change the name of an event.
82
6. Select the Active checkbox to activate scheduling events. 7. Click Refresh. To manage peripheral settings: Note: These settings will be applied to all SCL reports. 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Reporting Administration IMG. 3. Select Peripheral Settings > Define General Settings. 4. Click the Execute icon.
The Define General Settings page is displayed. 5. In the Setting Value field, enter the relevant value, for example, 100. 6. Click Save.
4. Select Outbound Flow > Events > Event Handler Registration. The Handler and event type combination page is displayed. 6. Select the /IWFND/CL_EVT_MESSAGE_NOTIF Event Type and the /IWFND/OB_TEXT Handler ID. Note: If this configuration does not exist, you must create it manually. 7. In the Dialog Structure section, click Assignment to objects. 8. Check that the REPORT_RESULT_SET business object appears in the Assignment to objects list
83
4. Select Outbound Flow > Content Publisher > Consumer Adapter Classes. 5. Click the Execute icon. The Content Publisher Consumer Adapter Class table is displayed. 6. Check that the following configuration appears in the table: Consumer Type: SHAREPOINT_INT Content Publisher Operation Type: /GEH/PUBLISH_DOC Class Interface: /IWTNG/CL_CP_TANGO_PUBL_DOC_A Note: If this configuration does not exist, you must create it manually.
4. Select Connection Settings > SCL to Consumer > Configure Service Endpoint. The SOA Management tool is displayed. 6. Select the Service Administration tab. 7. Click the Single Service Configuration link. The Web Service Administration page is displayed. 8. From the Search by drop-down list, select Consumer Proxy. 9. In the Search Pattern field, enter /IWTNG/CO_OBAFILE_RECEIVER_SOA. 10. From the Field drop-down list, select Both Names. 11. Click Go. 12. Select the OBAFileReceiverSoap Web service and click Apply Selection. The Details table is displayed below. 13. Select the Configurations tab. 14. Click Create Logical Port. 15. In the page displayed, fill in the Logical Port settings. a. In the Logical Port Name field, enter LogicalPortforReporting. b. Select the Logical Port is Default checkbox. c. Enter the description. d. From the Configuration Type radio buttons, select WSDL Based Configuration. e. From the WSDL Base radio buttons, select Via HTTP Access.
84
f.
In the URL for WSDL Access User field, enter the WSDL URL found in the Duet Enterprise Worksheet, in the URL to Official file for reporting row (for example, https://<hostname>:<portnumber>/_vti_bin/OBAFileReceiver.asmx?WSDL).
g. In the WSDL Access User field, enter the WSDL access username. h. In the WSDL Access Password field, enter the WSDL password. i. j. Click Apply Settings to save the logical port. Click Apply Settings.
16. Click Save. The Logical Port is created. To update the RFC destination with the login details: 1. In the details view of the proxy, go to the Configurations tab. 2. Select the logical port you have created and click Display. The details of the logical port are displayed. 3. Go to the Additional Information tab. and note down the value displayed in the HTTP Destination field. This is the name of the RFC destination. 4. Open transaction sm59. 5. Search for the HTTP destination obtained before in the Additional Information tab and click Go. 6. Go to the Logon and Security tab and select the Basic Authentication radio button. 7. Enter the SharePoint user in charge of sending data from the SCL to SharePoint. The user name appears in the Duet Enterprise Worksheet, table 1, row 5 8. Click Save and perform a connection test.
To perform Routing - Maintain Logical ports for Proxy: 1. On the SCL, open transaction SIMGH. 2. Select the Microsoft SharePoint Integration Activities IMG. 3. Click the Display icon.
4. Select Routing - Maintain Logical Ports for Proxy. 5. Click the Execute icon.
The Display View Customizing table for Logical ports routing: Overview page is displayed. 6. For each Logical port that was created in the Create Consumer Proxy section above, insert: Proxy Class name - /IWTNG/CO_OBAFILE_RECEIVER_SOA Logical Port Name - the logical port name from the SOAMANAGER transaction (defined in the 3.2.11 Create Consumer Proxy section above, step 15a, for example, LogicalPortforReporting). Routing URL the URL directing to the sites logical address within SharePoint.
85
SPI_SERV SPI_CODELIST
SPI_EMPLOYEE
SPI_SERVICE_MD
SPI_SERVICE_SD
86
Using the F4 help, select the RFC destination that points to the SAP system used by Starter Services. All users in this role are assigned to CodeList. You can select the role using the F4 help, or you can leave it blank to allow access for all users. All users in this role will be assigned to SPI_EMPLOYEE. You can select the role using the F4 help, or you can leave it blank to allow access for all users. All users in this role are assigned to Multi Destination. You can select the role using the F4 help, or leave it blank to allow access for all users. All users in this role are assigned to Single Destination. You can select the role using the F4 help, or leave it blank to allow access for all users. The BC set creates a Business Object Group for Doc Helpers. You can leave the name SPI_DOC_HELPERS for SharePoint Integration documentation helpers. This role is synchronized to SharePoint. Select the role from Role for Object Group for Employee This role is synchronized to SharePoint. Select the role from Object Group for Multi Destination. This role is synchronized to SharePoint. Select the role from Object Group for Single Destination. This field can be left empty.
BKD_100
SPI_EMPLOYEE
SPI_SERVICES_MD
SPI_SERVICES_SD
SPI_DOC_HELPERS
SPI_EMPLOYEE
SPI_SERVICES_MD
SPI_SERVICES_SD
87
To connect Starter Services to the SAP system, you must specify/have already specified a provider system in the SOA Manager (see the Create a System Connection section). Add the name of the provider system here.
PS_BKD_100
6. Click Copy Values. The Activation Options page is displayed. 7. In the Select Activation Mode section, select the Expert Mode radio button. 8. Click the checkmark.
The /IWTNG/BC_SAMPLE_SERVICES BC set is activated. Note: A Warning message might be displayed concerning tables without data. This message can be ignored. Once the BC Set is successfully activated, you must do the following: 9. On the SCL, open transaction SIMGH. 10. Select the Service Consumption Layer Administration IMG. 11. Click the 13. Click the Display icon. Execute icon.
12. Select General Settings > Manage Business Object Groups. The Display View Manage Business Object Groups: Overview page is displayed. 14. If any of the following Business Groups is active, clear the Active checkbox: IWCOD IWDOC IWCUST IWINH IWINI IWINP IWQUH IWQUI IWQUP IW_BOM IW_MAT IWEMP 15. Click Save
88
89
f.
External Name
CustomerERPByIDQueryResponse_In CustomerERPBasicDataByIDQueryResponse_In_V2 CustomerERPRelationshipContactPersonByIDAndCo ntactPersonInternalIDQueryResponse_In CustomerERPBasicDataUpdateRequestConfirmation _In CustomerERPRelationshipContactPersonCancelReq uestConfirmation_In CustomerERPRelationshipContactPersonCreateReq uestConfirmation_In CustomerERPByIDQueryResponse_In CustomerERPRelationshipContactPersonUpdateReq uestConfirmation_In_V1 MaterialBasicDataByIDQueryResponse_In ProductionBillOfMaterialVariantItemByVariantI dentifyingElementsQueryResponse_In ProductionBillOfMaterialVariantBasicDataByMat erialAndPlantQueryResponse_In
Internal Name
ECC_CUSTOMERIDQR ECC_CUSTBASICDATABYIDQR_V2 ECC_CUSTOMCONTACTPERSONQR
ECC_CUSTOMERBASICDATAUPDRC
ECC_CUSTOMERCONTACTPERSONCNCRC
ECC_CUSTOMERCONTACTPERSONCRTRC
ECC_CUSTOMERIDQR ECC_CUSTRELCNTPERSONUPDRC1
ECC_MATERIALBASICDATABYID000QR ECC_PRODBILLOFMATERIAL001QR
ECC_PRODBILLOFMATERIALVBDQR
QueryCodeList
15. Select the all the services and click Assign.
QUERYCODELIST
16. In the Profiles section, search for the profile previously created and click Assign to Service. 17. Check that the profiles are displayed in the Provider Details table. 18. After all services have been assigned, select the configuration scenario and click Activate. Note: Depending on the ERP release you are using, you might not be prompted to activate the services. If you are not prompted, go back to the Application and Scenario Communication tab and click Activation Requests Management. Click Start Activation.
90
4. Select Connection Settings > SCL to SAP System > Manage Web Service Communications. 5. Click the Execute icon. The SOA Management page is displayed. 6. Click the Profile management link. The Profile Management page is displayed. 7. Click Import.
91
8. In the dialog box provided browse for the profile you exported from the SAP system and click Import. The Profile Management Wizard is displayed. 9. Keep the profile name displayed and click Next. 10. Keep the selected checkboxes 11. Click Finish. A dialog box asking if you want to activate the profile immediately is displayed. 12. Click Yes.
92
16. Leave the encryption certificate empty. 17. Click Finish. 18. In the System Connections page, click Activate. 19. Click Test Connection and check that the connection to the WSIL was successful.
93
a. Click Add. The Search page is displayed b. In the Search by field, select ServiceGroup. c. In the Search Pattern field, enter an asterisk. d. In the Field field, select Both Names. e. Click GO. f. Select the following groups: IW_BPC_CustomerContact_SG IW_CodeList_SG IW_PRD_MaterialBOM_SG g. Click Add to Worklist. h. Select a service group and click Assign Business Application. i. j. Select the previously created provider system and click Assign To Service Group. Repeat steps h and i for each of the service groups on the list.
Note: you can also select all Service groups and assign the same Provider System in one go 8. Click Finish. A dialog box asking if you want to activate the profile immediately is displayed. 9. Click Yes. 10. On the SOA management tool, select the Service Administration tab. 11. Select the SOA Configuration Request Queue Management link. The SOA Configuration Request Queue Management page is displayed. 12. Click Start request queue processing. 13. Wait until all services are created.
Note: If you activated the /IWTNG/BC_ SAMPLE_SERVICES BC set, these settings should already be available. There is no need to perform this procedure. Make sure that IW_MAT, IW_BOM, IWF_SAMPLE_USR,
IWEMP, IWDOC and IWCOD are not activated. To manage SAP system aliases: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Administration IMG. 3. Click the 5. Click the Display icon. Execute icon.
4. Select Connection Settings > SCL to SAP System > Manage SAP System Aliases.
The Change View: SAP System Aliases Overview page is displayed. 6. Click New Entries.
94
7. Enter the following details for the system alias: SAP System Alias: Name of the sap system alias. Description: Descriptive text for the system alias., for example, Alias for Starter Services Local IWF: Select to indicate that the system alias points to a local SCL instance. RFC Destination: Specify the RFC destination defined for your SAP system. For example, BKDCNT001<SYSTEM_NUMBER_TO_SCL_HOSTNAME> WS Provider System: Enter the Provider System you created in the 3.3.6 Create a System Connection procedure above. Software Version: Specify the version of the SAP system. SAP provides the software version. For Starter Services this probably is ECC_604 8. Click Save.
We recommend that you check the system alias configurations using Check SAP System Aliases.
3.3.10 Add the System Alias and Roles to all Starter Services Relevant Object Groups
Note: If you activated the /IWTNG/BC_ SAMPLE_SERVICES BC set, these settings should already be available. There is no need to perform this procedure. By assigning roles and system aliases to business object groups Duet Enterprise routes user requests to certain SAP systems. If user A in group GROUP_A should see Starter Services data from System with Alias ALIAS_A and user B in group GROUP_B should see data from the system with System alias ALIAS_B this can be configured here. To add the System Alias and Roles to all Starter Services relevant Object Groups: 1. On the SCL, open transaction SIMGH. 2. Select the Service Consumption Layer Administration IMG. 3. Click the 5. Click the Display icon. Execute icon.
The Manage IW Business Object Groups page is displayed. 6. From the Assign SAP System Aliases table, select the following groups including the Business Objects that are assigned to each: SPI_CODELIST With Business Object: CODELIST SPI_DOC_HELPERS With Business Objects: DOC_STORAGE_CATEGORY DOC_TYPE_STATUS Note: For the above Business Object Groups, no Role Based Assignment should be performed. Only one System Alias should be assigned.
95
SPI_EMPLOYEE With Business Objects: IW_EMP_EMPLOYEE SPI_SERVICE_MD With Business Objects: BILLOFMATERIAL DOCUMENT MATERIAL SPI_SERVICE_SD With Business Objects: CONTACTPERSON CUSTOMER INQUIRY_HEADER INQUIRY_ITEM INQUIRY_PARTNER QUOTATION_HEADER QUOTATION_ITEM QUOTATION_PARTNER 7. From the Dialog Structure section, click Assign SAP System Aliases. 8. Click New Entries. 9. In the SAP System Alias field, press F4 and select the desired system alias. 10. Click Save.
11. Repeat this procedure for all the object groups relevant to Starter Services.
96
The code types and details for the various code lists are given below: Job Function Code Code type: SAPPLSEF_CONTACT_PERSON_FUNCT3 Field Codelist Source IMG Table/Domain Field name Text Table Text Field Name Value IMG Table TPFK PAFKT TPFKT VTEXT
97
Account Title Code type: SAPPLSEF_FORM_OF_ADDRESS_CODE1 Field Codelist Source IMG Table/Domain Field name Text Table Text Field Name Country Code Code type: SAPPLSEF_COUNTRY_CODE Field Codelist Source IMG Table/Domain Field name Text Table Text Field Name Value IMG Table T005 LAND1 T005T LANDX Value IMG Table TSAD3 TITLE TSAD3T TITLE_MEDI
4. Select Code List Settings > Refresh Code List Cache. 5. Click the Execute icon.
The Refresh the cached code list page is displayed. 6. In the Consumer Id field, enter SHAREPOINT_INT. 7. In the Code List Names field, enter ContactPersonFunctionTypeCode. 8. In the Languages field, press F4 and select the desired language. 9. Click Execute. 10. Repeat the procedure for the CountryCode and TitleCode code lists.
98
3. Configuring Duet Enterprise Specific Content 3.6 Configure Document Upload Option
g. Clear the Execute in test mode checkbox. h. Click 3. Assign a System Alias to the business object group. Note: Leave the User Role field empty. 4. Perform customization for Document File Extension to Workstation mapping. a. On the SCL, open transaction SIMGH. b. Select the Service Consumption Layer Services Administration IMG. c. Click the Display icon. d. Select Document Settings > Maintain Workstation Application For File Extensions. e. Click the Execute icon. The Display View Maintain Workstation Application and File Extensions: Overview page is displayed. f. On the SAP system, open transaction SPRO. The Customizing: Execute Project page is displayed. g. Click SAP Reference IMG. The Display IMG page is displayed. h. Select Cross- Application Components > Document Management > General Data > Define Workstation Application.
99
3. Configuring Duet Enterprise Specific Content 3.7 Configuring User Profile Synchronization
i. j.
Click the
Execute icon.
The Change View Define Workstation Application: Overview page is displayed. Check that the values displayed in the Maintain Workstation Application and File Extensions table match the ones in this page.
3.8 Retrieving the URL for the "View Inquiry in SAP System" Link
When working in SharePoint, in the Workspace, a link to the Inquiry in the SAP system is displayed. For this link to work, you require a URL which must be updated by the SharePoint administration in the corresponding model. To retrieve the URL: 1. Open transaction SE80. 2. The Object Navigator is displayed. 3. Under Test Repository, select Web-Dynpro Comp/intf from the drop-down list. 4. In the field below, enter the following component name : LORD_MAINTAIN_COMP. 5. Click Display.
6. In the Object Name section, under LORD_MAINTAIN_COMP, open Web Dynpro Applications. 7. Double click lord_Maintain. 8. Select the Properties tab. 9. In the Administration area, copy the URL displayed and add it to the Duet Enterprise Worksheet in the Sales Document Processing URL row.
100
Cross-Phase Documentation
Use the following guides together with this guide: Service Consumption Layer Implementation Guide The Service Consumption Layer Implementation Guide (IMG) is a tool provided when you install in the SAP system. It contains the steps for customizing settings for Service Consumption Layer, and describes the system configuration activities. Service Consumption Layer Operations Guide The Service Consumption Layer Operations Guide is the starting point for configuration and maintenance tasks in the system landscape in which SCL components run. The guide refers users to the tools and documentation needed to carry out various tasks, such as monitoring, backup and restore, transports, and tests. Service Consumption Layer Developer Guide The Service Consumption Layer Developer Guide provides information to help you to develop and enhance applications and SAP solutions that integrate end user programs with SAP systems to run on the framework. Service Consumption Layer Security Guide The Service Consumption Layer Security Guide provides information about security aspects, including roles, permissions and user management.
101
Appendix 1 Service Consumption Layer Overview Overview of the Service Consumption Layer
GenIL
Reuse services
Interface Layer
Consumer Connectivity
Composition BSO
GSI Implementation
Specific Proxy
Backend Connectivity
102
GSSO
BOP Facade
Appendix 1 Service Consumption Layer Overview Overview of the Service Consumption Layer
Consumer Connectivity
The consumer connectivity layer contains the interfaces that communicate with a consumer server. The consumer server is any application platform that processes commands, requests and data from an integrated desktop application. The consumer server communicates with SCL through Web services. You can customize the consumer connectivity layer to interface with any specific consumer server.
The consumer connectivity layer provides services for cache handling, and device management.
In addition, it supports the communication protocols and tools for generating the interface patterns that query, create and modify the data. The consumer connectivity layer is also referred to as the Consumer Connectivity Layer.
Interface Layer
The SCL connects to the Generic Interaction Layer (GenIL) Model in order to use the internal formats in the model. The consumer connectivity layer uses the interface layer to map information to the internal formats used in SCL.
103
Appendix 1 Service Consumption Layer Overview Overview of the Service Consumption Layer
Backend Connectivity
The backend connectivity layer contains the BOP. The BOP encapsulates single RFC calls or Web service operation calls to the SAP system. All SAP system calls are executed via BOPs; these add common framework logic to SAP system calls for supportability and extensibility. There are two kinds of BOPs: RFC BOPs RFC BOPs contain all data types that are required to call the corresponding remote RFC. The RFC BOP is required as the data types used in the remote RFC signature are not locally available in the system running the SCL. Customers can create Custom RFC BOPs that make enhancements to an existing solution in an SAP system available to SCL. Web service BOPs Web service BOPs wrap the external consumer server Web service proxies created by SPROXY. Enhancements can be done using the Enterprise Service Repository (ESR).
104
Appendix 1 Service Consumption Layer Overview Overview of the Service Consumption Layer
The Generic GenIL service provider uses the Instance Manager to instantiate the respective GSI implementation, and delegates the request to the GSI implementation.
The GSI implementation adapts the request parameter to the SAP system format and delegates the request to the Backend (Outbound) Operation Proxy (BOP). The BOP maps the system alias provided by the Instance Manager to the logical designation and remotely executes the required operations in the SAP system.
The results of the request is adapted and made to conform to formatting rules, which in this example is identical to the GenIL object model. The SAP system then inserts the results into a GenIL data container which is then returned to the consumer connectivity layer. In addition, the SAP system maps the results out of the GenIL data container into a Web service structure and returns the results to the consumer server which in turn returns it to the specific user.
105
SSL certificate file name and location STS certificate file name and location STS Issuer name
\\contoso\UpdatedModels\DuetSSLCert.cer
\\contoso\UpdatedModels\DuetSTSCert.cer
106
Information needed
Example
Value
AD DS Server name
contosoDC Tip:
This must be the NetBIOS name of the computer running the Active Directory Domain Services (AD DS) where the user accounts that are used by SharePoint are stored.
Port number of AD DS AD DS account and password Attribute in AD DS where SAP user name is maintained User Base Domain Name Unzipped model file location
389
BDC service name Report receiver site URL URL to OBAFileReciever for reporting
Secure store ID
107
Information needed
Example
Value
URL to OBAWorkflowService for Workflow SharePoint 2010 Timer service account This is the account name, in the form of domain\username that is assigned to the SharePoint 2010 Timer service. For example, contoso\timersvc. Name of the User Profile Service Application that you will use for Duet Enterprise. contoso\farmadm
SSL Certificate location and file name SAML is configured (Yes/No) User name for WSDL access Password for WSDL access BDC models ZIP file location Pas$word1 d:\UpdatedModels\Models.zip Yes
SharePoint user account for the SAP administrator Role names for synchronization Secure Store credentials
108
This is the account that is used to run setup.exe and DuetConfig.exe, in the form of domain\username. Example, contoso\admin1
The account that runs the application pool for the Web application used for the Duet Enterprise sites. Note:
This must be a managed account.
Users who can access SAP content You can use the nt
authority\authenticated users
account to grant access to all authenticated users or provide the list of Windows users/groups that will be granted access. Report publisher account SAP workflows service account
109