RSMEMORY

Home

Some-cases if want to increase the memory  parameters temporarily to accommodate some memory consuming tasks.

For example, their might be a  scenario when some data intensive BW  loads are running  and your application team want to increase the memory temporarily.
In this case one can use "RSMEMORY" report to define memory allocation strategy.

Via  "RSMEMORY" one can change the memory allocation for dialog or background processing.

In our example we will be increasing Heap memory from approx.  4GB to 6 GB on one of the application server.

Please note that "RSMEMORY" report will make change for only that server  on which  the report is executed.


The following memory classes exist:

SAP roll area, SAP Extended Memory, and private memory. These memory classes are assigned the following values,
which are also displayed in the initial screen of the rsmemory report.

Value	Memory class
0	Roll area
1	Extended Memory (EM)
2	Private memory (heap)

The initial screen of the report looks like this:

The initial screen of the report comprises three parts:

•Quota Dialog:

The allocation strategy for dialog work processes is defined here. You can specify the steps in which each class is allocated memory, and how much memory is allocated.
  No entry in the memory class field corresponds to class 0 (heap memory).
The entry here does not have to match the defined memory parameters. If you enter a value for the heap memory in the 4th step that is different from the abap/heaparea_dia parameter, the value entered here takes precedence.

In this case, 1 MB of roll area is first allocated by a dialog work process, and then 300 MB of extended memory. Following this, 6.5 MB of roll area are allocated again before 200 MB of heap memory (the process then switches to PRIV mode) are allocated.

• Quota Batch/VB/Spool:

As is the case with the quota dialog, the allocation strategy for non-dialog work processes is defined here (see also Allocating Memory for User Contexts (UNIX)).

•  Other parameters: You can change the following memory parameters here for test purposes (these changes only apply until the next server restart):
•  abap/heap_area_dia
•  abap/heap_area_nondia
•  abap/heap_area_total
•  em/stat_log_timeout
•  em/stat_log_size_MBem/global_area_MB

Displaying the Memory Areas:

You can display a list of all the users on the application server, with their respective memory requirements, by choosing Goto → EM/HEAP areas. The used heap memory and extended of the user are displayed first, followed by the EM usage according to internal sessions.
This is followed by a history of users who have used more than the MB limit specified by em/stat_log_size_MB.

The available HEAP and EM memory is displayed at the end of the list.
EG Overview

The buttons EG Overview and EG Dump are used to analyze the Extended Global Memory. This is a part of the extended memory that is available for SAP-internal purposes. The parameter em/global_area_MB sets the size of Extended Global Memory.
Activities

In the initial screen of transaction

se38, enter the report rsmemory and choose Execute or F8.

Trusted and Trusting RFC System connections

Home


Trusted systems can log onto other R/3 Systems without using a password.

This kind of relationship between two R/3 Systems has the following advantages:

1) "Single Sign-On" for multiple systems.

2)  Passwords are not transported over the network.

3) Timeout mechanism for logon data prevents misuse.

4) User-specific logon data for the trusted system is checked.

The calling system must be registered as a trusted system (transaction SMT1) in the target system.

The target system in this context is known as a trusting system.

You can set up several R/3 Systems so that each is declared as a trusted system to the others.

Displaying and Maintaining Trusted Systems

When you create a trust relationship between two systems, the initiative comes from the called system (that is, the server system).
In addition, the users of the calling system that are allowed to call functions remotely using the trust relationship must be known to the called system
(as "trusted users"). Before defining a trusted system, you must maintain an RFC destination for it in the calling system.

The RFC user must have the corresponding authorizations in the current (trusting) system (authorization object S_RFCACL).
You can check the current user's authorization in the current system in advance using the function module AUTHORITY_CHECK_TRUSTED_SYSTEM.
Note:In a trust relationship, the calling system (or client system) plays the role of the trusted system,
while the called (or server) system plays the role of the trusting system.

In the following section, we create a trust relationship between the systems C00 (the client) and S00 (the server) as an example.

The example shows the simple case of a "Single Sign-On" procedure - that is, one where the user for whom you are setting up the trust relationship is present in both systems (C00 and S00), in the client, and with the same user ID (as a dialog user type) - for example HUGO, in client 100.
In the server system (S00), the authorization object, S_RFCACL_DEV, must be available to theuser (HUGO in client 100), with the following settings:

RFC_SYSID : C00
RFC_CLIENT: 100
RFC_USER :
RFC_EQUSER: Yes
RFC_TCODE : *
RFC_INFO : *
ACTVT : 16
You maintain trusted systems as follows:

Log on to the server system (in this example, S00, with the user HUGO in client 100). In transaction SM59, create a destination to the client system (C00), (for example, C00_SYSTEM). Note that the Trusted System option is not active for this destination (Security Options: Trusted System = No). As logon data, enter the user HUGO, client 100, and the correct password.

Note: for each trusted system (client system), you need to create a destination with type 3 (R/3 connection). If you have already created a new destination, carry on reading at the section "Maintaining Destinations for Trusted and Trusting Systems".
Call transaction SMT1 (or call transaction SM59 and choose RFC → Trusted Systems).
Choose Create. Enter the destination of the client system (COO_SYSTEM in this example). After you confirm your entries, an RFC logon to the client system occurs, so that the two systems (C00 and S00) can exchange the information they need.

Note: If there is no logon data entered in the destination (C00_SYSTEM in this example), the RFC logon screen appears for the client system (C00). If so, you must log on manually. You must be logged on to the client system in this step; otherwise, the trust relationship cannot be created. In our example, you log on as the user HUGO in client 100.
If the trust relationship has been created successfully, a trusted entry is displayed for the client system (C00).
To restrict the validity of the logon data, enter a period in the corresponding field. The default (00:00:00) is unlimited validity.
To use the transaction code of the calling program in the target system, select the corresponding option.
Only if you do this does the target system check the user's authorization against the field RFC_TCODE of authorization object S_RFCACL.
The Entry menu allows you to check authorizations for the current server and the trusting system.
Note: If there is no valid logon data stored for the destination, the logon screen of the corresponding system appears. Log onto the system. If the test is unsuccessful, refer to the section "Troubleshooting for Trusted and Trusting Systems".

Important note: When you delete the trusted system relationship the logon screen of the relevant system appears, if no valid logon data is already stored for the destination. You must log on to the system; otherwise the relationship cannot be fully deleted.
Maintaining Destinations for Trusted and Trusting Systems

You can maintain one destination per system from the maintenance transaction for trusted and trusting systems by choosing Maintain destinations.

Destinations for trusting systems are created automatically. These are used in the trusting system transaction (SMT2).

To prevent changes being made to the destinations, choose Destination not modifiable in the Attributes menu.

Use the F1 help to display details about each field.

Note that the destinations must remain consistent. This means that none of the target system ID, system number or destination name may be changed.

Displaying Trusted Systems

In a trusted system, you can display a list of all trusting systems.

When it creates the list of trusting systems, the system both logs on and checks the authorization of the current user and client. This is similar to the check performed in transaction SM51 when you log on to a server using Remote Logon.To log on with a different user ID or client, you must create an appropriate RFC destination with the trusted option for this purpose. The transaction SMT2 logs you on with the current user and client.

In the trusting systems transaction SMT2), choose the name of a trusting system to display the application server of this R/3 System.

The names of the application servers of a trusting system have the suffix _TRUSTED (that is, the form ___TRUSTED).

Double-click the name of an application server. A dialog box appears containing an input field for a transaction code and a field in which you can select whether to execute it in the same session or in a new session.

Troubleshooting for Trusted and Trusting Systems

If you create a trusted system without specifying any logon data (user name and password), you must check the destination by logging onto it using the Remote logon to trusted system function.

Alternatively, you can check the authorizations for the trusted system from the Test menu.

If your logon attempt fails, the following message appears:
"You are not authorized to logon as a trusted system (Error code = <0|1|2|3>)".

The error codes have the following meanings:

0,,Invalid logon data (user and client) for the trusting system
,,Solution: Create the user in the correct client in the target system.

1,,The calling system is not a trusted system, or its security key is invalid.
,,Solution: Create a trusted system

2,,The user has no authorization in the trusted system (object S_RFCACL), or logged on as one ,,of the protected users 'DDIC' or 'SAP*'.
,,Solution: Assign the user the correct authorizations, or use a user other than the protected ,,users 'DDIC' or 'SAP*'.

3,,The timestamp on the logon data is invalid
,,Solution: Check the system time on the client and server hosts and the validity period of the ,,logon data. (Note: the default date 00:00:00 means that the validity is unrestricted.

In the trusting system, you can check whether the correct logon data is stored for the trusted system using the function module AUTHORITY_CHECK_TRUSTED_SYSTEM.

If all of the checks are successful but you still cannot access the trusting system, refresh the corresponding database buffer by choosing Utilities → Mass Changes → Delete All User Buffers in the user administration transaction.

To reveal the causes of the error, activate the trace recording in the destination maintenance transaction (SM59),
reproduce the error, and refer to the information under the error ID CALL_FUNCTION_SINGLE_LOGIN_REJ in the short dump in the target system.

Important note: From Release 4.0B onwards, the profile parameter S_RFCACL is no longer made part of the SAP_ALL authorization profile by default,
for security reasons.

0	No error - successful logon
1	Incorrect logon data (client, user name, password)
2	User account is locked
3	Incorrect logon data; for SAPGUI: connection closed
4	(Successful) Logon using emergency user SAP* (see SAP Note 2383)
5	Error when constructing the user buffer (==> possible follow-on error)
6	User exists only in the central user administration (CUA)
7	Invalid user type
8	User account outside validity period
9	SNC name and specified user/client do not match
10	Logon requires SNC (Secure Network Communication)
11	No ABAP user with this SNC name exists in the system
12	ACL entry for SNC-secured server-server link is missing
13	No suitable SAP account found for the SNC name
14	Ambiguous assignment of SNC names to ABAP users
15	Unencrypted SAP GUI connection refused
16	Unencrypted RFC connection refused
20	Logon using logon/assertion ticket is generally deactivated
21	Syntax error in the received logon/assertion ticket
22	Digital signature check for logon/assertion ticket fails
23	Logon ticket/assertion issuer is not in the ACL table
24	Logon/assertion ticket is no longer valid
25	Assertion ticket receiver is not the addressed recipient
26	Logon/assertion ticket contains no/an empty ABAP user ID
27	Reauthorization check: ticket does not match current user
28	Ticket logon denied by security policy
30	Logon using X.509 certificate is generally deactivated
31	Syntax error in the received X.509 certificate
32	X.509 certificate does not originate from the Internet Transaction Server
34	No suitable ABAP user found for the X.509 certificate
35	Ambiguous assignment of X.509 certificate to ABAP users
36	36 Certificate is older than the date entered as "min. date" (USREXTID)
41	No suitable ABAP user found for the external ID
42	Ambiguous assignment of external ID to ABAP users
50	Password logon was generally deactivated or denied by security policy
51	Initial password has not been used for too long
52	User does not have a password
53	Password lock active (too many failed logons)
54	Productive password has not been used for too long
60	SPNego logon denied by security policy
61	Invalid SPNego token (syntax)
62	NTLM token received instead of SPNego token
63	Missing/incorrect Kerberos keytab entry
64	Invalid SPNego token (time)
65	SPNego replay attack detected
66	SPNego: Error when creating the SNC name
67	SPNego: No suitable SAP account found for the SNC name
68	SPNego: Ambiguous assignment of SNC names to ABAP users
100	Client does not exist
101	Client is currently locked for logons (upgrade running)
110	Tenant was stopped (runlevel STOPPED)
111	Tenant cannot be used generally (runlevel ADMIN)
120	Server does not allow logon
121	No special rights for logon on this server
1001	Password is initial/has expired - interactive change required (RFC/ICF)
1002	Trusted system logon failed (no S_RFCACL authorization)

Home

SAP Learning Topics: (Double click on required topic)

1. HANA Cockpit                                                   
2. SAP License installation at OS level
3. SAP Router Configuration File - SAPRoutertab
4. SAP Router configuration and renew of the SAP router Certificate
5. Router-stopstart 
6. SAP HANA Studio
7. SAP Solution Manager 7.1 installation
8. HANA DB Locks
9. SAP HANA CPU
10. Information about HANA
11. SAP IDES ECC6 Installation - In The Cloud
12. HANA Memory management
13. To display the current size of the used memory in HANA
14. HANA Column/Row store Utlization
15. HANA Questions and answers
16. SAP HANA Export and Import Views
17. How to check SAP HANA table lock
18. How to check SAP HANA Schema Owner
19. HANA : Inactive version error while Object Import
20. Creating SAP HANA user
21. List all privileges granted to user
22. Backup for HANA system
23. HANA log and trace files path
24. How to create HANA DB schema and assign authorization
25. How to check HANA user's last login time and invalid connect attempts made
26. How to list and export all HANA configuration parameters
27. How to use SAP HANA HDBSQL to execute SQL commands at OS level
28. How to reset the HANA SYSTEM User password.
29. HANA BASIS Administrator roles and responsibilities
30. To stop/start HANA Database Services
31. Third Party ETL Tool Certification Program for SAP HANA
32. SAP NetWeaver BW on SAP HANA
33. HANA to Netweaver Gateway - connectivity steps
34. HANA (High performance analytics appliance)
35. SAP
36. XI/PI Error: HTTP 403 Forbidden
37. XI/PI -- Error: HTTP 400- Bad Request- ICM_HTTP_CONNECTION_FAILEDXI/PI
38. XI/PI - HTTP Code 200
39. XI/PI -- Error: HTTP_RESP_STATUS_CODE_NOT_OK 401
40. SSO (Single sighn on)
41. OPS$ Schema user creation
42. SUM TOOLS
43. SINGLE SIGN-ON TO SAP SYSTEMS
44. CREATING USERS AND ASSIGNING ROLES IN CUA AND TESTING
45. ONLINE AND OFFLINE REDOLOG FILES
46. SUM
47. INDEX
48. SAP Tables
49. SAP BASIS Transaction codes
50. Gateway start/stop
51. SAP Email configuration
52. SAP user lock problems
53. Oracle Performance
54. Trusted and Trusting RFC connections
55. RSMEMORY
56. SQL Quickviewer (SQVI) instead of use SE16
57. Program to change mass password in SAP
58. Oracle Startup, Parameter File and Oracle Cache Management: System Global Area (SGA) and Program Global Area (PGA)
59. Idle session time out / Logging off inactive users
60. To unlock the SAP system to perform correction(s) during an upgrade.
61. To initialize the live cache data in APO/SCM
62. Volume Manager
63. What is APO/Live cache ?
64. Oracle tables
65. Solaris Commands
66. TSK files (SWPM)
67. HANA Loads
68. Error 'different nametabs for table while transporting between two Systems that are on different releases or support pack levels.
69. Mismatch of component versions while import TR -STMS
70. System Rename
71. RFC error in STMS with 223
72. SSLERR_PEER_CERT_UNTRUSTED (peer certificate is not trusted)
73. SUM -HTTPS connection issue with SSLERR_PEER_CERT_UNTRUSTED
74. If TMSADM user get locked to unlock automatically
75. SUM-SAP ECC 6.0 EHP Upgrade errors and solutions
76. SAP ECC 6.0 Installation on linux
77. SAP After System Copy/Refresh ST03n if shows source name data in work analysis
78. Brief description of kernel executable files
79. DB2 Parameters
80. Time Zone difference issue between 000 and other clients
81. Shell Script to Check status of SAP whether Up or not
82. Configuration of Bar Code Printing in SAP
83. Export/Import Tables through BRTOOLS
84. Tables to edit
85. How to setup a trusted RFC connection between SAP systems

Router stop/start

Home

                                                                                                           
SAP Router Stop/Start

<Hostname>:usr/sap/saprouter/saprouter -r -R /usr/sap/saprouter/saprouttab
/usr/sap/saprouter> ./saprouter -r -K "p:CN=<hostname>, OU=000013449, OU=SAProuter, O=SAP, C=DE"


<Hostname>:/usr/sap/saprouter>  /usr/sap/saprouter/saprouttab -K “p:CN=<hostname>, OU=0003400660, OU=SAProuter, O=SAP, C=DE”

For starting..
saprouter@<hostname>:/usr/sap/saprouter> nohup ./saprouter -r -K "p:CN=<hostname>, OU=00003246449, OU=SAProuter, O=SAP, C=DE" &

For stopping..
./saprouter –s

Saprouter usful commends

start router : ./saprouter -r
stop router  : ./saprouter -s
soft shutdown: ./saprouter -p
router info  : ./saprouter -l (-L)
new routtab  : ./saprouter -n
toggle trace : ./saprouter -t
cancel route : ./saprouter -c id
dump buffers : ./saprouter -d
flush   "    : ./saprouter -f
hide errInfo : ./saprouter -z

SAP HANA Studio

Home


1.  HANA Studio?

The SAP HANA Studio is both the central development environment and the main administration tool for SAP HANA.


2. Execute individual SQL statements with SAP HANA Studio?

You can execute individual SQL statements (e.g. taken from the SQL statement collection in SAP Note 1969700) using the SQL console of SAP HANA Studio.

It is possible to open multiple SQL consoles and run several SQL statements in parallel.


3. To stop an individual SQL statement started with SAP HANA Studio?

If you have started to execute a SQL statement with SAP HANA Studio and problems arise (e.g. high memory consumption), you can terminate this statement via the "Cancel operation" button in the Progress View (Windows -> Show View -> Progress).


4. How to SQL statements in the SQL editor be formatted automatically?

You can optimize the formatting of SQL statements using the keyboard combination CTRL - SHIFT - O, e.g.:

Original statement:

sqlOriginal.JPG

Formatted statement:

sqlFormatted.JPG


5. SAP HANA Studio delivered with version number 2.x as of SPS 09?

As of SAP HANA SPS 09 SAP HANA Studio is delivered with version number 2.x while the SAP HANA software still has version number 1.x. This change is caused by the intension of SAP to decouple the versions of SAP HANA Studio and the SAP HANA database. It doesn't impact the compatibility, so you can use SAP HANA Studio version 2.x in combination with SAP HANA databases 1.x.


6. How to resolve problems displaying the load graph?

The load graph ("Administration" -> "Performance" -> "Load") is a useful tool to check for historic database figures like CPU consumption, memory consumption or SQL throughput, but there can be situations where it's not working properly or the performance is slow. In this case you can access the underlying information differently (e.g. via DBACOCKPIT or SQL) or adjust the memory limit for SAP HANA Studio. See SAP Note 2222110 ("What can I do if displaying the SAP HANA Studio load graph doesn't work?") for more information.


7. What can we do if other memory-intensive activities in SAP HANA Studio don't work?

If other activities in SAP HANA Studio with a high memory requirement like a large PlanViz evaluation fail, the adjustment of the SAP HANA Studio memory configuration as described in SAP Note 2159510 can help.


8. What can we do if opening the overview tab in the administration console takes a long time?

Opening the overview tab in the administration console often suffers from a high amount of SAP HANA alerts. If it takes many seconds or even minutes to open the overview tab, you can check according to SAP Note 2147247 if the number of alerts in table STATISTICS_ALERTS_BASE is too high and perform a cleanup.

9. Which SAP HANA Studio version should be used for a certain SAP HANA database?

SAP HANA Studio is downward compatible, but not upward compatible. This means that you should always use at least the SAP HANA Studio Revision that was delivered together with the SAP HANA server software in order to perform monitoring and development tasks.

In some cases a SAP HANA Studio version higher than the SAP HANA server version can also result in errors, see e.g. SAP Note 2337716. To be on the save side, you should use identical versions for SAP HANA Studio and SAP HANA whenever possible.

10. How does the SAP HANA Studio version correspond to the SAP HANA Revisions?

The SAP HANA Studio version and the SAP HANA SPS level correspond in the following way:

SAP HANA Studio	SAP HANA
2.0.x	SPS 09
2.1.x	SPS 10
2.2.x	SPS 11
2.3.x	SPS 12

Install SAP license at OS level

Home


1) Sample warning message of license expired

B) Steps to renew the license from SAP marketplace
1) Ensure the installation number for the license renewal:  System -> Status

2) Login to SAP marketplace: Keys & Requests -> License Keys -> Click on the relevant installation
    number

3) Click on the "Change details" icon for system that required license renewal.

4) Click "Continue"

5) Select the Certificate that required renewal and click "Change selected entry".

6) Click "Save"

7) Once the "Valid Until" shown the new date, click "Continue".

8) Enter the email address to receive the certificate and click "Submit".

9) Click "OK".

10) Request is being process ...

11) Wait for the email from SAP containing the new certificate details

12) Sample content of the new certificate.

C) Steps to perform the renewal at OS level

1) Example of insufficient permission to perform license renewal from SAP GUI

2) By using WINSCP or FTP, transfer the certificate received into the "prdadm" folder

3) File transfer successfully.

4) With PUTTY, login to OS level with root permission and perform the steps below:
    With root permission:
    - cd /home/prdadm
    - chmod 777 CERTICATE_FILE (change mode of the file)
    - chown prdadm:sapsys CERTICATE_FILE (change owner for the file)
    - su - prdadm

5) Execute the command highlighted below with prdadm
    With prdadm permission
    - cdpro
    - ls (to get the correct DVEBMGS name)
    - pwd (to get the correct path name)
    - ls (to get the copied certificate filename)
    - saplikey pf=path name + "/" + DVEBMGS name -install certificate filename

6) Once license installed successfully, the warning message no longer appear