SAP Daily System Monitoring

Daily System Monitoring:

               SM51 SAP Servers:

1.       Check Availability of All Servers

2.        Check Process Lists for All Servers for Unusual Processes or Activities (e.g. Extra-long execution times, too many errored processes, too many sequential reports)

               SM66 Global Process Monitor:

1.       Check for over-all system process utilization

2.       Are Batch id's taking up too many DIA processes

3.      Is one user running too many BGD jobs for the same report

4.      Is one server being used heavily compared to others

              SM21 System Logs:

1.       Is there any repetitive errors in the system log

2.       Any unusual repetitive failed login attempts

            ST22 Short Dumps:

1.       Except 'Time-Out' errors, are there any short dumps?

           SMLG Logon Groups:

1.       Check load distribution (Menu: Go to-->Load Distribution)

2.       Are server response times acceptable? (< 2 sec)

3.      Is user distribution even among active servers

          ST03N Workload Analysis:

1.       Check is daily, weekly and monthly totals are being calculated for each server

2.       Check for Avg. Dialog Response Times. Is it below 2 sec

         SM12 Lock Overview:

1.       Check for outdated lock records

2.        Verify that these lock records are not actively being used and delete these lock records if they are obsolete

         SM13 Update Records:

1.       Check if the 'Update System' is active.

2.       If not active, investigate what happened

3.      Activate 'Update System' after fixing the problem

4.      Review update records of past two days and delete if errored or obsolete

        SM37 Background Job log:

1.       Check if they are any critical jobs that were canceled

2.       Identify/Fix the problem

3.      Contact canceled job user for details

4.      Reschedule if needed

       SP01 Spool Request overview:

1.       Check if there unusual number of errors in spool (>100)

2.       Check if there are spool request with more than 200 pages

3.      Should not be a need to delete any as the daily job should handle, unless too many spools are old.

       ST04 Database Activity Monitor:

1.       Check 'Data Buffer' and 'Shared Pool Cache' quality

2.       Investigate and make suggestions to the team to improve quality of these buffers

      DB02 Database Performance:

1.       Check 'Current Sizes' to see if any tablespace is above %90

2.       Add new data file to the tablespace if needed

3.      Check if there is space-critical objects

4.      Check if there are any missing objects in DB or R/3 Data Dictionary

      DB16 Database Check, Overview of message:

1.       Check if there are any messages

2.       Take immediate action to fix the problem

3.      Notify the team if there is any parameter changes or assistance needed for Production Systems

        DB24 Database Operations Logs:

1.       Check if all DB Operations are executed

2.       Check if any of the operations generated any errors

3.      Fix the problem. Notify team if needed

        DB12 Database confirms backup success:

1.       Check to see that the previous backup was successful

2.       If a backup is currently running check its status

3.      If the last backup failed, check the reason correct and resubmit.

        ST06 OS Monitor:

1.       Click on 'Detailed Analysis menu'

2.       Click on 'CPU' in 'Previous Hours' Group

3.      Check if at any past hours is > %80

4.      Notify Team if there is any such case

Basis T-Codes

Administration

AL11      Display SAP Directories

OSS1    Logon to Online Service System

SARA  Archive Management

SCC3  Copy Analysis Log

SCC4 Client Administration

SCC5 Client Delete

SCC7 Client Import Post-Processing

SCC8 Client Export

SCC9 Remote client copy

SCCL Local Client Copy

SICK    Installation Check

SM01 Lock Transactions

SM02 System Messages

SM04 User Overview

SM12 Display and Delete Locks

SM13 Display Update Records

SM14 Update Program Administration

SM21 System Log

SM35 Batch Input Monitoring

SM50 Work Process Overview

SM51 List of SAP Servers

SM56 Number Range Buffer

SM58 Asynchronous RFC Error Log

SM59 RFC Destinations (Display/Maintain)

SM66 System Wide Work Process Overview

SAINT SAP Add-on Installation Tool

SPAM SAP Patch Manager (SPAM)

SPAU Display modified DE objects

SPDD Display modified DDIC objects

ST11   Display Developer Traces

ST22  ABAP/4 Runtime Error Analysis

SU56 Analyze User Buffer

ALERT MONITORING

AL01 SAP Alert Monitor

AL02 Database alert monitor

AL04 Monitor call distribution

AL05 Monitor current workload

AL16 Local Alert Monitor for Operat.Syst.

AL18 Local File System Monitor

RZ20 CCMS Monitoring

CONFIGURATION

 FILE    Cross-Client File Names/Paths

RZ04  Maintain Operation Modes and Instances

RZ10   Maintenance of Profile Parameters

RZ11    Profile parameter maintenance

SE93   Maintain Transaction Codes

SM63 Display/Maintain Operating Mode Sets

SPRO  Customizing: Initial Screen

DATABASE ADMINISTRATION

 DB01 Analyze exclusive lock waits

DB02 Analyze tables and indexes

DB12 DB Backup Monitor

DB13 DBA Planning Calendar

DB15 Data Archiving: Database Tables

JOBS

SM36 Define Background Job

SM37 Background Job Overview

SM39 Job Analysis

SM49 Execute External OS commands

SM62 Maintain Events

SM64 Release of an Event

SM65 Background Processing Analysis Tool

SM69 Maintain External OS Commands

MONITORING

AL08 Current Active Users

OS01 LAN check with ping

RZ01 Job Scheduling Monitor

RZ03 Presentation, Control SAP Instances

ST01 System Trace

ST02 Setups/Tune Buffers

ST04 Select DB activities

ST05 Performance trace

ST06 Operating System Monitor

ST10 Table call statistics

ST03 Performance, SAP Statistics, Workload

ST07 Application monitor

STAT Local transaction statistics

STUN Performance Monitoring (not available in R/3 4.6x)

SPOOL

SP01 Output Controller

SP11 TemSe directory

SP12 TemSe Administration

SPAD Spool Administration

TRANSPORTS

SCC1 Client Copy – Special Selections

SE01 Transport Organizer

SE06 Set Up Workbench Organizer

SE07 CTS Status Display

SE09 Workbench Organizer

SE10 Customizing Organizer

SE11  ABAP/4 Dictionary Maintenance

SE16 Data Browser

SE80 Repository Browser

SM30 Call View Maintenance

SM31 Table Maintenance

STMS Transport Management System

USER ADMINISTRATION

PFCG Profile Generator (Activity Group Maintenance)

PFUD User Master Data Reconciliation

SU01 User Maintenance

SU01D User Display

SU02 Maintain Authorization Profiles

SU03 Maintain Authorizations

SU05 Maintain Internet users

SU10 User Mass Maintenance

SMLG Maintain Logon Group

SUPC Profiles for activity groups

SUIM Infosystem Authorizations

User Administration

 User Administration

To start user maintenance you have to use the transaction code SU01. You can create a new user or copy the existing user master. The user master contains all data and setting that are required to log on to a client. In this you can find the following tabs:

Address                       : Personal info and address

Logon Data               : Password and validity period of the user

User Default             : Language, Values for printer

Parameters               : User specific values for standard fields

Roles and profiles : Roles and profiles assigned to the user

Groups                         : Grouping users for mass maintenance

Types of User:

Dialog User, Communication User, System User, Service User, Reference User.

User ids allow access to SAP applications. Each user must have a corresponding profile specifically assigned. In many situations, multiple composite profiles can be assigned to a user ID, depending on the roles an individual user is responsible.

Authorizations are the key building blocks of SAP security. Authorization is the process of assigning values to fields present in authorization objects. In SAP, access to all system functionality is achieved through a complex array of authorizations. Sometimes users find that they lack the necessary authorizations to perform a certain function in the system, in which case the message: "You are not authorized..." is displayed at the bottom of the screen

A Profile Generator PFCG is used to automatically generate and assign authorization profiles. The administrator can also create authorization profiles manually.

Default User ids:

User Ids Client Name

SAP* 000 and 001

DDIC 000 and 001

Early Watch 066

A user Admin must be familiar with the tasks and responsibilities of admin for creation, managing and controlling access to the R/3 system and its data, and also various R/3 user types and its data.

Must manage and create new user, groups and profiles using R/3 transaction.

Be familiar with monitoring active users.

Transport client specific user objects between R/3 system or Clients.

User Groups

What are user groups and how can we use them?

Transaction SUGR is used for User Groups. Purpose for example is to give certain system admin rights to unlock / change password only to a given user group. You assign user group to a user id via SU01.

User group can be used for different reasons and in different way.In the latest versions of SAP, actually two types of user group

The authorization user groups

The  general user groups.

Naturally the main reason of user groups is to categorize user into a common denominator.

The authorization user group is used in conjunction with S_USER_GROUP authorization object. It allows creating security management authorization by user group. e.g. you can have a local security administrator only able to manage users in his groups, Help-Desk to reset password for all users except users in some group.

The general user group can be used in conjunction with SUIM and SU10, to select all the users in a specific group. User can only be member of one authorization user group but several general user groups.

One of the Primary uses of user groups is to sort users into logical groups.

This allows users to be categorized in a method that is not dependent on roles and Responsibilities and Profiles.

User Groups also allow segregation of user maintenance, this is especially useful in a large organization as you can control who your user admin team can maintain - an example would be giving a team leader the authority to change passwords for users in their team.

Different Type of Users In SAP

User Types

There are 5 different User type:

1. dialog
2. system
3. communication
4. service
5. reference

Description about the above User types:

1. Dialog:- For Dialog User GUI Login is possible, Initial password and expiration of password and Multi GUI Logins are checked.
Individual system access (personalized)
It is possible to log on using SAP GUI. The user is therefore capable of interaction through SAP GUI.
The system checks whether the password has expired or is initial.
The user can change his or her password himself or herself.
Multiple dialog logons are checked and, where appropriate, logged.

Purpose of Dialog User is for individual human users.


2. System: - For a System User GUI Login is not possible, Initial password and expiration of password are not checked.
System-related and internal system processes.
It is not possible to log on using SAP GUI. The user is therefore incapable of interaction through SAP GUI.
The password change requirement does not apply to the passwords, that is, they cannot be initial or expired.
Only a user administrator can change the password.
Multiple logons are permissible.

Purpose of System User is for background processing and communication within a system (internal RFC calls) and between multiple systems (external RFC calls).

3. Communication: - For a Communication User login is not possible, Users are allowed to change password through some software in middle tier
Individual system access (personalized)
It is not possible to log on using SAP GUI. The user is therefore incapable of interaction through SAP GUI.
Although the system checks whether the password has expired or is initial, the implementation of the requirement to change the password, which exists in principle, depends on the logon method (interactive or non-interactive).

Purpose of this User is for external RFC calls of individual human users. These are used for login to system through external systems like web application

4. Service: - For a Service User GUI login is possible. Initial password and expiration of password are not checked. Multiple logins are allowed. Users are not allowed to change the password. Only admin can change the password.
Shared system access for a larger, anonymous group of users. Assign only very restricted authorizations for this user type.

Purpose of this User is for anonymous users. This type of users should be given minimum
authorization. After an individual authentication, an anonymous session begun with a service user can be continued as a person-related session with a dialog user.

5. Reference: - For a Reference User GUI login is not possible. Initial password and expiration of password are not checked.
User type for general, non-person related users that allow the assignment of additional identical authorizations, such as for Internet users created with transactions SU01.

Purposes of these Users are special kind of users which are used to give authorization to other users.

Types of RFC (Remote Function Calls)

           Types of RFC

Synchronous RFC (sRFC)

For communication between different systems and between SAP Web AS and SAP GUI.

Asynchronous RFC (aRFC)

For communication between different systems and for parallel processing of selected tasks.

Transactional RFC (tRFC)

A special form of asynchronous RFC. Transactional RFC ensures transaction-like processing of processing steps that were originally autonomous.

Queue(d) RFC (qRFC)

Queued RFC is an extension of tRFC. It also ensures that individual steps are processed in sequence.

RFC is a superordinate term for various implementation variants. sRFC is the synchronous call of function modules. This means that the client waits until the server has completed its processing. In an SAP system, an RFC can also be performed asynchronously in another work process. This variant is called aRFC.

There is also tRFC, the transactional Remote Function Call. Transactional RFC is asynchronous and ensures that data that is sent more than once due to network problems can be recognized at the server side, by assigning a Transaction Identifier (TID). This allows you to prevent data being processed more than once, leading to erroneous information in the application. Due to the asynchronous processing, however, parameters can only be transferred from the client to the server in this case. Returning information or status information directly is not possible.

qRFC with Send Queue is an extension of tRFC. It creates a layer between applications and the tRFC and only allows the tRFC to transfer a Logical Unit of Work (LUW) to the target server when its predecessors are no longer in the associated wait queues. After a qRFC LUW is executed, the qRFC manager automatically processes the next waiting qRFC LUW in accordance with the sequence in the wait queue.

Fundamentals of RFC (Remote Function Calls)

Fundamentals of RFC

Communication between applications of different systems in the SAP environment includes connections between SAP systems as well as between SAP systems and non-SAP systems. Remote Function Call (RFC) is the standard SAP interface for communication between SAP systems. The RFC calls a function to be executed in a remote system. You can also call a function module in the same system as an RFC; however, RFCs are usually used when the calling and called function modules are running in different systems.

In the SAP system, the RFC interface system provides this function. The RFC interface system allows function calls between two SAP systems or between an SAP system and an external (non-SAP) system.

RFC is an SAP interface protocol that is based on the Common Programming Interface for Communication (CPI-C) and allows cross-host communication between programs. This means that ABAP functions can be called from external applications and tools, and that external applications can be called from the SAP system.

RFC means that the ABAP programmer does not have to write his or her own communication routines. For an RFC call, the RFC interface Converts all parameter data to the format required in the remote system calls the communication routines that are required to communicate with the remote system handles errors that occur during the communication.

Related Links :

http://sapbasiskishore.blogspot.in/2013/03/types-of-rfc-remote-function-calls_18.html

Client Concepts

      1.       Client Concepts

Client Concepts and Types of Data in SAP System

Data in an SAP system can be divided into two categories:

1. Client-specific data: Client-specific data such as user master and application data, which affects only one client.

2. Cross-client data: Cross-client data such as cross-client customizing data and all Repository objects, which affects the whole system environment.

The ABAP Dictionary is a data dictionary that is part of the ABAP Repository. Each piece of the ABAP Dictionary information is entered only once and is then available anywhere in the system at any time. The ABAP Dictionary automatically supplies all new or changed information, thus providing current runtime objects and ensuring data consistency and security.

A client is a self contained unit in technical terms, with its own master data.

The following are examples of client-specific data:

User master data, such as parameters, authorization, user groups

Customizing data, such as organizational units, assignments, and document types

Application data, such as business transaction data, and material master data

The SAP client concept can integrate several companies or subsidiaries in a single client by using company codes and the SAP authorization concept. Company codes define the smallest corporate organizational units for which a complete self-contained set of accounts can be drawn up for external reporting.

The SAP authorization concept enables the parent company to access all subsidiaries for report purposes, while subsidiary-specific data is protected against access from other subsidiaries through company code definition.

The standard client roles fulfill the optimal minimum requirements of your SAP system.

Client CUST, development and customizing, is the central customizing client where complete adaptation of the SAP system to customer-specific needs takes place. All changes performed in this client are recorded so they can be supplied to the other clients using the Transport Management System.

Client QST, quality assurance, is used to test and verify the new customizing settings in the application.

Client PRD or production is the client for production activities, that is, where your company’s business is carried out. Customizing changes imported into this client have to be first tested carefully in the QST client in order to ensure that production operation is free of disruption.