XI/PI/PRO/CPI - CheatSheet
Product OverviewSAP PI | (Formerly known as: SAP XI, SAP Exchange Infrastructure); stands for SAP Process Integration.
It is a NetWeaver coponent which acts as an EAI and lets you build interfaces with mapping and routing. | SAP PRO | (Formerly known as: SAP PO); stands for SAP Process Orchestration.
SAP PRO is a bundle of SAP PI, SAP BRM and SAP BPM. | SAP CPI | (Formerly known as: SAP HCI, SAP HCP-IS, SAP Hana Cloud Platform Integration); stands for SAP Cloud Platform Integration.
The CPI is a cloud-based (hosted in SAP Cloud Platform) integration platform built up on the OSS Apache Camel framework. |
Monitoring (ABAP Stack)Transaction code | Description | SXMB_MONI | Integration engine message monitoring tools. | SXI_MONITOR | Message monitor entry. | SXMB_MONI_BPE | Integration process monitoring tools for Business Processing Engine (BPE) / ccBPM. | SXMS_LMS_ CONF | Configuration of user-defined custom search. | SA38 SXMS_ EXTRACT_ MESSAGES | (Re-)index messages after changing the user-defined custom search parameters. | SMQ1 | Monitor outbound message queue. | SMQ2 | Monitor inbound message queue. | SMQR | Check if queues are registered correctly. | SM58 | Transactional RFC monitoring. | SMICM | Internet Communication Manager (ICM) monitoring tools. | SMGW | SAP Gateway monitoring tools. | ST06 | Monitoring of system resources. For checking e.g. database space. |
Monitoring (Java Stack)Path | Description | /pimon Adapter Engine Message Monitor | AAE message monitoring. | /pimon Adapter Engine Communication Channel Monitor | New communication channel monitoring. | /rwb | Classic runtime workbench | /mdt/channelmonitorservlet | RWB-based channel monitoring. | /MessagingSystem/monitor/monitor.jsp | "Classic" message system monitoring. | /mdt/amtServlet | Java proxy runtime (JPR) monitoring | /rwb/sub/cache_monitoring/status_table | Cache monitoring status. | /nwa/pi-bcgnd-proc | Show status of background jobs (e.g. clean-up, ...) | /nwa/scheduler | Java scheduler monitoring. | /AdapterFramework/scheduler/scheduler.jsp | Pt. I - Java scheduler monitoring (fallback). | /AdapterFramework/scheduler/monitorscheduler.jsp | Pt. II - Java scheduler monitoring (fallback). | /CPACache/monitor.jsp | CPA cache monitoring. | /MessagingSystem/monitor/locks.jsp | View locked messages in Java stack. | /nwa/logs | AAE log viewer. | /nwa/java-sys-reports | Quick status overview of system logs. |
Paths on the left column, beginning with / have to be appended to the base uri of the PI/PRO system: http(s)://<hostname>:<port> Administration Tools (Both Stacks)Path | Description | /rep/support/public/LockAdminService | View and remove ESR object locks. | /nwa/locks | View general Java locks. | /useradmin | User administration (Java). | /nwa/identity | Identity management and user administration. | /nwa/start-stop | Starting, stopping and re-starting of Java instances, services and processes. | /nwa/key-storage | Certificate handling and keystore administration. (Java) | /nwa/destinations | Configure and administrate destionations (e.g. HTTP, IDOC, etc.) in Java stack. | /BC/VerifyJCE | Tool to check supported keysize / encrypütion strength of PI. Needed e.g. for PGP. | /xpi_inspector | | /CPACache/refresh?mode=delta | Trigger CPA cache delta refresh. | /CPACache/refresh?mode=full | Trigger CPA cache full refresh. | /ftpjdbc | JDBC-, FTP- and XML-Parser test tools. Can be used to show JDBC driver version for example. (You need note 1085539.) | Transaction code | Description | SU01 | User administration (ABAP). | STRUST | Certificate handling and keystore administration. (ABAP) | SM59 | Configure and administrate destionations (e.g. HTTP, IDOC, etc.) in ABAP stack. | SLDCHECK | Test SLD connection. | SLDAPICUST | Configure SLD connection. | SXMB_ADM | Administration of Integration Engine. |
Paths on the left column, beginning with /, have to be appended to the base uri of the PI/PRO system: http(s)://<hostname>:<port> Useful Reports (ABAP Stack)Transaction code | Description | SXMS_EXTRACT_MESSAGES | Re-indexes messages for user-defined custom search. | RSXMB_CANCEL_NO_COMMIT_MSG | Cancel non-restartable messages. | RSXMB_CANCEL_NOT_REST_MESSAGES | Cancel messages which are missing their commit. | RSBDCOS0 | Execute a system command (OS level). | RSPARAM | Show profile parameters. |
Be aware: If you are not sure how the programs behave, you should open them first in SE38 or SE80 and check their source code. Only run them directly via SA38 if you know, what you are doing! Configure system proxy (Both Stacks)Stack | How to | Java | | ABAP | Check & Configure:
Open transaction SICF and press F8. Go to the Client-menu entry and then select Proxy-Settings. |
Readout Passwords (Both Stacks)Passwords from SAP PI usersThere is no universal way to grab passwords from PI users, but as long as there is an interface, sending data to the PI via SOAP or HTTP there is a good chance of getting the password. Even here you have two options: Open the receiving SOAP sender channel in the Integration Directory/NWDS. Switch to the Modules-tab and add a parameter to the adapter's own module with the following values: Parameter Name= TraceHTTP, Parameter Value= plain. The resulting logs with all header data can be found in /nwa/logs. Search for the Authorization:-header which should contain the user's password as Base64 string. If the adaptermodule isn't available, you could trace the incoming requests with /xpi_inspector. After creating the traces, search for the Authorization-header as explained above. |
SSL, TLS, PGP, ... (All Stacks)CHow to check quickly if TLS 1.2 is enabled?
A good indicator is the version of the used iSaSiLk library. If version is 4.5, the PI doesn't support TLS 1.1/1.2. If iSaSiLk has version 5.104 there are good chances, that TLS 1.2 is supported (because 5.104 usually will be installed, when doing the TLS 1.2 patches). | How to activate TLS 1.2 in AS Java?To enable TLS 1.1 and TLS 1.2 support for SAP PI (AS Java) read the contents of SAP note 2417205. It contains further notes which explain to check and update TLS support. | How to activate TLS 1.2 in AS ABAPEnsure that the used CommonCryptoLib has release 8.4.3.1 or later. (Update infos in note 1848999.) If you want to force TLS 1.2, read note 2384243. | How to force TLS 1.2?If your SAP PI is TLS 1.2 ready, and you want the HTTP receiver channel to use explicitly TLS 1.2, then you can add the parameter httpsProtocols with value TLSv1.2 in the channels module tab. Further explanation can be found in note 2393811. | How to support ECDHE chipher suites?As explained in Note 2538934 none of the SAP PI/PRO releases supports any kind of ECDHE ciphersuites. Either ask the partner to allow a non-ECDHE cipher suite or use an external SSL-handler like mitmproxy ( https://goo.gl/yemrrV) for example. | What cipher suites are supported by SAP PI?The ciphersuites which are activated by default can be seen in SAP note 2538934. Instructions on how to change the supported ciphersuites can be found in note 2616983. | How to get SSL certificate from...
HTTP; open the website in a browser, click the lock-icon and save certificate or use the Realcore Support Tools for SAP PI/PO.
Mail, SFTP; use the OpenSSL commandline utilities or the Realcore Support Tools for SAP PI/PO.
FTPs; use the OpenSSL commandline utilities with command: openssl s_client -connect <ip-of-server>:<port> -showcerts -starttls ftp
Other; try to use OpenSSL toolset. Otherwise Google. | How to convert OpenSSH key to PKCS12?
To create a PKCS12 keystore from OpenSSH key, you need the OpenSSL commandline tools.
First create a certificate from the private key: openssl req -new -x509 -key <private-key-filename> -days 3650 -out x509_certificate.pem
Now create PKCS12 from private key and certificate: openssl pkcs12 -export -in <x509-certificate-filename> -inkey <private-key-filename> -out pkcs12_keystore.p12 | How to update TrustedCAs? AS Java; open /nwa/key-storage, select TrustedCAs keystore and click import. After import, stop and start the affected communication channel. AS ABAP; open transaction STRUST and add the certificate to the (TrustedCAs). If there's no store like that, choose SSL (anonymous/default). | What is "peer certificate rejected by chainverifier"-error?
This error usually occurs, when at least one certificate in the chain is invalid. Keep in my, that server certificates are chained (=trusted by higher authorities). You have to import the whole chain into SAP PI! | What is a "SSL common name mismatch"-error?
This error occurs if the value of the field CN (common name) doesn't match the hostname. E.g. server has a cert that matches server.com, but is called via IP address. Either call service with matching hostname or change the certificate on the server. | Can a SSL certificate be issued for an IP address?
In theory SSL/TLS certs can be issued for IP addresses. Nevertheless this is "bad practice" and should be avoided in any case. | How to set-up PGP? Create PGP keypair; To create a PGP keypair you can use Kleopatra which can be downloaded at https://gnupg.org/. Save key on PI; the private key has to be stored in SAP PI's filesystem. The standard path is: /usr/sap/<System ID>/<Instance ID>/sec Configure bean; set-up the bean as described in this article: https://goo.gl/R325Xv | Common PGP errors PGP Encryption Module: Could not extract private key (org.bouncycastle.openpgp.PGPException: checksum mismatch at 0 of 20)Either the password setup in the parameter pwdOwnPrivateKey is wrong or the key contains invalid chars. Try to set a simpler key in Kleopatra, re-import the key and try again. PGP Encryption Module: Could not process message, Internal PGP Error (org.bouncycastle.openpgp.PGPException: exception encrypting session key)Cause: Illegal key size or default parametersThe JCE unlimited strength policy isn't correct. Check /BC/VerifyJCE if all is green. Otherwise fix like explained here: https://goo.gl/Rt3F7n You have requested an application that is currently stopped.If this occurs when checking /BC/VerifyJCE, enable the application as explained in note 2606771. |
SSL, TLS, PGP, ... (Both Stacks)How to check quickly if TLS 1.2 is enabled?
A good indicator is the version of the used iSaSiLk library. If version is 4.5, the PI doesn't support TLS 1.1/1.2. If iSaSiLk has version 5.104 there are good chances, that TLS 1.2 is supported (because 5.104 usually will be installed, when doing the TLS 1.2 patches). | How to activate TLS 1.2 in AS Java?To enable TLS 1.1 and TLS 1.2 support for SAP PI (AS Java) read the contents of SAP note 2417205. It contains further notes which explain to check and update TLS support. | How to activate TLS 1.2 in AS ABAPEnsure that the used CommonCryptoLib has release 8.4.3.1 or later. (Update infos in note 1848999.) If you want to force TLS 1.2, read note 2384243. | How to force TLS 1.2?If your SAP PI is TLS 1.2 ready, and you want the HTTP receiver channel to use explicitly TLS 1.2, then you can add the parameter httpsProtocols with value TLSv1.2 in the channels module tab. Further explanation can be found in note 2393811. | How to support ECDHE chipher suites?As explained in Note 2538934 none of the SAP PI/PRO releases supports any kind of ECDHE ciphersuites. Either ask the partner to allow a non-ECDHE cipher suite or use an external SSL-handler like mitmproxy ( https://goo.gl/yemrrV) for example. | What cipher suites are supported by SAP PI?The ciphersuites which are activated by default can be seen in SAP note 2538934. Instructions on how to change the supported ciphersuites can be found in note 2616983. | How to get SSL certificate from... HTTP; open the website in a browser, click the lock-icon and save certificate or use the Certificate Catcher tool (as explained here: https://goo.gl/ay7nc9 ). Mail, SFTP; use the Certificate Catcher tool as explained above. FTPs; use the OpenSSL commandline utilities with command: openssl s_client -connect <ip-of-server>:<port> -showcerts -starttls ftp Other; try to use Certificate Catcher. Otherwise Google. | How to convert OpenSSH key to PKCS12?
To create a PKCS12 keystore from OpenSSH key, you need the OpenSSL commandline tools.
First create a certificate from the private key: openssl req -new -x509 -key <private-key-filename> -days 3650 -out x509_certificate.pem
Now create PKCS12 from private key and certificate: openssl pkcs12 -export -in <x509-certificate-filename> -inkey <private-key-filename> -out pkcs12_keystore.p12 | How to update TrustedCAs? AS Java; open /nwa/key-storage, select TrustedCAs keystore and click import. After import, stop and start the affected communication channel. AS ABAP; open transaction STRUST and add the certificate to the (TrustedCAs). If there's no store like that, choose SSL (anonymous/default). | What is "peer certificate rejected by chainverifier"-error?
This error usually occurs, when at least one certificate in the chain is invalid. Keep in my, that server certificates are chained (=trusted by higher authorities). You have to import the whole chain into SAP PI! | What is a "SSL common name mismatch"-error?
This error occurs if the value of the field CN (common name) doesn't match the hostname. E.g. server has a cert that matches server.com, but is called via IP address. Either call service with matching hostname or change the certificate on the server. | Can a SSL certificate be issued for an IP address?
In theory SSL/TLS certs can be issued for IP addresses. Nevertheless this is "bad practice" and should be avoided in any case. | How to set-up PGP? Create PGP keypair; To create a PGP keypair you can use Kleopatra which can be downloaded at https://gnupg.org/. Save key on PI; the private key has to be stored in SAP PI's filesystem. The standard path is: /usr/sap/<System ID>/<Instance ID>/sec Configure bean; set-up the bean as described in this article: https://goo.gl/R325Xv | Common PGP errors PGP Encryption Module: Could not extract private key (org.bouncycastle.openpgp.PGPException: checksum mismatch at 0 of 20)Either the password setup in the parameter pwdOwnPrivateKey is wrong or the key contains invalid chars. Try to set a simpler key in Kleopatra, re-import the key and try again. PGP Encryption Module: Could not process message, Internal PGP Error (org.bouncycastle.openpgp.PGPException: exception encrypting session key)Cause: Illegal key size or default parametersThe JCE unlimited strength policy isn't correct. Check /BC/VerifyJCE if all is green. Otherwise fix like explained here: https://goo.gl/Rt3F7n You have requested an application that is currently stopped.If this occurs when checking /BC/VerifyJCE, enable the application as explained in note 2606771. |
| | Adapter Modules (Java Stack)Module Name | Description | General beans | DynamicConfigurationBean | Mod.-Name: AF_Modules/DynamicConfigurationBean
Used to append, edit or delete entries of the DynamicConfiguration section of the XI3.0 header. | PayloadSwapBean | Mod.-Name: AF_Modules/PayloadSwapBean
Used to switch the main message payload with an message attachment, defined by the module's parameters. | PayloadZipBean | Mod.-Name: AF_Modules/PayloadZipBean
Used to zip or unzip a payload. Whn unzipping an archive with multiple files, those will be added as attachments.
Pro tip: Use the undocumented parameter gunzip to unzip .gz (GZip) files. | MessageTransformBean | Mod.-Name: AF_Modules/MessageTransformBean
Used to transform messages, change the XML, add/edit MIME-types, etc. The module can load custom/external Java tranformation classes. | StrictXml2PlainBean | Mod.-Name: AF_Modules/StrictXml2PlainBean
Used to convert XML payload to plain(text) files. Became obsolete in some way by the MessageTranformBean. | TextCodepageConversionBean | Mod.-Name: AF_Modules/TextCodepageConversionBean
Used to swap the code page of the main payload of the XI message and also convert its content. | XiHeaderValidationBean | Mod.-Name: XiHeaderValidationBean
Used to validate header information of outbound messages. | XMLAnonymizerBean | Mod.-Name: AF_Modules/XMLAnonymizerBean
Used to anonymize XML elements/attributes by removing namespaces or namespace prefixes. Also the encoding attribute of the XML declaration can be changed. | Sync-Async-Bridge beans | RequestResponseBean | Mod.-Name: AF_Modules/RequestResponseBean
Used in async-sync bridges to convert the asynchronous request to a synchronous one. Used in combination with RequestOnewayBean. | RequestOnewayBean | Mod.-Name: AF_Modules/RequestOnewayBean
Used in async-sync bridges to redirect a synchronous response to an sync interface. | NotifyResponseBean | Mod.-Name: AF_Modules/NotifyResponseBean
Used in sync-async bridges to sent out (create) a response message. | WaitResponseBean | Mod.-Name: AF_Modules/WaitResponseBean
Used in sync-async bridges to wait for a response message. |
IDOC Handling (Both Stacks)Path | Description | /pimon Adapter Engine IDOC adapter monitor | IDOC message monitoring. | /pimon Adapter Engine IDOC adapter monitor Metadata monitor | Maintenance of IDOC metadata. | Transaction code | Description | IDX_NOALE | Configuration (including suppression) of IDOC acknowledgements. | IDX1 | Maintenance of port configuration. | IDX2 | Maintenance of IDOC metadata. | IDX5 | IDOC message monitoring. | WE02 | Display IDOCs. | WE05 | List IDOCs. | WE20 | Configure partner agreements. (Mostly done on ERP system side, but nevertheless helpful.) |
To use the Java-stack IDOC monitoring, you need either the NWA_SUPERADMIN_PI_IDOC or the NWA_READONLY_PI_IDOC role. If Java-IDOC-monitoring doesn't show any messages, you have to activate it first. Go to /nwa Configuration Infrastructure Application Resources. Then choose "Resource adapters", then "JavaIdocAdapter" and then set the persistance-property to true. IDOC Setup (Java Stack)SAP PI to ERP (configuration on PI) Create default IDOC destination in /nwa with name scheme XI_IDOC_DEFAULT_DEST_<SID>_<CLNT>. After creating the destination check it with the ping destination button. Use this destination in the IDOC receiver channels. | SAP PI to ERP (configuration on ERP)
Create a user for the SAP PI system, which can be used in the SAP PI destination. (As explained above.) Usually this user is named: Z_CPIC. | ERP to SAP PI (configuration on PI) You have to create a IDOC-resource-adapter on PI. Go to /nwa Configuration Infrastructure Application Resources. Click Create New Resource New Resource Adapter. Choose SAPJRATemplate and name the adapter like this: inboundRA_<SID>_<CLNT>. Define the values for ProgramId, GatewayServer and GatewayService in the resource adapter's properties. Afterwards give those values to the ERP administrator. Use this resource adapter in the IDOC sender channels. | ERP to SAP PI (configuration on ERP)
Open transaction SM59 and create a destination of type T.
Set the fields ProgramId, GatewayServer and GatewayService with the values received from the SAP PI administrator.
Activate Unicode in the destination's settings.
Use the newly configured destination in the partner agreement/ALE configuration in transaction WE20. |
Fight Timeouts (Both Stacks)Where / What | How to set? | Soap-Adapter | Sender | Open channel. Add parameter to the adapter's own module at the module tab. If Module Name is CallSapAdapter name the parameter syncTimeout. If Module Name is ...XISOAPAdapterBean then name the parameter XI.Timeout. Give the timeout in milliseconds as parameter value. | Soap-Adapter | Receiver | Open channel. Add parameter to the adapter's own module at the module tab. Use XMBWS.Timeout as parameter name and set the timeout in milliseconds as parameter value. | JDBC-Adapter | Receiver | There are two points to configure timeout: 1 - module tab, 2 - Advanced Mode parameters.
1) Switch to module tab, add a paramter-set to the adapter's own module. Use syncTimeout as parameter name and set the timeout in milliseconds as parameter value.
2) Switch to Advanced-tab, check Advanced Mode and add the following two parameters to the Additional Parameters-table: queryTimeout with timeout in seconds (e.g. 600 for 10 minutes). sqlquerytimeout with timeout in seconds (e.g. 600 for 10 minutes). | Adapter Engine | Sender | Introduction: Useful for sync ABAP proxy interface from ERP to Single Stack. SOAP Sender timeout only configures how long the sender channel will wait for response from PI pipeline. To define how long the SOAP sender channel will keep the connection to the sending ERP/ABAP proxy open, you can use the following setup.Go to /nwa Configuration Infrastructure Java System Properties Services. Choose the entry XPI Adapter: XI, switch to its Properties-tab and set the timeout in milliseconds for the parameter named xiadapter.inbound.timeout.default. Be careful this affects all incoming synchronous SOAP/XI communication! To trigger the new parameter, restart the adapter. Therefore go to /nwa Operations Systems Start &Stop Java Services. Select XPI Adapter: XI and click restart-button. | Integration Engine | Receiver | Introduction: If you're sending data from Integration Engine or ERP, etc. systems, usually the default ICM timeout is used. You have two options to raise this timeout.
1) Open transaction sm59, open the appropriate destination, switch to the Special Options-tab and configure the Set timeout option.
2) Raise the global ICM timeout by opening transaction RZ11, then open the parameter icm/conn_timeout and change its value. In addition open the RZ11-parameter icm/server_port_<xx> and set the parameter TIMEOUT=<timeout in s>.
Attention: This change is system-wide and needs a restart of the ABAP-stack afterwards. | Integration Engine | Processing | Introduction: Besides network timeouts also processing timeouts can occur when processing in IE/AAE takes longer than configured.To raise the global ICM processing timeout, open transaction RZ11, then open the parameter icm/server_port_<xx> and append the following value-pair to its parameter PROCTIMEOUT=<timeout in s>. Attention: This change is system-wide and needs a restart of the ABAP-stack afterwards. Learn more over here: https://goo.gl/Sh5Jfp Hint: *If you want to test this changes without restart, you can make them temporary (until next restart) by opening transaction smicm, opening "Services" ( Shift+F1) and doing the changes there. |
NWDS LifesaverWhere can I get NWDS 7.5 quick and easy? | NWDS doesn't start and does not show anything while opening. The NWDS can't find a suitable JRE/JDK. Add the -vm-paramter into the NWDS .ini-file. | NWDS throws an exception during the startup and then closes again. NWDS needs a 32-bit (x86) jdk. (Even if your Windows installation is x64!) | NWDS complains about a wrong JDK (non-SAP) version. Either click "cancel" and simply ignore the error or search in OneNote for the "JVM vendor not supported" article. | NWDS crashes with "Unhandled event loop exception - Java heap space" exception. Raise the values Xmx and XX:MaxPermSize in the NWDS .ini-file which lays beneath the NWDS-/Eclipse.exe file. | How to avoid the annoying re-login dialogs? Open NWDS and follow the menu path: Preferences PI Tools Configuration Tool-Specific Session-Timeout. Raise the timeout value. | How to set-up a Java mapping? | Using "XPath containing whitespaces" doesn't work. Be sure to just add one XPath by double-clicking. This is necessary to add the namespaces. (You can remove the added XPath after the action.) |
API & Automation (Both Stacks)API | OS* | Description | Directory API | JS | What? The DirectoryAPI provides a set of over 50 SOAP webservices to control, monitor and edit Integration Directory objects. Where? To browse through the available APIs open the path /wsnavigator on your Java stack, switch to Provider-System and click search. On the following wizard pages, you can retrieve the WSDL to test the API e.g. in SoapUI. When? Use the DirAPI when you want to download payloads, get monitoring results, edit channels, ... More? Tutorial: https://goo.gl/6hgNFP | Simple Query | JS | What? The Simple Query is an unofficial HTTP/Post-based web-api that allows to view and download Integration Directory as also Enterprise Service Repository objects. Where? To browse through the available methods open the path /dir/support/SimpleQuery for Directory objects or /rep/support/SimpleQuery for Respository objects on your Java stack. When? Use the Simple Query when you want to access repository objects like Mappings, etc. More? Tutorial: https://goo.gl/js6Tde To use the API, the API user needs the roles SAP_XI_API_DISPLAY_J2EE and SAP_XI_API_DEVELOP_J2EE. | Channel Control | JS | What? The ChannelAdmin-Servlet is a subset of DirAPI that allows to start and stop channels via webservice call. Where? Call the following url: /AdapterFramework/ChannelAdminServlet?party=&service=&channel=<name>&action=<action>. Replace <name> with channelname and <action> with either start, stop or status. When? Use this API to programmatically start/stop/query channels. More? https://goo.gl/o6oAdJ General tutorial: https://goo.gl/9ML4Vn Use in ABAP: To use the API, the API user needs the roles SAP_XI_API_DISPLAY_J2EE and SAP_XI_API_DEVELOP_J2EE. | RFC via NCO/JCO | AS | What? RFC isn't a real API but a protocol/technique to access the ABAP stack from outer systems. You can either call specific function modules via RFC or use generic modules like RFC_GET_TABLE_DATA to read any table. Where? Use a platform-specific RFC connector library like SAP JCO for Java or SAP NCO for .NET-applications. When? Use it e.g. to call function or retrieve data from ABAP stack in C# or Java applications. More? NCO tutorial: https://goo.gl/DhvUAM JCO tutorial: https://goo.gl/K2SyEC | SAP Gui Script | AS | What? SAP GUI scripting allows to write scripts which automate tasks in the SAP GUI. Scripts can either be written manually or recorded via a macro recorder. Where? Open SAP Logon, log into SAP system, click Customize Local Layout button ( Alt+F12) and choose Script Recording and Playback.... When? Use it for recurring tasks in SAP GUI, which can't be handled with an Z-program or via another API. More? Base setup: https://goo.gl/V4dwkc Macro tutorial: https://goo.gl/eqgVwK | SAPSHCUT | AS | What? The sapshcut.exe is commandline tool, which allows to launch SAP Gui with predefined commands and parameters. Where? The sapshcut.exe is placed in SAP Logon install dir, which is usually located in: C:\Program Files (x86)\SAP\FrontEnd\SAPgui. To see all parameters call sapshcut with -?-parameter from commandline like: sapshcut.exe -?When? Use it to launch SAP GUI with a predefined transaction and (optional) predefined input data. More? sapshcut.exe usage: https://goo.gl/WYWqgP Shortcut file tutorial: https://goo.gl/jM5A5y | REST Api | CPI | What? The OData-API is a REST-based web api to control, manage and edit Cloud Integration Content. It can be seen as counterpart to SAP PI's Directory API. Where? The api endpoint itself can be reached via https://<tmn>/api/v1 whereby the <tmn> has to be replaced by your tenant's hostname. API testing can be done with REST-API tools like Postman. When? Use it to build your own monitoring or automate administation tasks. More? Documentation: https://goo.gl/t4u3dB API discovery tool: https://goo.gl/Wy8Y1B |
*OS = Operational stack; system where the API is available. JS = Java stack, AS = ABAP stack, CPI = Cloud Platform Integration. Unix 101Test HTTP connection; to test a HTTP(S) connection, use the wget-tool:
wget http(s)://<myserver.de>:<port>/<path> | Test non-HTTP connection; to test a non-HTTP(S) connection, use the telnet-tool:
telnet <myserver.de> <port> | Test HTTP connection via proxy; to test a HTTP(S) connection via proxy server, use the wget-tool:
wget -e use_proxy=yes -e https_proxy=<myproxy.de>:<proxy-port> http(s)://<myserver.de>:<port>/<path> | Test HTTP connection via proxy with auth; to test a HTTP(S) connection via proxy server with user authentication, use the telnet-tool:
wget -e use_proxy=yes -e https_proxy=<myproxy.de>:<proxy-port> -e proxy_user=<proxy user> -e proxy_password=<proxy pass> http(s)://<myserver.de>:<port>/<path> | Get SFTP-fingerprint; to get the server-fingerprint fo an SFTP server, use:
sftp -vv -oPort=<port> <user>@<myserver.de> | Show number of cpus; to show used cpu and number of cores, use:
lscpu | Show amount of ram; to show amount of ram, swap and current memory status, use:
cat /proc/meminfo | Show disk space; to show used, free and total diskspace, use:
df -h | Get SSL/TLS certificate from a FTPs server; to get the certificate, used by an SFTP server, use openssl toolkit:
openssl s_client -connect <server ip>:<server port> -showcerts -starttls ftp | Delete files older than X days; to delete files (e.g. logs) that are older than X days, use:
find . -name '<filename>' -type f -mtime +<days> -delete
Hints: In <filename>-tag a * can be used as wildcard. Remove -delete to do a test-run without deletion. |
The < and > symbols mark placeholders. You have to replace them with the actual values of your use-case. Tools to rocket your productivityRealcore Developer Suite for PI/PO: Helps to compare ESR object or create mapping or interface documentations. Available via SAP Appstore or Realcore Sales Team. | Realcore Support Tools for PI/PO: Helps to quickly create support/error mails with payload attachments, download payloads to disk, solve SSL errors and much more. Available via Realcore Sales Team. | SoapUI: Useful for SOAP webservice testing and for creation of SOAP/REST webservices (=mockup services). Choose OpenSource/Community edition. https://goo.gl/qD42Z9 | | DBeaver: Helps to view, edit and work with nearly any database. Runs without installation. https://goo.gl/zqGDA9 | Notepad++ (+ XML Tools): The XML swissknife/editor. Go to plugin manager and install "XML Tools". https://goo.gl/zAsd4N | Fiddler: Sniffing proxy to view raw HTTP requests. Is even able to decrypt and view HTTPS traffic. Useful for analysis. https://goo.gl/rSWeFA |
Helpful ResourcesNote: The entries above contain links to helpful web-resources. For better readability all links were shortened. |
Created By
https://raffaelherrmann.de
Metadata
Comments
No comments yet. Add yours below!
Add a Comment
Related Cheat Sheets