on 04-05-2015 7:01 PM
Hi All
i recently set up SSFS connection on our SAP Development system: Im able to start the SAP application.
OS:HP-UX
DB:Oracle 11.204
AS ABAP system
***********************************************************
R3trans -d output
21> R3trans -d
This is R3trans version 6.24 (release 738 - 06.08.13 - 18:45:00 ).
unicode enabled version
R3trans finished (0000).
Problem:
We are busy prepering for EHP7 upgrade from EHP5. But SUM is failing in phase PREP_EXTRACT/SSFS_PREP
SSFSP.LOG output
root@system: /oracle/SID/SUM/SUM/abap/log # more SSFSP.LOG
1 ETQ201 Entering upgrade-phase "PREP_EXTRACT/SSFS_PREP" ("20150405181154")
2 ETQ367 Connect variables are set for standard instance access
4 ETQ399 System-nr = '00', GwService = 'sapgw00' Client = '000'
1 ETQ200 Executing actual phase 'PREP_EXTRACT/SSFS_PREP'.
1 ETQ399 Phase arguments:
2 ETQ399 Arg[0] = 'INIT;COPY;CHANGEKEY'
4 ETQ399 Need to handle SSFS for SUM tools (rsdb_ssfs_connect '1').
4 ETQ399 Initialize SSFS at SUM directory
4 ETQ399 Create directory '/oracle/SID/SUM/SUM/abap/mem/rsecssfs/data'.
4 ETQ399 Create directory '/oracle/SID/SUM/SUM/abap/mem/rsecssfs/key'.
2 ETQ399 Creating sub directory '/oracle/SID/SUM/SUM/abap/mem/rsecssfs/key'.
4 ETQ399 Copy SSFS keystore to SUM directory
1 ETQ399 Copying directory '/sapmnt/SID/global/security/rsecssfs/data' to '/oracle/SID/SUM/SUM/abap/mem/rsecssfs/data'.
3 ETQ399 Copying file '/sapmnt/SID/global/security/rsecssfs/data/SSFS_SID.DAT'.
1 ETQ399 Copied 1 files to '/oracle/SID/SUM/SUM/abap/mem/rsecssfs/data'.
1 ETQ399 Copying directory '/sapmnt/SID/global/security/rsecssfs/key' to '/oracle/SID/SUM/SUM/abap/mem/rsecssfs/key'.
1 ETQ399 Copied 0 files to '/oracle/SID/SUM/SUM/abap/mem/rsecssfs/key'.
4 ETQ399 Modify SUM SSFS keystore for default key mode
3 ETQ120 20150405181154: PID 25684 execute '/usr/sap/SID/SYS/exe/run/rsecssfx <args>...', output written to '/oracle/SID/SUM/SUM/abap/log/SSFS.ECO'.
3 ETQ123 20150405181155: PID 25684 exited with status 0 (time 1.000 real)
4 ETQ399 Delete key directory '/oracle/SID/SUM/SUM/abap/mem/rsecssfs/key'.
4 ETQ399 Check database connect via SUM SSFS with SAPup tool call
3 ETQ120 20150405181155: PID 25685 execute '/oracle/SID/SUM/SUM/abap/bin/SAPuptool dbversion', output written to '/oracle/SID/SUM/SUM/abap/log/SSFS.E
CO'.
3 ETQ123 20150405181155: PID 25685 exited with status 20 (time 0.000 real)
1EETQ399 Last error code set is: Process /oracle/SID/SUM/SUM/abap/bin/SAPuptool exited with 20, see '/oracle/SID/SUM/SUM/abap/log/SSFS.ECO' for detai
ls
1EETQ204 Upgrade phase "SSFS_PREP" aborted with severe errors ("20150405181155")
***************************************************************************************************************************************
when setting up SSFS
i issued the following command using sidadm
rsecssfx put DB_CONNECT/DEFAULT_DB_USER name -plain
rsecssfx put DB_CONNECT/DEFAULT_DB_PASSWORD <password>
while the file /sapmnt/SID/global/security/rsecssfs/data/SSFS_SID.DAT gets created. the key directory is empty.
Anyone knows how i can get to create the key file or why my file is not being created in the directory /sapmnt/SID/global/security/rsecssfs/key
here is the permission of the two directories
root@system: /sapmnt/NP3/global/security # ll
total 0
drwxr-xr-x 2 SIDadm sapsys 96 Apr 5 17:25 data
drwxr-xr-x 3 SIDadm sapsys 96 Jun 20 2010 lib
drwx------ 4 SIDadm sapsys 96 Apr 4 16:21 rsecssfs
root@system: /sapmnt/SID/global/security # cd rsecssfs
root@system: /sapmnt/SID/global/security/rsecssfs # ll
total 0
drwx------ 2 SIDadm sapsys 96 Apr 4 19:38 data
drwx------ 2 SIDadm sapsys 96 Apr 4 16:21 key
I have a feeling SUM is failing because of this.
any assistance will be highly appreciated
thanks in advance
regards
Steven
Hello Steven,
The commands that you mentioned do not generate the key file, they simply store the DB password in an encrypted manner.
You may have missed the creation of the key. Check the points 6, 6.1, 6.2 which are optional in setting up SSFS but may help your cause.
1639578 - SSFS as password storage for primary database connect
Regards,
Siddhesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
The environment variables RSEC_SSFS_DATAPATH and RSEC_SSFS_KEYPATH has to be available. The normal system can work with the profile parameters however shadow system will check for the ENV variables.
As mentioned by Gaurav provide SSFS.ECO for more details.
Regards,
Raja. G
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Could you share SSFS.ECO log file for analysis.
Thanks,
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Steven,
Have you already checked SAP note
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.