1 Building the SAP Business One Cloud Landscape Part of the SAP Business One Cloud Landscape Workshop
2 TABLE OF CONTENTS 1 INTRODUCTION LANDSCAPE DETAILS Server Details Landscape Security Information CONFIGURING THE SERVER LANDSCAPE... 3 Configure Windows Active Directory Configure a Windows Time Server Install a Windows Domain Controller... 3 Join the other servers into the newly created domain Configure Domain Users Configure the Domain User Roaming profile Creating Storage Creating the Software Repository Structure Creating Shared Folder for the Service Unit Creating Tenant Storage Creating User Storage Creating Implementation Repositories Creating Company Template Repositories Configure Microsoft Remote Desktop Services Install the Remote Desktop Web Access for Microsoft Remote Desktop Services Configure Microsoft Remote Desktop Web Access Configure Microsoft Remote Desktop Licensing... 7 Activate Microsoft Remote Desktop Licensing Configure the Application Server Install SSL Certification Configure the Microsoft Remote Desktop Session Host Enable Licensing on the Microsoft Remote Desktop Session Host Configure Administrator Privileges Configure the Microsoft Remote Desktop Connection Broker... 8 Configure Microsoft SQL Server Instance(s) Installation of Microsoft SQL Server 2008 R Creation of a second SQL Instance... 9 Configuration of Microsoft SQL Server 2008 R Enable TCP/IP Enable Firewall Port Configure the SQL Services Configure User Security in both SQL instances INSTALLING THE SAP BUSINESS ONE CLOUD SOFTWARE COMPONENTS Create a SAP Business One Software Repository Install SAP Business One Server Tools (License Server) and SAP Business One Mailer Install the SAP Business One Cloud Control Center Install the SAP Business One SLD Agent Install the User Access Portal Registry Configuration Working with Microsoft Office Integration Install IIS and WebDav Publishing on the User Share server Configure IIS and WebDav Publishing Enable Automatic Mapping of User Storage for Users Configure the Microsoft Office Integration Registry Key
3 1 INTRODUCTION This guide has been created for use as a part of the SAP Business One Cloud Landscape Workshop. Through the course of the workshop it will be used to assist participants in building their own Proof of Concept (PoC) landscape to aid their understan ding of the technologies utilized. 2 LANDSCAPE DETAILS 2.1 Server Details Server Computer Name Private Address Domain Controller Central Management Server Application Server/User Access Portal Database Server DC CCC RDS SQL 2.2 Landscape Security Information Domain Name sapbusinessonecloud.net Administrator Password SAP Business One Site User Password 3 CONFIGURING THE SERVER LANDSCAPE 3.1 Configure Windows Active Directory Configure a Windows Time Server To configure the PDC master without using an external time source, change the announce flag on the PDC master. The PDC master is the server that holds the forest root PDC master role for the domain. This configuration forces the PDC master to announce itself as a reliable time source and uses the built-in complementary metal oxide semiconductor (CMOS) clock. To co nfigure the PDC master by using an internal hardware clock, follow these steps: 1. Click Start, click Run, type regedit, and then click OK. 2. Locate and then click the following registry subkey: 3. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags 4. In the right-pane, right-click AnnounceFlags, and then click Modify. 5. In Edit DWORD Value, type A in the Value data box, and then click OK. 6. Close Registry Editor. 7. At the command prompt, type the following commands to restart the Windows Time service, and then press Enter: a. net stop w32time b. net start w32time Install a Windows Domain Controller The following instructions will assist you in setting up the Windows Domain controller, this guide is only intended to set up the basic functionality required for a PoC SAP Business One Cloud Landscape. 8. Login to the domain controller server DC, then in Server Manager Roles, select Add Roles. 9. Check Active Directory Domain Services and proceed to install. 10. Open a command prompt, type dcpromo.exe and then press enter. 11. In the wizard, continue past the welcome and compatibility check pages. 12. On the Choose a Deployment Configuration page, select Create a new domain in a new forest. 3
4 13. Input FQDN (Fully Qualified Domain Name) of the forest root domain, this domain name has to be the same with applied external domain name, sapbusinessonecloud.net 14. In Set Forest Functional Level select Windows Server 2008 R Continue advancing through the wizard to Directory Services Restore Mode Administrator Password, input administrator password and confirm. 16. On successful completion, restart the server. Best Practice Guideline: In order to organize and manage the domain users and their associated security privileges, domain Groups and Organizational Units should be used to create a structure to categorize users in the landscape. Cloud Operators: A cloud operator is an administrator in the SAP Business One Cloud Control Center, managing infrastructure resources, customers and tenants in the SAP Business One Cloud Landscape. Cloud operators should be defined in their own Organizational Unit: 1. Create a new Organizational Unit (OU) called Cloud Operator in the domain. 2. Create a new Group within the Cloud Operator OU called Cloud Infrastructure Operators, this will contain all of the domain users that manage the infrastructure components of the landscape. 3. Create a new Group in this OU called Cloud Application Operators, this will contain all of the domain users that manage the customer and tenant components of the landscape. 4. Create a new Group in this OU called Cloud Consulting Operators, this will contain all of the domain users that use the Support User functionality or perform consulting in the implementation and support of tenants. Customer Users: A customer is a named user that has access to SAP Business One Cloud and each customer should be licensed correctly according the subscription contract they have purchased. Customer users should be defined in their own Organization Unit: 1. Create a new Organizational Unit (OU) called Customer Organization in the domain. 2. Create a new Group (or set of Groups) in the Customer Organization OU to reflect the deployed Service Units in the landscape, e.g. SU1, SU2 etc. 3. Create a new Organizational Unit within the Customer Organization OU named after the customer you are creating an OU for, e.g. ABC Corp OU. 4. Create a new Group in the customer OU, e.g. ABC Corp Group in ABC Corp OU and assign to the correct Service Unit group(s) that were created. 5. Create the required domain users and assign them to the ABC Corp Group. 6. Now whenever permissions need to be assigned for a customer use the customer Group to assign them for all customer users Join the other servers into the newly created domain Now that there is a domain for the cloud landscape, each server in our landscape as detailed in Error! Reference source not found. needs to be configured to be part of it. 1. Logon to each of the servers; change the network settings so that the address of the Preferred DNS Server is configured to be the IP address of the Domain Controller that has just been configured. 2. Change the computer name and domain in System Properties, the domain has to be sapbusinessonecloud.net. 3. Change the delegation of each computer: a. Logon to the Domain Controller, in Server Manager navigate to Roles Active Directory Domain Services Active Directory Users and Computers Computers b. In the pane on the right side, right click on each of the computers listed, select Properties and navigate to the Delegation tab page and select the check box Trust this computer for delegation to any service (Kerberos only). 4
5 3.1.4 Configure Domain Users To enable the initial configuration of the SAP Business One Cloud Landscape you will need to create two users as detailed below. For more information concerning the recommended best practice for SAP Business One Cloud Domain users please see accompanying course material. 1. Run gpedit.msc at the command line prompt, select Computer Configuration Window Setting Security Settings Local Policies User Rights Assignment, in Allow log on through Remote Desktop Services, add Remote Desktop Users. 2. Create SAP Business One Cloud service user: a. In Server Manager Roles Active Directory Domain Services Active Directory Users and Computers sapbusinessonecloud.net Users, create a new domain user SAPServiceB1C and assign this user to local administrator. Specify its password to Initial0, and check User cannot change password and Password never expires. If the SAPServiceB1C password changes after initial configuration you must also reconfigure the SAP Business One SLD Service and SAP Business One SLD Agent windows Services. 3. Run gpedit.msc at the command line prompt, select Computer Configuration Window Setting Security Settings Local Policies User Rights Assignment, set user SAPServiceB1C to Log on as a service. 4. Create the initial Cloud Control Operator: a. In Server Manager Roles Active Directory Domain Servers Active Directory Users and Computers sapbusinessonecloud.net Users, create a new domain user b1cadm Configure the Domain User Roaming profile The Windows roaming user profile is used to stored user data, so that it can follow users as they log on to different computers within the domain. Roaming user profiles are stored in a central server location. To configure the roaming folder of each domain user do the following: 1. Prepare a central server with storage to store the user profile data, e.g. configure it on the Central Components server (see section 3.2 Creating Storage for the main sharing folder) 2. Create the root directory of the roaming folder and share it to everyone and give all READ/WRITE permission, e.g. create folder UserProfile on Shared Component server and share it, the shared network path should be \\share\userprofile. 3. After creating each domain user, edit the user properties by navigating to Server Manager Active Directory Domain Services Active Directory Domain Users and Computers sapbusinessonecloud.net Users, then switch to Profile tab page, change the Profile Path to be \\share\userprofile\%username%. Alternatively it is possible to set the roaming profile path for all users logging onto a computer Setting Path Computer Configuration/Administrative Templates/System/User Profiles Explanation Specifies whether Microsoft Windows should use the specified network path as the roaming user profile path for all users logging onto this computer. To use this setting, type the path to the network share in the form \\share\userprofile\%username%. You need to ensure that you have set the appropriate security on the folder to allow all users to a ccess the profile. If you enable this policy setting, all users logging on this computer will use the roaming profile path specified in this pol icy. If you disable or do not configure this policy setting, then users logging on this computer will use their local profile or standard roaming user profile. Note: There are 4 ways to configure a roaming profile for a user. Windows reads profile configuration in the following order and uses the first configured setting it reads. 1. Terminal Services roaming profile path specified by Terminal Services policy 2. Terminal Services roaming profile path specified by the user object 3. A per-computer roaming profile path specified in this policy 4. A per-user roaming profile path specified in the user object 5
6 3.2 Creating Storage SAP Business One Cloud requires a storage area to store data related to tenants, users and implementation. To create the shared folder structure do the following: 1. Logon to Central Components server CCC. 2. Create a Windows shared folder, e.g. new folder in the file system named share and share this folder to Everyone with Read permission. Sharing path will be \\CCC\share Creating the Software Repository Structure Each version of SAP Business One Cloud in use in the landscape needs to be stored in a repository. To create a folder to store the different versions of SAP Business One Cloud, do the following: 1. Navigate to the folder \\CCC\share 2. Create a Windows shared folder called SAPB1 Packages within this share Creating Shared Folder for the Service Unit 1. Navigate to the folder \\CCC\share 2. Create a Windows shared folder called SharedFolderSU1 and share this folder assigning SAPServiceB1C with Read/Write permissions Creating Tenant Storage 1. Navigate to the folder \\CCC\share 2. Create a Windows shared folder called TenantStorage and share this folder assigning SAPServiceB1C with Read/Write permissions Creating User Storage 1. Create a new Windows shared folder called UserStorage on server CCC and share this folder assigning SAPServiceB1C with Read/Write permissions Creating Implementation Repositories 1. Navigate to the folder \\CCC\share 2. Create a Windows shared folder called ImplementationRepository and share this folder assigning Read permissions to Everyone Creating Company Template Repositories 1. Navigate to the folder \\CCC\share 2. Create a Windows shared folder called CompanyTemplateRepository and share this folder assigning Read permissions to Everyone 3.3 Configure Microsoft Remote Desktop Services SAP Business One Cloud uses remote desktop technology in order to provide the end-user experience of SAP Business One Cloud. This guide covers the configuration of Microsoft Remote Desktop Services, if you are using another remote desktop technology please refer to the correct third party documentation for your product Install the Remote Desktop Web Access for Microsoft Remote Desktop Services To enhance the user experience SAP Business One Cloud provides a User Access Portal for users to log in through. 1. Login to the User Access Portal server, open Server Manager, expand the Server Manager (Computer Name), right-click Roles and click Add Roles. 2. Select Remote Desktop Services and click next twice. 3. Select Remote Desktop Gateway and Remote Desktop Web Access. 6
7 4. Check Choose an existing certificate for SSL encryption (recommended). If there is already SSL certification configured on this server, select it and click Next, otherwise click Import button to import the certification issue to RDS.sapbusinessonecloud.net and select it in the grid. 5. Select Now for Create authorization policies. a. Click Add button to add Domain Users b. Enter a name for the RD CAP: Default value is TS_CAP_01. c. Enter a name for the RD RAP: Default value is TS_RAP_01 ; Select Allow users to connect to any computer on the network. 6. Keep default setting, click Next, click Install. 7. Restart the server after installation Configure Microsoft Remote Desktop Web Access 1. Logon to the User Access Portal server, open Server Manager, navigate to Roles Remote Desktop Services RD Session Host Configuration. 2. Double click on RDP-Tcp in the Connections table. In the General tab page of popup, click Select button to choose the SSL certification issued to <rds.sapbusinessonecloud.net>. 3. Select Remote Desktop Services. 4. In Server Manager, navigate to Roles Web Server(IIS) Internet Information Service, select Application Pools in the tree list, choose RDWebAccess in the Application Pools, click Advance Settings in the right pane. 5. In the pop-up window change the Identity to sapbusinessonecloud.net\sapserviceb1c and provide the credentials when requested. 6. Expand the Sites in the tree list, navigate to Default Web Site and select Bindings from the right-hand pane. 7. Select https and click the Edit button from the pop up. Choose the SSL certification issued to this server from the drop down box 8. Expand the Sites in the tree list, navigate to Default Web Site RDWeb and select Basic Settings from the right-hand pane. 9. In the pop up window click Connect as and specify the user sapbusinessonecloud.net\sapserviceb1c and provide the credentials when requested Configure Microsoft Remote Desktop Licensing 1. Logon to the Central Components server, open Server Manager, expand the Server Manager (Computer Name), right-click Roles and click Add Roles. 2. Select Remote Desktop Services. 3. Select Remote Desktop Licensing. 4. Check Configure a discovery scope for this license server. 5. Proceed with the remaining steps to install Activate Microsoft Remote Desktop Licensing 1. On the Microsoft Remote Desktop License Server (Central Components), open Remote Desktop Licensing Manager. To open Remote Desktop Licensing Manager, click Start, select Administrative Tools, then Remote Desktop Services, and then click Remote Desktop Licensing Manager. 2. Right-click the license server that you want to activate, and then click Activate Server. The Activate Server Wizard starts. 3. Click Next. 4. On the Connection Method page, in the Connection method list, select Automatic connection (recommended), and then click Next. 5. On the Company Information page, type your name and company, select your country or region, and then click Next. 6. Specify any other information that you want to provide, such as e -mail and company address. This information is optional. 7. Click Next. Your license server is activated. 8. On the Completing the Activate Server Wizard page, do one of the following: To install Remote Desktop Services client access licenses (RDS CALs) onto your license server, ensure that the Start Install Licenses Wizard now check box is selected, click Next, and then follow the instructions. To install RDS CALs later, clear the Start Install Licenses Wizard now check box, and then click Finish. 7
8 3.3.5 Configure the Application Server The Microsoft Remote Desktop Session Host is the Application Server in our PoC configuration. The Application Server runs the SAP Business One client for the end users Install SSL Certification 1. Logon on to the Application Server, type MMC and press enter at a command line prompt. 2. Select Add/Remove Snap-in in File menu. 3. Select Certificates in Snap-in and click Add button then choose Computer account and finish. 4. Expand Certificates Trust Root Certification Authorities, right click on Certificates and click All Tasks Import. 5. Choose the SSL certification issued to this application server, *.sapbusinessonecloud.net Configure the Microsoft Remote Desktop Session Host 1. Logon to the Application Server, open Server Manager, expand the Server Manager (Computer Name), right-click Remote Desktop Services and click Add Role Services. 2. Check Remote Desktop Session Host and click Next. 3. Select Do not require Network Level Authentication and next. 4. Choose Per User and click Next. 5. In Select User Groups Allowed Access To This RD Session Host Server wizard page, click button Add and input Domain Users and also add the group created for Service Unit 1 to continue. 6. Continue the next wizard pages to install. 7. Restart the server after the installation completes. 8. After the restart, open Server Manager and navigate to Roles Remote Desktop Services RemoteApp Manager, and click RD Session Host Server Settings in the right-hand pane. 9. In the pop up window, configure the following: In RD Session Host Server tab page, input the Fully Qualified Domain Name (FQDN) of the Application Server into Server Name box, here it should be RDS.sapbusinessonecloud.net. In RD Gateway tab page, select Use these RD gateway server settings and input the FQDN of User Access Portal, here it should be RDS.sapbusinessonecloud.net. In Digital Signature tab page, check Sign with a digital certificate and click the button Change to select the SSL certification issued to the Application Server. 10. Open Server Manager, navigate to Configuration Local Users and Groups, double click on TS Web Access Computers, click on Add button. In the popup, click Object Types button to check Computers and input b1ondemand\rds to add the User Access Portal server into the web access computers group. 11. Open Server Manager, click Configure Remote Desktop on the right. Click Select User button and add Domain Users and Service Unit 1 for the remote access Enable Licensing on the Microsoft Remote Desktop Session Host 1. Logon to the Application Server, in Server Manager, navigate to Roles Remote Desktop Service RD Session Host Configuration, and double-click RDP-Tcp in Connections table. 2. In the General tab page of the pop-up window, click the Select button and choose the SSL certification issued to this application server, here should be *.sapbusinessonecloud.net. 3. Double click the item Remote Desktop license servers in Edit settings Licensing, in the pop-up window click the Add button to input the license server of Remote Desktop Services, in this case use the computer name of the Central Components server CCC Configure Administrator Privileges 1. Grant local server administrator privileges to the SAPServiceB1C account for each Application Server: a. In Windows, choose Start Control Panel Administrative Tools Computer Management. b. In the Computer Management window, expand Local Users and Groups Groups. c. Right-click the Administrators group and choose Add to Group. d. In the Administrator s Properties window, add the SAPServiceB1C account Configure the Microsoft Remote Desktop Connection Broker 8
9 Remote Desktop Connection Broker (RD Connection Broker), formerly Terminal Services Session Broker (TS Session Broker), is a role service that provides the following functionality: Allows users to reconnect to their existing sessions in a load-balanced RD Session Host server farm. This prevents a user with a disconnected session from being connected to a different RD Session Host server in the farm and starting a new session. Enables you to evenly distribute the session load among RD Session Host servers in a load-balanced RD Session Host server farm. Provides users access to virtual desktops hosted on RD Virtualization Host servers and to RemoteApp programs hosted on RD Session Host servers through RemoteApp and Desktop Connection. 1. Logon to the server where you will install the Microsoft Remote Desktop Connection Broker (in this case the User Access Portal server, open Server Manager, expand Server Manager (Computer name), right click Roles, and then click Add Roles. 2. Select Remote Desktop Services and click Next. 3. Check Remote Desktop Connection Broker and click Next. 4. Click Install to continue and then complete the installation. 3.4 Configure Microsoft SQL Server Instance(s) In this SAP Business One Cloud Landscape there are two database instances required: A database instance for the SAP Business One Cloud System Landscape Directory (SLD) A database instance for the Service Unit Installation of Microsoft SQL Server 2008 R2 1. Logon to the Database Server and launch the installation of SQL Server 2008 R2. 2. Advance to the Feature Selection page and select to install Database Engine Services and Management Tools Basic, click Next. 3. Advance to the page in the installation wizard titled Instance Configuration, choose Default Instance and click Next. 4. In the Server Configuration page click Use the same account for all SQL Server services and select the Network Service account. 5. On the same page select the Collation tab and check the collation is SQL_Latin1_General_CP1_CI_AS. 6. Continue to the page Database Engine Configuration, select Mixed Mode (SQL Server authentication and Windows authentication), input a password (use the same as your administrator password for the PoC landscape) and confirm it. Click the button Add to add domain user SAPServiceB1C into the SQL Server Administrators. 7. Click Next to install. 8. For more details on installing Microsoft SQL Server for SAP Business One see section in the SAP Business One Administrator Guide for SQL Creation of a second SQL Instance 1. Launch the installation of SQL Server 2008 R2 again 2. Follow the steps in Installation of Microsoft SQL Server 2008 R2 above, selecting New installation or add shared features on the Installation Type page. And on the Instance Configuration page, specify the Named Instance as SLD Configuration of Microsoft SQL Server 2008 R Enable TCP/IP 1. Run SQL Server Configuration Manager, expand the node titled SQL Server Configuration Manager SQL Server Network Configuration, in Protocols for MSSQLSERVER and Protocols for SLD, enable Named Pipes and TCP/IP. In the node SQL Server Services, restart SQL Server (MSSQLSERVER) and SQL Server (SLD). 2. Configure the port on the SLD instance to port number Enable Firewall Port 1. Open the Control Panel and navigate to Check firewall status Advanced Settings. 2. Click Add new Inbound Rules, then follow the wizard and specify port 1433 to be an exception a nd name the rule as SQL Server 1433 to allow for easy future identification. 3. Alternatively, turn off Windows firewall on Domain network location. 9
10 4. Don t forget the second instance, you need to configure the port and allow it through the firewall too. (Port 14331) 5. Also create an Inbound rule for the SQL Server Browser (UDP Port 1434) 6. See for more details Configure the SQL Services 1. Change the logon account for the SQL Server service to Network Service 2. Navigate to Administrative Tools in the Start Menu, then open Services. 3. Double-click on SQL Server Browser to change the Startup type to Automatic. 4. Switch to the Log On tab page and change the logon account to NETWORK SERVICE Configure User Security in both SQL instances 2. In Microsoft SQL Server Management Studio grant Microsoft SQL Server security privileges to cloud operators: a. Add the corresponding domain groups or domain user accounts for Cloud Operators as SQL Server logins. b. For each account, set the server roles as public and sysadmin 3. Grant local server administrator privileges to the SAPServiceB1C account for each database instance: a. In Windows, choose Start Control Panel Administrative Tools Computer Management. b. In the Computer Management window, expand Local Users and Groups Groups. c. Right-click the Administrators group and choose Add to Group. d. In the Administrator s Properties window, add the SAPServiceB1C account. 4 INSTALLING THE SAP BUSINESS ONE CLOUD SOFTWARE COMPONENTS 4.1 Create a SAP Business One Software Repository 1. Logon to Central Components server CCC. 2. Navigate to the folder \\CCC\share\SAPB1Packages 3. Create a folder called for a specific version of SAP Business One, e.g. SAPB1 Packages\882PL11\UpgradeCD 4. Extract the SAP Business One upgrade package to this folder. 5. Share this folder, the share will then be accessible with \\CCC\Share\SAPB1 Packages\882PL Install SAP Business One Server Tools (License Server) and SAP Business One Mailer 1. Logon to Central Components server CCC 2. Install Business One Server Tools, selecting a custom install and choosing License manager and Mailer as the options. Make a note of the SAP Business One Site User password, then confirm. (Normally the Mailer would not be installed here as one is required per Service Unit but in this case we are only going to have one Mailer) 3. Run Service Manager after installed. Choose License Manager in Service dropdown list and select Start when operating system starts. 4. Remember the Hardware Key which will be used to request license file. 5. After completing the license server installation process, change the logon account for the corresponding Windows service to Network Service. 4.3 Install the SAP Business One Cloud Control Center To install the SLD and Cloud Control Center, do the following: 1. Logon to Central Components server CCC 2. Navigate to the root folder of the installation package, right-click the SLD_x64.exe file, and choose Run as administrator. 3. In the SAP Business One SLD Service InstallShield Wizard window that appears, choose the Next button. 4. In the System Landscape Directory Service Configuration window, specify the user name as the SAPServiceB1C user and input the appropriate password. The user that is used to run the SLD Service must be assigned as the local administrator of the server that it is installed on and must have the sysadmin role on the SLD Database Instance. 5. In the Web Protocol window, select the radio button of the web protocol you want the SLD to use for connections. a. In our PoC scenario select HTTP, we do not have to supply a certificate with this configuration. For security reasons the recommendation for a live implementation of the SAP Business One Cloud Landscape is to use the HTTPS option 10
11 6. In the Cloud Control Center Site Configuration window, specify the site name, IP address, and TCP/IP port of the Cloud Control Center. Select the checkboxes for default values. 7. In the System Landscape Directory Database Configuration window, specify the database server as SQL, accept the default name for the database and select Windows Authentication, then click next. 8. In the Cloud Control Center Default Account Configuration window, enter b1cadm as the user name you want to use as the default account for accessing the Cloud Control Center. 9. In the Ready to Install Components window, click the Install button to complete the installation. 10. After the wizard finishes restart the server to complete the installation. 11. After completing the installation process it is recommended to backup the keytools.dat and SLD.KEYSTORE files located in <INSTALLDIR>\apache-tomcat \work\Catalina\localhost\sld\WEB-INF\classes\META-INF\. 4.4 Install the SAP Business One SLD Agent In addition to the SLD and Cloud Control Center, you must install the SLD Agent Service. This agent service executes tasks on behalf of the SLD, such as performing database upgrades. You can manually install the SLD Agent Service on servers individually using the process described below, alternatively in larger environments you can perform the installation automatically using a Group Policy Object, details on this approach can be found in the document Using Group Policy Objects in the Cloud Landscape The SLD Agent Service needs to be installed on the Central Components, Database and Application Servers. Logon to each of them in turn to install the SLD Agent Service using the provided installer and do the following: 1. Navigate to the root folder of the SAP Business One Cloud installation package. In the SLDAgentMSI_x64 folder, right-click the SLDAgent_x64.exe file, and the choose Run as administrator. 2. In the SAP Business One Cloud SLD Agent Service InstallShield Wizard window that appears, choose the Next button. 3. In the SLD Agent Service Configuration window, specify the user name as SAPServiceB1C and input the corresponding password. The user that is used to run the SLD Service Agent must be assigned as the local administrator of the server that it is installed on. 4. In the System Landscape Directory Configuration window, enter the URL of the System Landscape Directory, in this case it is 5. In the Ready to Install Components window, click the Install button 4.5 Install the User Access Portal To install the user access portal, do the following: 1. Logon to the User Access Portal server, RDS. 2. Navigate to the root folder of the SAP Business One Cloud installation package, right-click the UserAccessPortal.exe file, and choose Run as administrator. 3. In the SAP Business One Cloud User Access Portal InstallShield Wizard window that appears, choose the Next button. 4. In the Setup Type window, select to use Remote Desktop Service for SAP Business One User Access Portal 5. In the Microsoft Internet Information Services Configuration window, specify the User Name as SAPServiceB1C and provide the correct password. 6. In the System Landscape Directory Configuration window, enter 7. In the Ready to Install Components window, choose the Install button. 8. In the Complete window, choose the Finish button. For details on customizing the User Access Portal (SAP only provides this as a template and not for productive use see the document Customizing the SAP Business One Cloud User Access Portal. 4.6 Registry Configuration For the SAP Business One Cloud Landscape components to function correctly specific settings must be added to the Windows Registry of the servers that exist in the SAP Business One Cloud Landscape. In this PoC we will set up the entries manually, however it is more efficient to deliver the registry entries automatically to each server using a Group Policy Object, full details can be found in Using Group Policy Objects in the Cloud Landscape 1. Two new registry key values need to be created in HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SAP\SAP Manage: 11
12 a. Create one new key called Hosting of type Dword, with a value of 1 b. Create a second key called SLDAddress of type String with a value of 2. Implement this registry change to each computer in the landscape. 4.7 Working with Microsoft Office Integration To provide integration with Microsoft Office, do the following: Install IIS and WebDav Publishing on the User Share server 1. Logon on to Logon to Central Components server CCC 2. Open Server Manager, expand the Server Manager (Computer Name), right-click Roles and click Add Roles. 3. Select Web Server (IIS) in the wizard page and click the Next button 4. In Select Role Services, check WebDav Publishing and Digest Authentication. 5. Complete the installation of IIS Configure IIS and WebDav Publishing Enable users to access their personal sub-folders in the user storage using the WebDAV protocol. 1. In Windows, choose Start Administrative Tools Server Manager. 2. In the Console Tree, expand Roles Web Server (IIS) Internet Information Services (IIS) Manager. 3. In the Connections pane, expand the Sites node in the tree, right-click Default Web Site, and then select Add Virtual Directory from the context menu. 4. In the Add Virtual Directory window, set the Alias as UserStorage and Physical Path as \\CCC\Share\UserStorage 5. Double-click on the newly created Virtual Directory named UserStorage and select Authentication from the IIS area menu on the right. 6. Edit the Authentication to disable Anonymous Authentication and enable Digest Authentication. 7. Configure the WebDAV authoring rules: a. In the Connections pane, expand Sites Default Web Site User Storage. b. In the IIS area, double-click WebDAV Authoring Rules. c. In the Actions pane, choose Add Authoring Rule. d. In the Add Authoring Rule window, do the following: o In the Allow access to area, select the All Content radio button. o In the Allow access to this content to area, select the All users radio button, o In the Permissions area, select the Read, Source, and Write checkboxes Enable Automatic Mapping of User Storage for Users To enable the automatic mapping of user storage to the Z drive on users' local machines when users log on to SAP Business One Cloud, use a group policy object to configure the following logon script for each domain user: net use Z: \\<StorageServer>\UserStorage\%USERNAME% 1. Logon to the Domain Controller server, DC 2. Create a batch file on the Desktop called DriveMap.bat 3. In the batch file enter the following net use Z: \\<StorageServer>\UserStorage\%USERNAME% and save 4. In Windows, choose Start Run 5. Enter gpmc.msc and launch Group Policy Management 6. Navigate to Domains sapbusinessonecloud.net, right-click and select New Organization Unit and enter the name SLD Agent Group 7. Right-click on the new Organization Unit SLD Agent Group and select Create a GPO in this domain, and link it here..., input the name User Storage Drive Mapping 8. Right-click on User Storage Drive Map, select Edit. 9. In the opened window, expand to User Configuration Policies Windows Settings Script 10. Double-click Logon in the pane on the right, in the pop-up window click the Add button 11. In the Add a Script window, click the Browse button and copy the DriveMap.bat file created in step 2 into the opened folder and select it Configure the Microsoft Office Integration Registry Key 12
13 For SAP Business One Cloud to operate the Microsoft Office Integration correctly a registry value needs to be entered into the registry of all Application Servers. In this PoC we will set up the entries manually, however it is more efficient to deliver the registry entries automatically to each server using a Group Policy Object, full details can be found in Using Group Policy Objects in the Cloud Landscape. 1. In the registry find HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SAP\SAP Manage 2. Create a registry key called DirectExcelExport of type Dword and set the value to After configuration restart the Application Server 13
14 SAP AG or an SAP affiliate company. All rights reserved. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. National product specifications may vary. These materials are provided by SAP AG and its affiliated companies ( SAP Group ) for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty. SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries. Please see for additional trademark information and notices.
Building the SAP Business One Cloud Landscape Part of the SAP Business One Cloud Landscape Workshop Version 3.2 TABLE OF CONTENTS 1 INTRODUCTION... 3 2 LANDSCAPE DETAILS... 3 2.1 Server Details... 3 2.2
LifeSize Control Installation Guide April 2005 Part Number 132-00001-001, Version 1.0 Copyright Notice Copyright 2005 LifeSize Communications. All rights reserved. LifeSize Communications has made every
2X ApplicationServer & LoadBalancer Manual 2X ApplicationServer & LoadBalancer Contents 1 URL: www.2x.com E-mail: email@example.com Information in this document is subject to change without notice. Companies,
c623242f-20f0-40fe-b5c1-8412a094fdc7 Deploying Personal Virtual Desktops by Using RemoteApp and Desktop Connection Step-by-Step Guide Microsoft Corporation Published: June 2009 Updated: April 2010 Abstract
Enabling Kerberos SSO in IBM Cognos Express on Windows Server 2008 Nature of Document: Guideline Product(s): IBM Cognos Express Area of Interest: Infrastructure 2 Copyright and Trademarks Licensed Materials
Introduction EASYLABEL 6 has several new features for saving the history of label formats. This history can include information about when label formats were edited and printed. In order to save this history,
NSi Mobile Installation Guide Version 6.2 Revision History Version Date 1.0 October 2, 2012 2.0 September 18, 2013 2 CONTENTS TABLE OF CONTENTS PREFACE... 5 Purpose of this Document... 5 Version Compatibility...
Deploying Remote Desktop IP Virtualization Step-by-Step Guide Microsoft Corporation Updated: April 2010 Published: July 2009 Abstract Remote Desktop IP Virtualization provides administrators the ability
Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide Microsoft Corporation Published: May 2010 Abstract This guide describes the steps for configuring Remote Desktop Connection
Non-ThinManager Components Microsoft Terminal Servers play an important role in the ThinManager system. It is recommended that you become familiar with the documentation provided by Microsoft about their
Step By Step Guide: Demonstrate DirectAccess in a Test Lab Microsoft Corporation Published: May 2009 Updated: October 2009 Abstract DirectAccess is a new feature in the Windows 7 and Windows Server 2008
Desktop Surveillance Help Table of Contents About... 9 What s New... 10 System Requirements... 11 Updating from Desktop Surveillance 2.6 to Desktop Surveillance 3.2... 13 Program Structure... 14 Getting
QUANTIFY INSTALLATION GUIDE Thank you for putting your trust in Avontus! This guide reviews the process of installing Quantify software. For Quantify system requirement information, please refer to the
NETWRIX PASSWORD MANAGER ADMINISTRATOR S GUIDE Product Version: 6.1 February/2012 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment
How to Edit Local Computer Policy Settings To edit the local computer policy settings, you must be a local computer administrator or a member of the Domain Admins or Enterprise Admins groups. 1. Add the
LepideAuditor Suite for File Server Installation and Configuration Guide Table of Contents 1. Introduction... 4 2. Requirements and Prerequisites... 4 2.1 Basic System Requirements... 4 2.2 Supported Servers
Password Reset Server Installation Guide Windows 8 / 8.1 Windows Server 2012 / R2 Last revised: November 12, 2014 Table of Contents Table of Contents... 2 I. Introduction... 4 A. ASP.NET Website... 4 B.
FTP Server Configuration For HP customers who need to configure an IIS or FileZilla FTP server before using HP Device Manager Technical white paper 2 Copyright 2012 Hewlett-Packard Development Company,
Deploying CTERA Agent via Microsoft Active Directory and Single Sign On Cloud Attached Storage September 2015 Version 5.0 Copyright 2009-2015 CTERA Networks Ltd. All rights reserved. No part of this document
with Group Policy for SyAM System Client Installation SyAM System Client can be deployed to systems on your network using SyAM Management Utilities. If Windows Firewall is enabled on target systems, it
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # 70-643) Chapter Four Windows Server 2008 Remote Desktop Services, Part 1 Objectives Describe the Remote Desktop
[Editor s Note: The following content was excerpted from the free ebook The Tips and Tricks Guide to Securing Windows Server 2003 (Realtimepublishers.com) written by Roberta Bragg and available at http://www.netiq.com/offers/ebooks.]
SyAM Management Utilities and Non-Admin Domain Users Some features of SyAM Management Utilities, including Client Deployment and Third Party Software Deployment, require authentication credentials with
MicrosoftDynam ics GP 2015 TenantServices Installation and Adm inistration Guide Copyright Copyright 2014 Microsoft Corporation. All rights reserved. Limitation of liability This document is provided as-is.
StarWind SMI-S Agent: Storage Provider for SCVMM April 2012 TRADEMARKS StarWind, StarWind Software, and the StarWind and StarWind Software logos are trademarks of StarWind Software that may be registered
How-To Guide Document Version: 1411 2014.12.15 How to Configure an Example SAP Cloud Applications Studio (PDI) Solution for SAP Cloud for Customer How to configure an example SAP Cloud Applications Studio
Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab Microsoft Corporation Published: May, 2005 Author: Microsoft Corporation Abstract This guide describes how to create
Ekran System Help File Table of Contents About... 9 What s New... 10 System Requirements... 11 Updating Ekran to version 4.1... 13 Program Structure... 14 Getting Started... 15 Deployment Process... 15
Stormshield Network Firewall Document version: 1.0 Reference: snentno_autobackup CONTENTS INTRODUCTION 3 OPERATION 3 Storing in the Mystormshield.eu client area 3 Storing on a customized server 3 FIREWALL
DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access With IDENTIKEY Server / Axsguard IDENTIFIER Integration Guidelines Disclaimer Disclaimer of Warranties and Limitations
Xerox Multifunction Devices June 26, 2003 for the user Configuring a Windows 2000 Domain Controller as a Scan Repository Purpose This document describes the procedures to set up a Windows 2000 Domain Controller
2X ApplicationServer & LoadBalancer Manual 2X ApplicationServer & LoadBalancer Contents 1 URL: www.2x.com E-mail: firstname.lastname@example.org Information in this document is subject to change without notice. Companies,
AD RMS Step-by-Step Guide Microsoft Corporation Published: March 2008 Author: Brian Lich Editor: Carolyn Eller Abstract This step-by-step guide provides instructions for setting up a test environment to
How to Test Out Backup & Replication 6.5 for Hyper-V Mike Resseler May, 2013 2013 Veeam Software. All rights reserved. All trademarks are the property of their respective owners. No part of this publication
Interworks Interworks Cloud Platform Installation Guide Published: March, 2014 This document contains information proprietary to Interworks and its receipt or possession does not convey any rights to reproduce,
Connection and Printer Setup Guide For connection issues, see the following sections of this document: "Connection Requirements" on page 1 "Log on" on page 2 "Troubleshooting Your Connection" on page 4
Active Directory Change Notifier Quick Start Guide Software version 3.0 Mar 2014 Copyright 2014 CionSystems Inc., All Rights Reserved Page 1 2014 CionSystems Inc. ALL RIGHTS RESERVED. This guide may not
User Manual Onsight Management Suite Version 5.1 Another Innovation by Librestream Doc #: 400075-06 May 2012 Information in this document is subject to change without notice. Reproduction in any manner
Sophos for Microsoft SharePoint startup guide Product version: 2.0 Document date: March 2011 Contents 1 About this guide...3 2 About Sophos for Microsoft SharePoint...3 3 System requirements...3 4 Planning
Installation Guide: Agentry Device Clients SAP Mobile Platform 2.3 Windows DOCUMENT ID: DC01954-01-0230-01 LAST REVISED: February 2013 Copyright 2013 by SAP AG or an SAP affiliate company. All rights reserved.
ilaw Installation Procedure This guide will provide a reference for a full installation of ilaw Case Management Software. Contents ilaw Overview How ilaw works Installing ilaw Server on a PC Installing
Technical white paper HP Device Manager 4.6 FTP Server Configuration Table of contents Overview... 2 IIS FTP server configuration... 2 Installing FTP v7.5 for IIS... 2 Creating an FTP site with basic authentication...
JWCL031_appB_467-475.indd Page 467 5/12/08 11:02:46 PM user-s158 Appendix B Lab Setup Guide The Windows Server 2008 Applications Infrastructure Configuration title of the Microsoft Official Academic Course
Installing CaseMap Server User Guide CaseMap Server, Version 1.8 System Requirements Installing CaseMap Server Installing the CaseMap Admin Console Installing the CaseMap SQL Import Utility Testing Installation
Version 5.0 SurfControl Web Filter for Citrix Installation Guide for Service Pack 2 NOTICES Updates to the SurfControl documentation and software, as well as Support information are available at www.surfcontrol.com/support.
Hardening Guide for EventTracker Server Publication Date: Oct 17, 2014 EventTracker 8815 Centre Park Drive Columbia MD 21045 www.eventtracker.com Introduction The EventTracker solution includes a console
Sophos Anti-Virus for NetApp Storage Systems startup guide Runs on Windows 2000 and later Product version: 1 Document date: April 2012 Contents 1 About this guide...3 2 About Sophos Anti-Virus for NetApp
Metalogix SharePoint Backup Publication Date: August 24, 2015 All Rights Reserved. This software is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this
USER GUIDE WEB-BASED SYSTEM CONTROL APPLICATION Publication: 81-9059-0703-0, Rev. C www.pesa.com Phone: 256.726.9200 Thank You for Choosing PESA!! We appreciate your confidence in our products. PESA produces
SQL Server Installation Guide 1. From the Visor 360 installation CD\USB Key, open the Access folder and install the Access Database Engine. 2. Open Visor 360 V2.0 folder and double click on Setup. Visor
Passwordstate Installation Instructions This document and the information controlled therein is the property of Click Studios. It must not be reproduced in whole/part, or otherwise disclosed, without prior
Administrator's Guide SAP Business One 9.0 Document Version: 1.0 2012-10-31 All Countries Typographic Conventions Type Style Example Description Words or characters quoted from the screen. These include
SAP Business One PUBLIC Administrator's Guide Release Family 8.8 Applicable Release: SAP Business One 8.81 All Countries English August 2011 Contents 1. Introduction... 5 1.1. Application Components Overview...
Sharpdesk V3.5 Push Installation Guide for system administrator Version 3.5.01 Copyright 2000-2015 by SHARP CORPORATION. All rights reserved. Reproduction, adaptation or translation without prior written
How To Use 802.1x EAP-TLS or PEAP-MS-CHAP v2 with Microsoft Windows Server 2003 to Make a Secure Network Introduction This document describes how to create a secure LAN, using two servers and an 802.1xcompatible
Microsoft Virtual Labs Administering the IIS 7 File Transfer Protocol (FTP) Server Table of Contents Exercise 1 Installing the Microsoft FTP Publishing Service for the IIS 7... 1 Exercise 2 Introducing
HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE Copyright 1998-2013 Tools4ever B.V. All rights reserved. No part of the contents of this user guide may be reproduced or transmitted in any form or by any means
Avaya one X Portal 1.1.3 Lightweight Directory Access Protocol (LDAP) over Secure Socket Layer (SSL) Configuration This document provides configuration steps for Avaya one X Portal s 1.1.3 communication
Installing and Configuring vcenter Multi-Hypervisor Manager vcenter Server 5.1 vcenter Multi-Hypervisor Manager 1.1 This document supports the version of each product listed and supports all subsequent
Upgrading from MSDE to SQL Server 2005 Express Edition with Advanced Services SP2 Installation and Configuration Introduction This document will walk you step by step in removing MSDE and the setup and
Installing and Configuring vcloud Connector vcloud Connector 2.7.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
SafeNet Authentication Service Installation Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
Important Please read this User s Manual carefully to familiarize yourself with safe and effective usage. About This Manual This manual describes how to install and configure RadiNET Pro Gateway and RadiCS
Test Lab Guide: ebook for SharePoint Server 2013 Intranet and Team Sites This document is provided as-is. Information and views expressed in this document, including URL and other Internet Web site references,
ilaw Server Migration Guide Revised April 2014 Contents Preface Overview 1. Backing up your Existing database Method 1. Backing up an ilaw MSDE database only Method 2. Using BURT The Backup/Restore Tool
rev 6.1.12 How to Configure a Remote Desktop Licensing Server for vspace 6 This guide will walk you through the process of creating a RDS Licensing server and then configuring your vspace 6 host to connect
EOS Step-by-Step Setup Guide Wireless File Transmitter FTP Mode Infrastructure Setup Windows 7 2012 Canon U.S.A., Inc. All Rights Reserved. Reproduction in whole or in part without permission is prohibited.
Xerox Multifunction Devices Customer Tips June 5, 2007 This document applies to these Xerox products: X WC Pro 232/238/245/ 255/265/275 for the user Xerox Network Scanning HTTP/HTTPS Configuration using
Mobile Device Management Version 8 Last updated: 17-10-14 Copyright 2013, 2X Ltd. http://www.2x.com E mail: email@example.com Information in this document is subject to change without notice. Companies names
2X Cloud Portal v10.5 URL: www.2x.com E-mail: firstname.lastname@example.org Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise
Enterprise Self Service Quick start Guide Software version 22.214.171.124 December 2013 General Information: email@example.com Online Support: firstname.lastname@example.org 1 2013 CionSystems Inc. ALL RIGHTS RESERVED.
Setting up VMware ESXi for 2X VirtualDesktopServer Manual URL: www.2x.com E-mail: email@example.com Information in this document is subject to change without notice. Companies, names, and data used in examples
Passwordstate Installation Instructions This document and the information controlled therein is the property of Click Studios. It must not be reproduced in whole/part, or otherwise disclosed, without prior
Lepide Software LepideAuditor for File Server [CONFIGURATION GUIDE] This guide informs How to configure settings for first time usage of the software Lepide Software Private Limited, All Rights Reserved
Your consent to our cookies if you continue to use this website.