SAP BusinessObjects Explorer Administrator's Guide

SAP BusinessObjects Explorer Administrator's Guide

■ SAP BusinessObjects Enterprise XI 3.1

2009-12-08

Copyright

© 2009 SAP AG. All rights reserved.SAP, R/3, SAP NetWeaver, Duet, PartnerEdge,
ByDesign, SAP Business ByDesign, and other SAP products and services
mentioned herein as well as their respective logos are trademarks or registered
trademarks of SAP AG in Germany and other countries. Business Objects and the
Business Objects logo, BusinessObjects, Crystal Reports, Crystal Decisions, Web
Intelligence, Xcelsius, and other Business Objects products and services mentioned
herein as well as their respective logos are trademarks or registered trademarks
of Business Objects S.A. in the United States and in other countries. Business
Objects is an SAP company.All other product and service names mentioned are
the trademarks of their respective companies. Data contained in this document
serves informational purposes only. National product specifications may vary.These
materials are subject to change without notice. These materials are provided by
SAP AG and its affiliated companies ("SAP Group") for informational purposes
only, without representation or warranty of any kind, and SAP Group shall not be
liable for errors or omissions with respect to the materials. The only warranties for
SAP Group products and services are those that are set forth in the express
warranty statements accompanying such products and services, if any. Nothing
herein should be construed as constituting an additional warranty.

2009-12-08

Contents

Introduction..........................................................................................7Chapter 1

About this guide...........................................................................................7

Important SAP Notes...................................................................................7

Related guides.............................................................................................8

Business Scenarios...........................................................................11Chapter 2

End-user features......................................................................................11

Administration features..............................................................................12

Key terms...................................................................................................12

Technical System Landscape...........................................................15Chapter 3

Architecture................................................................................................15

How SAP BusinessObjects Explorer works with SAP BusinessObjects

Enterprise..................................................................................................16

The Explorer servers.................................................................................17

Supported data providers..........................................................................17

Distributed deployment scenarios.............................................................18

Supported platforms for SAP BusinessObjects Explorer...........................19

Monitoring..........................................................................................21Chapter 4

Monitoring the Explorer servers.................................................................21

Tracing and logging the Explorer servers..................................................21

Configuring the Explorer server trace files................................................22

Overriding Explorer server logging methods.............................................22

Monitoring web parts.................................................................................23

3

Contents

Tracing and logging web parts...................................................................24

Web application logging.............................................................................24

Using JMX monitoring capability...............................................................25

System Management.........................................................................27Chapter 5

Starting and stopping Explorer..................................................................27

Software Configuration..............................................................................27

Web Application settings...........................................................................27

Explorer server settings.............................................................................30

Standardizing font usage across your deployment....................................41

Administration Tools...................................................................................44

BI platform administrative tools..................................................................44

Backup and Restore..................................................................................50

Backing up your Explorer System.............................................................50

Load Balancing..........................................................................................51

Loadbalancing...........................................................................................51

Deploying Multiple Search Servers for Improved Information Space

Exploration.................................................................................................52

Deploying Multiple Index Servers for Improved Indexing..........................53

Periodic Tasks............................................................................................55

Verifying Information Space indexes.........................................................55

User Administration and Authentication....................................................55

User Management.....................................................................................55

Authentication methods.............................................................................62

Single Sign On...........................................................................................65

Managing Information Spaces...................................................................76

Authorization required for Information Spaces..........................................76

Controlling access rights to the Information Space folders.......................78

Indexing best practices..............................................................................78

Testing your Information Space.................................................................79

Information Space design best practices...................................................79

Network and Communication Security............................................81Chapter 6

Network security........................................................................................81

4

Contents

Firewall port usage for SAP BusinessObjects Explorer.............................82

Reverse proxies.........................................................................................84

Configuring servers for SSL.......................................................................84

Creating key and certificate files................................................................85

To create key and certificate files for a machine........................................85

Configuring the SSL protocol.....................................................................88

To configure the SSL protocol in the CCM................................................88

To configure the SSL protocol for the web application server...................88

Data storage security........................................................................91Chapter 7

Data and metadata storage locations........................................................91

Data protection..........................................................................................91

Cookies......................................................................................................92

High Availability.................................................................................93Chapter 8

Ensuring system availability.......................................................................93

Configuring failover between CMS servers...............................................93

Configuring failover between Explorer Master servers..............................94

Troubleshooting.................................................................................95Chapter 9

Understanding error messages.................................................................95

More Information................................................................................97Appendix A

Index 101

5

Contents

6

Introduction

About this guide

This guide is for administrators who need to install SAP BusinessObjects
Explorer XI 3.2.

For information on how to use SAP BusinessObjects Explorer to explore
corporate business intelligence data, see the Help.

Information:

For an overview of the information resources dedicated to deployments of
SAP BusinessObjects Explorer with SAP NetWeaver BW Accelerator, refer
to the Master Guide for SAP BusinessObjects Explorer, accelerated version
at: https://service.sap.com/bosap-explorer.

Introduction

Important SAP Notes

It is recommended that IT and BI administrators managing an SAP
BusinessObjects Explorer system read the following SAP notes:

7

Introduction

TitleTopicSAP Note

1388247

Monitoring SAP Busines­sObjects Explorer within
SAP Solution Manager

1366180

Performance and reliability
information

Related guides

The following SAP documentation provides information for SAP
BusinessObjects Explorer:

Note 1388247 - RCA: Managed
System Setup for SAP Business
Objects Explorer

SAP BusinessObjects Explorer
Performance & Reliability

8

Introduction

LocationDocumentationInformation

Overview of the fea­tures, architecture and
technical landscape
as well as links to re­quired documentation
and SAP notes.

Information about the
supported platforms
and third party soft­ware.

SAP BusinessObjects
Explorer Master
Guide

Product Availablity Ma­trix

• SAP BusinessOb-

jects Explorer XI 3.2
for Windows Support
Platforms

• SAP BusinessOb-

jects Explorer XI 3.2
for AIX Support Plat­forms

• SAP BusinessOb-

jects Explorer XI 3.2
for Linux SuSE Sup­port Platforms

SAP Help Portal:

http://help.sap.com

SAP Service Market­place: http://ser

vice.sap.com/pam

In the "Search" field,
type: Explorer XI 3.2

Installation proce­dures for each sup­ported operating sys­tem

Explorer administra­tion tasks, configura­tion, monitoring, trou­bleshooting. Network
and communication
security plus user
management, authen­tication, SSO.

SAP BusinessObjects
Explorer Installation
Guide

SAP BusinessObjects
Explorer Administra­tor's Guide

SAP Service Market­place: http://ser

vice.sap.com/bosap­instguides

SAP Help Portal:

http://help.sap.com

9

Introduction

LocationDocumentationInformation

Complete information
about the Business
Intelligence platform
administration to
which SAP Busines­sObjects Explorer is
an add-in component

End-user information
on creating, managing
and exploring data
using the Explorer ap­plication interface.

Quick overview of the
Explorer end-user
features and proce­dures to help new
users get started.

List of the new fea­tures introduced with
the latest release.

List of known issues
and workarounds.

SAP BusinessObjects
Enterprise Administra­tor's Guide

SAP BusinessObjects
Explorer Online Help

SAP BusinessObjects
Explorer at a Glance

What's New in SAP
BusinessObjects Ex­plorer

SAP BusinessObjects
Explorer Release
Notes

SAP Help Portal:

http://help.sap.com

Log into the applica­tion then click Help.

SAP Help Portal:

http://help.sap.com

SAP Help Portal:

http://help.sap.com

http://ser
vice.sap.com/re
leasenotes

10

Error messages ex­plained

SAP BusinessObjects
Explorer Error Mes­sage Guide

SAP Help Portal:

http://help.sap.com

Business Scenarios

End-user features

SAP BusinessObjects Explorer combines the simplicity and speed of search
with the trust and analytical power of business intelligence (BI) to provide
immediate answers to business questions. Users employ familiar keyword
searches to find information and explore directly on data.

Features include:

• Search across all data sources – Users simply enter a few search

keywords to find the most relevant information instantly from across all
of their data sources; including operational applications, data warehouses,
marts, RDBMS, OLAP servers, and unstructured sources recently
processed through SAP BusinessObjects Text Analysis.

• Preindexed data sources and metadata – Preindexing enables results

retrieval and exploration interactivity to occur at near instantaneous
speeds. Pre-existing reports or metrics are not required.

• Contextual exploration – values are logically presented by category (or

dimension). Selecting values to filter the available data according to end
user's focus area is highly intuitive. No data model or data knowledge is
required.

• Automated chart generation – SAP BusinessObjects Explorer presents

the automatically generates the chart that best represents the information.

• Sharable via e-mail and URL – end users can send their filtered versions

of data sets (or Information Spaces) as a URL-embedded e-mail or save
them as a bookmark.

• Integration with SAP Business Objects Web Intelligence – data sets

explored in SAP BusinessObjects Explorer can be exported to SAP
BusinessObjects Web Intelligence to analyze, format, publish, and share
with others.

• Use Excel spreadsheets as a data provider -- end users can create

Information Spaces on top of Excel spreadsheets and so explore and
visualize personal data files.

Business Scenarios

11

• Export data to CSV or Excel – export your filtered version of data to Excel

or to any third-party application that supports data imports from CSV.

Administration features

SAP BusinessObjects Explorer leverages the BI platform's universe metadata,
security, trust, and administration services.

Features include:

• Business intelligence (BI) platform security – BI platform security is applied

across all SAP BusinessObjects Explorer searches and exploration,
ensuring your users will have access to only the data they are permitted
to see. In addition, Explorer power users and administrators can control
the objects that end users are allowed to see according to their Explorer
logon ID.

• Support for a broad range of data source types – Accessible data sources

can include operational applications, data warehouses, RDBMS, OLAP,
and even unstructured sources processed via SAP BusinessObjects Text
Analysis.

Business Scenarios

Key terms

In order to understand how SAP BusinessObjects Explorer consumes your
corporate data and system resources you will need to familiarize yourself
with some key terms.

Information Spaces

An Information Space is a collection of objects mapped to data for a specific
business operation or activity. SAP BusinessObjects Explorer users type in
key words related to the business question they wish to analyze, in order to
retrieve the Information Space(s) that contain the relevant data. Power users,
with the Space Creator user profile, create the Information Spaces on top of
corporate data providers.

Indexing

In order to prepare Information Spaces for consumption by the Explorer
search and charting engines, Information Spaces need to be indexed when

12

Business Scenarios

they are created. Information Space indexes can be run manually or
scheduled to run at a time of your choice to manage the load on your system
with maximum efficiency. When the Indexing process is run, SAP
BusinessObjects Explorer generates an index associated to the objects
contained in the Information Space.

Note:

Indexing consumes relatively large resources. If your deployment requires
indexes to be run frequently, SAP recommends you deploy multiple Explorer
indexing servers on your SAP BusinessObjects Explorer cluster.

Facets

Facets organize the information available within an Information Space. A
facet contains the list of values available for each of the objects included in
the Information Space. For example, a facet called "Vehicle" could include
values such as "Car", "Bicycle", "Motorbike", "Truck", and so on. Facets can
be organized in groups at Information Space creation or configuration time.
This makes it easier for end users to view related values together and perform
drill type exploration from aggregated values to more detailed values in
related dimensions.

Personalization

Personalization enables you to make a single Information Space available
to all end users, but only make specific objects within that Information Space
available to each user. For example, Managers only see the cost center
objects for which they are responsible. To enable personalization,
administrators need to create a Technical Information Space that contains
the Explorer logins of each user mapped to the objects they are allowed to
view. The Information Space that contains the data needs to be configured
to map to the Technical Information Space.

13

Business Scenarios

14

Technical System Landscape

Architecture

The architecture of SAP BusinessObjects Explorer is structured into the
following layers:

• clients

• web tier/gateway - includes the web server(s) and Web Application

Server(s)

• backend - includes the SAP BusinessObjects Explorer servers and the

SAP BusinessObjects Enterprise servers.

Technical System Landscape

15

Technical System Landscape

How SAP BusinessObjects Explorer works with SAP BusinessObjects Enterprise

SAP BusinessObjects Explorer is an add-on to SAP BusinessObjects
Enterprise XI. The servers, Information Spaces, and users are managed by

16

the BusinessObjects Enterprise Central Management Server (CMS) and
Central Management Console (CMC), with the exception of audit, which is
not available for the Explorer servers.

To see how the Explorer components fit into the Business Intelligence
platform, refer to the Architecture overview listed in Related Topics, below.

Related Topics

• Architecture

The Explorer servers

When you install SAP BusinessObjects Explorer, the following servers are
added to the BusinessObjects Enterprise Central Configuration Manager
(CCM) and Central Management Console (CMC):

• Explorer Master Server

Manages all of the Explorer servers (that is, the Explorer Indexing Server,
Explorer Search Server and Explorer Exploration Server).

Technical System Landscape

• Explorer Indexing Server

Provides and manages the indexing of Information Space data and
metadata.

• Explorer Search Server

Processes search queries and returns search results.

• Explorer Exploration Server

Provides and manages the Information Space exploration and analysis
capabilities including search on data, filtering and aggregation.

Each Explorer server manages its own index.

Supported data providers

SAP BusinessObjects Explorer XI 3.2 can consume data from the following
data providers:

17

Technical System Landscape

• BusinessObjects universes

• Excel spreadsheets

• OLAP universes built on SAP NetWeaver Business Warehouse (BW)

InfoCubes

Note:

If you purchase SAP BusinessObjects Explorer (blade) 2.0, the Explorer
application can also leverage SAP NetWeaver BW Accelerator (BWA) indexes
enabled for Explorer, based on SAP NetWeaver BW InfoCubles and non-SAP
data sources. Non-SAP data sources are loaded into BWA using SAP
BusinessObjects Data Services.

Distributed deployment scenarios

Implementing a distributed deployment scenario is recommended in the case
of larger and critical production deployments.

Failover

If failover is a key requirement, you can deploy more than one Explorer
Master Server to manage the other Explorer servers. The Master Servers
work together to maintain the consistency of critical data.

18

Load balancing

SAP BusinessObjects Explorer supports the clustering of your web application
server. Hardware or software load balancers can be used as the entry-point
for the web application servers to ensure that the processing is evenly
distributed among servers.

Note:

The following persistence types are currently supported

• Source IP address persistence

Information:

For information about load balancing for SAP BusinessObjects Enterprise,
refer to the SAP Product Availability Matrix (PAM) at: http://ser

vice.sap.com/pam. From the PAM home page, enter "Explorer XI 3.2" into

the Search field on the PAM home page.

Related Topics

• Network security

• Deploying Multiple Index Servers for Improved Indexing

• Deploying Multiple Search Servers for Improved Information Space

Exploration

• Configuring the workload update setting for load balancing

Supported platforms for SAP BusinessObjects Explorer

For detailed information on supported operating systems and web application
servers, refer to the SAP Product Availability Matrix (PAM) at: http://ser

vice.sap.com/pam. From the PAM home page, enter "Explorer XI 3.2" into

the Search field on the PAM home page.

Technical System Landscape

19

Technical System Landscape

20

Monitoring

Monitoring the Explorer servers

SAP BusinessObjects Explorer can be used with SAP Solution Manager 7.0
EhP1 to perform Root Cause Analysis with some limitations. The following
steps need to be implemented to make this possible:

• Solution Manager 7.0 EhP1 is properly installed and configured

• Wily Enterprise Manager is propertly installed and configured

Note:

For full details, please see SAP Note 1388247 - RCA: Managed System
Setup for SAP BusinessObjects Explorer.

Monitoring

Tracing and logging the Explorer servers

You can trace the operations of the SAP BusinessObjects Explorer servers
by using the SAP standard tracing protocol .trc. Tracing is appended to an
ASCII file with the .trc extension. The file name is automatically generated
at creation time. For example: InstallDir\Logging\Server

Name.polestarSearch=PolestarSearch_XXXXXXXX_XXXXXX.trc

By default, ERROR tracing is activated.

Note:

The timestamp appears in an encoded format. The log files can be viewed
in a decoded format using the SAP Log Viewer after connecting the Explorer
Server host to the central Solution Manager system.

Related Topics

• Configuring the Explorer server trace files

• Web application logging

21

Configuring the Explorer server trace files

By default, server logging within SAP BusinessObjects Explorer is activated
and is configured to only log errors. To activate other trace levels for server
logging:

1. Open the BusinessObjects Enterprise CMC, navigate to the "Servers List"

and locate the server you want to apply logging to.
Ensure that the server has been stopped.

2. Right-click the server and click Properties.

The Properties dialog appears.

3. Locate the Command Line Parameters: textbox.

4. Type the following if it does not already exist:

-loggingPath "C:/Program Files/Business Objects/Busi

•

nessObjects Enterprise 12.0/Logging/" -trace true

Note:

The loggingPath value is the location to place the output log file and
the trace value activates logging. By default, if the trace value is
false, only errors are logged.

Monitoring

5. Click Save to save your changes.

6. Start the server.

Logs and traces are applied to a log file in the following directory:

• C:\Program Files\Business Objects\BusinessObjects

Enterprise 12.0\Logging\

The name of the file is generated on creation and is based on the name of
the server and when the server was started. For example:

Server_XXXXXXXX_XXXXXX.trc

Overriding Explorer server logging methods

To override the existing logging method:

22

Monitoring

1. Create a file called polestar.log4j.properties and store it under

the following directory:

C:\Program Files\Business Objects\Polestar12.0\

2. Enter your desired Log4j logging content to the file. For example:

log4j.debug=true
log4j.rootLogger=WARN, A1

log4j.appender.A1=org.apache.log4j.ConsoleAppender
log4j.appender.A1.layout=org.apache.log4j.PatternLayout
log4j.appender.A1.layout.ConversionPattern=%-4r [%t]
%-5p %c %x - %m%n

log4j.appender.A2=org.apache.log4j.net.SocketAppender
log4j.appender.A2.remoteHost=localhost
log4j.appender.A2.port=4567
log4j.appender.A2.locationInfo=false
log4j.appender.A2.reconnectionDelay=10000

To filter, enter the following line, and edit it appropriately:

log4j.logger.package/class=level

You can log packages and classes using the following levels: INFO,
WARN, ERROR, FATAL

For further information on Log4j logging, refer to: http://log
ging.apache.org/log4j/.

3. Restart the servers.

Customized logging for the servers is applied.

Monitoring web parts

Availability monitoring of Web Parts is possible using Wily Introscope.

Note:

For details on how to set this up, see SAP Note 1388247 - RCA: Managed
System Setup for SAP BusinessObjects Explorer.

23

Tracing and logging web parts

To configure the web parts tracing and logging, you need to edit the

saplog.properties file which can be found within the WEB­INF/classes directory in the web application. By default, it will log all errors

to the console of the server.

The saplog.properties file includes an example for how to enable logging
to a file.

Note:

• Details on the format for saplog.properties are provided in the SAP

NetWeaver CE 7.1 section of the SAP Library at:

http://help.sap.com/saphelp_nwce10/helpda
ta/en/63/f79f3f12e1eb0ce10000000a114084/content.htm

• The timestamp appears in an encoded format. The log files can be viewed

in a decoded format using the SAP Log Viewer after connecting the
Explorer web parts host to the central Solution Manager system.

Monitoring

Web application logging

Note:

This example is for Apache Tomcat under Windows. For specific logging
information for other web application servers, refer to the web application
server documentation.

To activate and amend the log4j logging:

1. Open the log4j.properties file, located at:

C:\Program Files\Business
Objects\Tomcat55\webapps\polestar\WEB-INF\classes\

2. Edit the logging levels you want use (such as ERROR) for SAP

BusinessObjects Explorer within the file by following the guidelines located
at:

http://logging.apache.org/log4j/

3. Save your changes and close the file.

24

Logs and traces are applied to the following log file:

C:\Program Files\Business
Objects\Tomcat55\logs\stdout.log

Using JMX monitoring capability

You can leverage JMX to view monitoring information about your Explorer
system in a Java console, such as the console deliverd with JDK. To display
the monitoring information in a console you need to set some parameters
on each of the Explorer servers. You do this by editing the .ini file for each
server, as follows:

1. Open the ini files located in the following directory:

<installdir>\Polestar12.0\

2. Add the following parameters and values to each .ini file:

-Dcom.sun.management.jmxremote.port=10000

-Dcom.sun.management.jmxremote.authenticate=false

-Dcom.sun.management.jmxremote.ssl=false

Monitoring

Note:

If you have more than one Explorer server installed on the same host
machine, the port number for each of these servers must be different.

3. Restart the Explorer servers and then launch the Java console and

connect to the Explorer host machine.

25

Monitoring

26

System Management

Starting and stopping Explorer

The Explorer servers (Explorer Master server, Explorer Exploration server,
Explorer Indexing server, and Explorer Search server) can be started,
stopped, or restarted within the BusinessObjects Enterprise CMC.

Information:

Refer to the BusinessObjects Enterprise Administrator's Guide XI 3.1 available
at: http://help.sap.com.

To start SAP BusinessObjects Explorer:

1. Start your Web Application server.

2. Start your CMS database.

3. Start your SAP BusinessObjects Enterprise system.

If the Explorer servers are set to start up automatically, they are enabled
at startup.

System Management

4. If you need to start Explorer servers manually, log into the SAP

BusinessObjects Enterprise CMC, select the Servers option, navigate
through the categories to Explorer, and then Start or Restart enable the
appropriate Explorer servers.

The Explorer servers are listed (the servers are named "polestar").

Software Configuration

Web Application settings

Note:

In previous releases, SAP BusinessObjects Explorer was called SAP
BusinessObjects Polestar. The previous name, polestar, is used in the Web
Application settings properties file.

27

You can modify application settings via a single properties file:

default.settings.properties

The file is stored under the web application server directory, for example:

• C:\Program Files\Business

Objects\Tomcat55\webapps\polestar\WEB-INF\classes\

Table 5-1: Explorer Web Application settings

For internal use only.product.name

The default locale to

default.locale

use. For example, En­glish.

System Management

Default ValuesExampleDescriptionSetting

en

default.cms.name

show.cms.name

disable.cms.name

default.authentica

tion.method

The name and port
number of your CMS.

Determines if the value
stored in de

fault.cms.name is

displayed in the CMS
Name field of the Log

On page.

Disables the CMS
name textbox within the
Log On page. You can­not change the textbox
value.

The default log on au­thentication to use. The
value is displayed in the
Authentication list of
the Log On page.

myserv

er:6400

true

false

true

false

secEnter

prise

28

System Management

Default ValuesExampleDescriptionSetting

authentications

hide.authentica

tion.method

disable.authentica

tion.method

use.effects

request.timeout

The values that popu­late the Authentication
list.

Determines if the Au-
thentication list is dis­played in the Log On
page.

Disables the Authenti-
cation list within the
Log On page. You can­not change the value.

Determines if graphical
effects are to be used.
For example, after
clicking Log On the Log
On box has a graphical
effect applied to it.

The period of time in
seconds before Explor­er times out after an
operation, such as log­ging into the system.

sec Enter

prise,

secWindows

NT, secLDAP

true

false

true

false

true

false

30

100

help.url

tutorial.url

The root location for the
Explorer documenta­tion.

The root location for the
Explorer tutorial.

/polestar_help_

/polestar_tu

torial

29

System Management

Default ValuesExampleDescriptionSetting

disable.pass

word.encryption

opendoc.url

Note:

There are also several settings used for SAP authentication.

Related Topics

• Configuring SAP BusinessObjects Explorer for SAP authentication

Determines if password
encryption is to be
used.

The OpenDocument
URL of your Busines­sObjects Enterprise de­ployment. It is used
when a user exports In­formation Space data
to a Web Intelligence
query. Setting the value
opens the query via
OpenDocument. If you
do not set the value,
the query is not
launched.

true

false

http://serv

er:port/Open

Docu

ment/open

doc/openDocu

ment.jsp

Explorer server settings

You can configure the following settings:

• The number of Corba threads to improve server communication.

• The unit to use for validating bookmarks, possible values include: DAYS,

MINUTES, HOURS, or WEEKS.

• The period of time (based on the unit) that a bookmark is stored. For

example 365.

30

System Management

• The period of time (in milliseconds) before a session object (handled by

an underlying watchdog) is deleted.

• The delay (in milliseconds) between each update of when slave servers

inform the master server about their workload in order that the load is
balanced.

You can also configure the indexing path (in order of priority) via:

• a properties file (for all servers on a single node)

• the BusinessObjects Enterprise CMC server properties (for a single

indexing server on a single node)

Modifications you make to settings are implemented in the following order
of priority:

• configurations made via the command line for each server within the CMC

(for a single server on a single node)

• configurations made directly in a properties file (for all servers on a single

node)

• configurations made via the CMC application properties (for all nodes

within your deployment cluster)

For example, if you configure the settings via a properties file on a node, the
CCM settings are ignored for that node.

Information Space indexes path

You can specify where you want the indexes to be stored. You can either
set the indexing path via the BusinessObjects Enterprise CMC or create a
properties file and specify the index path there.

Related Topics

• Configuring the index path using the CMC

• Configuring the index path using a properties file

Configuring the index path using the CMC

To change the indexing path for a single indexing server, edit the server
properties within the CMC. The indexing path is dependent on your installation
path and is defaulted to:

• %DefaultDataDir%/Polestar/index

31

1. Logon to the CMC.

2. Navigate to the Explorer Indexing server you want to configure via

Servers.

3. Right-click the server and click Properties.

4. Within Index Files Directory:, enter your preferred path.

5. Click Save.

Note:

If you copy existing indexes to the new location, the Explorer Indexing
Server has to be stopped.

6. Restart the server.

Configuring the index path using a properties file

You can change the indexing path for all servers on a single node, by creating
or editing a properties file.

1. Create or edit a properties file named polestar.service.properties

located under:

• C:\Program Files\Business Objects\Polestar12.0\

Add this entry:

• index.path=C:/Index

System Management

2. Amend the value accordingly and save the file.

3. Restart the servers.

Note:

If you copy existing indexes, the Explorer Indexing Server has to be
stopped.

Session timeout period

The Explorer Master Server ensures that useless resources are released
efficiently. The session object is deleted when the associated peer stops
operating or when the underlying network is lost. A watchdog service
observes all network activity.

32

System Management

The watchdog.timeout parameter specifies the duration of time (in
milliseconds) a live session is considered active even if the watchdog detected
no activity.

Note:

It is necessary for the watchdog.timeout parameter value to be superior
to the timeout value set for the http session. If this is not the case, the Explorer
session can expire even though the http session is still valid.

To change the session timeout period, an administrator can either:

• Change a setting for a single node. Create or edit a properties file named

polestar.service.properties located under:

• C:\Program Files\Business Objects\Polestar12.0\

Add this entry: watchdog.timeout=30, amend the value accordingly
and restart the servers.

• Add the following to the command line to configure a single server:

-watchdog.timeout 30

For example:

-loggingPath "C:/Program Files/Business Objects/Busi
nessObjects Enterprise 12.0/Logging/" -serverkind
polestarMaster -trace true -watchdog.timeout 30

Note:

The default value of watchdog.timeout is 300 000 milliseconds (5
minutes). Altering the setting (especially if the specified value is too low) can
have an impact on stability and even delete a valid session. This value must
be smaller than the value of workload.update.delay.

Request timeout limit

Timeouts may occur while using large datasets.

Workaround:

It is necessary to change the default request.timeout setting (in seconds)
located within:

33

System Management

C:\Program Files\Business Objects\Tomcat55\we
bapps\polestar\WEB-INF\classes\default.settings.proper
ties

To do this:

1. Open for edit the default.setting.properties file.

2. Locate the request.timeout setting.

3. Change the setting accordingly.

Caution:

Defining a large value affects the waiting time for users.

DescriptionOption

Deactivate timeout limit-1

Maximum value for timeout.360

4. Save the file.

5. Restart the Explorer servers.

The timeout is changed according to the new value.

Bookmark validity

The bookmark validity period is the duration at which bookmarks of the
exploration views (or filtered versions of Information Spaces) created by end
users remain saved on the Explorer Application Server. Once this duration
expires, the bookmark can no longer be opened. There are three methods
to configure the validation duration for bookmarks. See Related Topics,
below, for details.

Note:

Administrators are advised to communicate the duration of bookmarks to
Explorer end users, so that users know how long any bookmarks they save
will remain valid.

Related Topics

• Configuring the bookmark validity period via the CMC

34

System Management

• Configuring the bookmark validity period via the server command line within

the CMC

• Configuring the bookmark validity period via a properties file

Configuring the bookmark validity period via the CMC

To change the bookmark validation period via the BusinessObjects Enterprise
CMC, amend the value within the CMC administration page. In this case,
the value is taken into account by all slave nodes.

1. Logon to the BusinessObjects Enterprise CMC.

2. Navigate to Manage > Applications.

3. Right-click Polestar and click Properties.

4. Change the Bookmark validity: values and click Save.

Configuring the bookmark validity period via the server command line within the CMC

To change the Explorer validity period for a single server, edit the server
properties within the BusinessObjects Enterprise CMC.

1. Logon to the BusinessObjects Enterprise CMC.

2. Navigate to the Explorer server you want to configure via Servers.

3. Right-click the server and click Properties.

4. Within Command Line Parameters, add the following:

-bookmark.validity.time 365 -bookmark.validity.unit
DAYS

For example:

-loggingPath "C:/Program Files/Business Objects/Busi
nessObjects Enterprise 12.0/Logging/" -serverkind
polestarIndexing -trace true -bookmark.validity.time
365 -bookmark.validity.unit DAYS

5. Click Save.

Configuring the bookmark validity period via a properties file

You can change the Explorer bookmark validity for all servers on a single
node, by creating or editing a properties files.

35

System Management

1. Create or edit a properties file named polestar.service.properties

located under:

• C:\Program Files\Business Objects\Polestar12.0\

2. Add the following entries.

bookmark.validity.time=365

bookmark.validity.unit=DAYS

3. Amend the value accordingly and save the file.

4. Restart the servers.

Increasing virtual memory on the Explorer servers

The amount of virtual memory required by the Explorer servers depends on
the size of the Information Spaces being explored and indexed across your
deployment. You can increase the amount of virtual memory available on
each server by changing the JVM heap size value as necessary:

• If a large number of end users need to explore large Information Spaces,

it is recommended you increase the JVM heap size value on your
Exploration Server(s).

• If you have a lot of users indexing, it is also recommended you increase

the JVM heap size value on your Explorer Indexing Servers.

By default, the JVM heap size value is 1 GB. In most cases, this is sufficient
for the Master server(s) and Search Server(s).

36

The JVM heap size has an influence on the following:

• Memory garbage collection

For example, having a large heap size for the Indexing Server(s) reduces
the rate of garbage collection of memory during indexing, thus improving
performance. If the heap size is small, scheduling spends more time to
free (and retrieve) memory than executing the required task. A heap size
of 1.6 GB decreases the rate of garbage collecting in most cases.

• Swapping memory to hard disk

The JVM heap size value you define should always be lower than the
amount of physical memory available on the server. Having a low amount
of physical memory and configuring large values for the heap size of each

server results in the swapping of memory to the hard disk. For example,
if there is 2 GB of RAM, it is not efficient to provide a heap size of 1024
MB for each Explorer server. SAP BusinessObjects Explorer functions
correctly but memory swapping occurs, therefore having an impact on
performance.

On 32 bit machines, JVMs cannot address more than 2GB, globally. Because
there are multiple memory pools with different sizes, the practical limit for
the heap size is approximately 1.5GB.

Note:

The memory is configured via an INI configuration file. Do not use the server
command line to configure the memory.

Configuring the JVM heap size value

Verify the memory limit you can configure for a server and the JVM. The
heap size is dependent on the hardware and software used. For example,
a Windows 32-Bit or a Windows 64-Bit operating system, the version of the
JVM and the amount of physical memory installed.

Note:

Do not use the server command line to configure the memory. Only use the
INI configuration file.

System Management

To modify the JVM heap size value:

1. Stop the Explorer server on which you want to modify the JVM heap size

value.

2. Navigate to:

C:/Program Files/Business Objects/Polestar12.0/

3. Edit the INI configuration file corresponding to the server you want to

configure.
For example, if you want to increase the memory for the Explorer

Exploration Server, edit the poleExpl.ini file.

4. Find the Xmx entry, type your desired memory size:

-Xmx1g
The value of the heap size can be changed according to your

requirements. For example, change the value from 1GB to 1600MB.

37

5. Save the file.

6. Re-start the server.

The server you have configured uses a maximum JVM memory heap size
according to the value within the command line.

Example:

You want to change the Explorer Master Server heap size to 1628MB:

1. Navigate to: C:/Program Files/Business

Objects/Polestar12.0/.

2. Edit the poleMast.ini configuration file.

3. Find the Xmx entry and edit the entry as follows:

-Xmx1628m

4. Save the file.

Configuring the number of Corba threads

System Management

38

This parameter defines the maximum number of requests that can be handled
simultaneously by a given server. Most web application servers have similar
settings where you can configure the number of corba threads you want to
make available. For example:

• on Apache Tomcat you specify a value for the maxThreads parameter

• on IBM WebSphere you specifiy a value for the thread-maximum-size

setting in the server.xml file.

By default, the number of Corba threads is set to 100 on each of the Explorer
servers (Master Server, Navigation Server, Indexing Server, Search Server).
This is suitable for a simple deployment scenario, where Apache Tomcat is
your Web Application Server and you only have one Master Server, one
Navigation Server, one Indexing Server and one Search Server deployed at
the backend. Setting 1000 threads for the Explorer backend servers when
Apache Tomcat only has 100 is of no use and could even be harmful because
it would cause many context switches and thus impact performance.

In the case of a complex deployment scenario, however, it may be necessary
to either increase this value or add more backend nodes. For example, if
your deployment includes multiple WebSphere instances behind a load

System Management

balancer, with the thread-maximum-size parameter set to its maximum value
of 1000, it would not make sense to keep the default 100 thread pool size
for the Explorer servers, because this would merely push the bottleneck to
the backend.

The absolute value depends on the expected number of concurrent sessions.
It is necessary to adjust the concurrency level consistently throughout the
entire stack in order to maximize throughput on all nodes.

Configuring the number of Corba threads using a command line in the CMC

To change the number of Corba threads for a single server, edit the server
properties within the BusinessObjects Enterprise CMC.

1. Logon to the CMC.

2. Navigate to the Explorer server you want to configure via Servers.

3. Right-click the server and click Properties.

4. Within Command Line Parameters, add the following:

-nb_threads 150

For example:

-loggingPath "C:/Program Files/Business Objects/Busi
nessObjects Enterprise 12.0/Logging/" -serverkind
polestarIndexing -trace true -nb_threads 150

5. Click Save.

Configuring the number of Corba threads via a properties file

You can change the number of Corba servers for all servers on a single
node, by creating or editing a properties files.

1. Create or edit a properties file named polestar.service.properties

located under:

• C:\Program Files\Business Objects\Polestar12.0\

2. Add this entry: nb_threads=150.

3. Amend the value accordingly and save the file.

4. Restart the servers.

39

System Management

Configuring the number of Corba threads via the CMC

To change the number of Corba threads via the CMC, amend the value within
the CMC administration page. In this case, the value is taken into account
by all slave nodes.

1. Logon to the CMC.

2. Navigate to Manage > Applications.

3. Right-click Explorer and click Properties.

4. Change the Number of threads: value and click Save.

Concurrent Excel file uploads

As an administrator of Explorer you can configure how many concurrent
upload operations of Excel files can be processed. By default the value is
30 concurrent Excel upload operations.

Configuring the number of possible concurrent Excel uploads

As an administrator of the Explorer you can configure how many concurrent
upload operations of Excel files can be processed. By default the value is
30 concurrent Excel upload operations.

1. Log into the SAP BusinessObjects Enterprise CMC.

2. Navigate to: ApplicationsExplorerPropertiesAdvanced configuration

3. Enter the following parameter and specify the value of your choice.

40

com.businessobjects.datadiscovery.max_nb_parallel_in
dexing_tasks

For example:

com.businessobjects.datadiscovery.max_nb_parallel_in
dexing_tasks=50

The parameter change is taken into account immediately.

Standardizing font usage across your deployment

In previous releases, SAP BusinessObjects Explorer was called SAP
BusinessObjects Polestar. The directories on the Explorer servers use the
previous name: polestar.

The fonts used to display character strings in Information Spaces are provided
by the font libraries on the clients and servers across your SAP
BusinessObjects Explorer deployment:

• The Exploration servers supply the fonts used to display the character

strings on charts.

• The client machines logged into SAP BusinessObjects Explorer supply

the fonts used to display the character strings in the rest of the application
GUI.

If the fonts installed on the Exploration servers do not match the fonts on the
clients, the character strings in the charts and the rest of the application GUI
display with different fonts.

System Management

Ensuring font compatibility across clients and servers

The Arial Unicode J font is matched by the Arial Unicode MS font on most
Microsoft Windows client machines. This provides a standard display for
character strings throughout the application GUI.

You can ensure font compatibility across your deployment as follows:

1. Verify that a font compatible with the Arial Unicode J font is installed on

your client machines, and if you implement a distributed deployment
architecture, on each Explorer server.

Note:

On most Microsoft Windows client machines, the Arial Unicode MS font
is compatible with Arial Unicode J.

2. On each client machine or Explorer server that does not have a compatible

font, install Arial Unicode J.

41

Note:

The Arial Unicode J font is available in the following directory of the SAP
BusinessObjects Explorer server once you have installed the application:

<BusinessObjects_Polestar_In
stallDir>/Polestar12.0/jre/lib/fonts

Installing custom fonts

On some language versions fonts may appear too large, resulting in chart
areas being hidden by axis labels or facet values being truncated, and some
language-specific special characters may be missing. These types of font
inconsistencies are more common on UNIX platforms than Windows. To
solve these issues, you can install fonts of their choice on the servers and/or
clients. Once the fonts are installed, you need to modify two files so that
these fonts are used in both the charts and the rest of the application GUI.

1. Stop the Exploration servers.

2. Install and distribute the font of your choice to the Exploration servers

and clients.

System Management

The location on the server is: <BusinessObjects_Polestar_In
stallDir>/Polestar12.0/jre/lib/fonts.

Configuring custom fonts in charts

For SAP BusinessObjects Explorer to use custom fonts in charts, the fonts
must first be installed on the servers and client machines.

1. Open the <BusinessObjects_Polestar_In

stallDir>/polestar12.0/chart-template.sample file for edit.

2. Search for the following string: [Arial Unicode J, Arial Unicode MS, Arial]

3. Replace the three font names with the names of your installed fonts, as

follows:
[FontFaceName 1;FontFaceName 2;Font FaceName 3]

Information:

The fonts are specified in order of preference. If the first font in the list is
not available, the second font is used; if the second font is not available,
the third font is used, and so on.

42

System Management

4. Optional: to specify the font size, search for the following string: [10.0];

5. Replace the "10.0" font size with the size of your choice, for example you

would specify a choice of two size 14 Japanese fonts as follows:

<GlobalValue>

<DefaultValues>

<DefaultValue type="4" value="[jiskan24.pcf.z
;k14.pcf.Z];
[14.0];[0];[0;0;0;0];[]" />

</DefaultValues>

</GlobalValue>

Note:

If a different font size is specified for a particular chart zone, such as the
legend, then the global font size is overridden in that particular chart zone.

6. Rename the file chart-template.xml and save it to <BusinessOb

jects_Polestar_InstallDir>/Polestar12.0/.

Configuring custom fonts for the interface outside of charts

For SAP BusinessObjects Explorer to use custom fonts, the fonts must first
be installed on the servers and client machines.

You can define a specific custom font or font size globally for all languages,
and also for specific languages, to override the global setting.

1. Open the <install_dir>\webapps\polestar\schema\chi

nese.css.example\ file for edit.

2. Replace the default font name and size with the font and size of your

choice:

global {
font-family: Arial Unicode J, Arial Unicode MS, Arial,

Sans-serif;
font-size: 13pt;
}

Information:

The fonts are specified in order of preference. If the first font in the list is
not available, the second font is used; if the second font is not available,
the third font is used, and so on.

43

System Management

Note:

If a different font size is specified for a particular interface label, such as
ToolTips, then the global font size is overridden in that particular type of
label.

3. Where you save the file depends on whether you want to apply these

settings globally, to all languages, or just to a specific language:

• To apply the settings to all languages, rename the file as global.css

and save it to: <install_dir>\webapps\polestar\schema\glob

al\global.css\

• to apply the settings to a specific language, rename the file as <lan

guage>.css and save it to a sub-folder named with the language

code for that language as follows: <install_dir>\we
bapps\polestar\schema\global\<language_code>\<lan
guage>.css\

For example, for Chinese, you would save the file as follows: <in
stall_dir>\webapps\polestar\schema\global\zh_CH\chi

nese.css\

Note:

As the css. files control all of the display properties, it is recommended
you only modify the values for these specified parameters.

4. Restart the Exploration servers.

Administration Tools

BI platform administrative tools

SAP BusinessObjects Enterprise includes two key administrative tools that
allow you to access a variety of server settings:

• Central Management Console (CMC)

The CMC is the web-based administration tool that allows you to view
and to modify server settings while BusinessObjects Enterprise is running.
For instance, you use the CMC to change the status of a server, change
server settings, access server metrics, or create server groups. Because

44

System Management

the CMC is a web-based interface, you can configure your
BusinessObjects Enterprise servers remotely over the Internet or through
your corporate intranet.

• Central Configuration Manager (CCM)

The CCM is a troubleshooting tool that allows you to configure and
manage the Server Intelligence Agent. The Server Intelligence Agent is
the component that allows you to manage all servers through the CMC.
You can also use the CCM to create and manage nodes in your
deployment. Note that most server management tasks are now handled
through the CMC, not in the CCM. (The CCM was the primary tool for
server management in previous versions.) After you configure and enable
nodes in the CCM, you can perform other server management tasks in
the CMC.

The CCM is now used primarily for node configuration, and for
troubleshooting when you cannot access the CMC. For example, if you
need to reconfigure the CMS and do not have access to the CMC, you
can click Manage Servers in the CCM to log in and view all servers in
your deployment.

When managing servers through the Central Configuration Manager
(CCM) in a side-by-side deployment, where two BusinessObjects
Enterprise systems work alongside one another, you must ensure that
you connect to the correct deployment so that you don't accidentally edit,
disable, or delete the servers connected to another system. It is
recommended that you follow these best practices:

• Specify the port number when connecting to the deployments.

For example, mymachine:6400 or mymachine:6403.

• Administer the BusinessObjects Enterprise deployment from the local

machine, and administer the previous version's deployment remotely,
from a different machine.

• Use different passwords for the administrator accounts for the two

deployments.

Related Topics

• Managing servers in the CMC

45

Managing servers in the CMC

The Servers management area of the CMC is your primary tool for server
management tasks. It provides a list of all of the servers in your
BusinessObjects Enterprise. For most management and configuration tasks,
you need to select a server in the list and choose a command from the
Manage or Action menu.

About the navigation tree

The navigation tree on the left side of the Servers management area provides
a number of ways to view the Servers list. Select items in the navigation tree
to change the information displayed in the Details pane.

System Management

DescriptionNavigation tree option

Servers List

Server Groups List

Server Groups

Nodes

Displays a complete list of all
servers in the deployment.

Displays a flat list of all available
server groups in the Details pane.
Select this option if you want to
configure a server group's settings
or security.

Lists the server groups and the
servers within each server group.
When you select a server group, its
servers and server groups are dis­played in the Details pane in a hier­archical view.

Displays a list of the nodes in your
deployment. Nodes are configured
in the CCM.

46

Service Categories

System Management

DescriptionNavigation tree option

Provides a list of the types of ser­vices that may be in your deploy­ment. Service categories are divided
into core BusinessObjects Enter­prise services and services associ­ated with specific Business Objects
components. Service categories in­clude:

• Core Services

• Crystal Reports

• Desktop Intelligence

• Explorer

• Performance Management

• Voyager

• Web Intelligence

Select a service category in the
navigation list to view the servers in
the category.

47

Server Status

System Management

DescriptionNavigation tree option

Displays the servers according to
their current status. This is a valu­able tool for checking to see which
of your servers are running or
stopped. If you are experiencing
slow performance on the system,
for example, you can use the Server
Status list to quickly determine if any
of your servers are in an abnormal
state. Possible server states include
the following:

• Stopped

• Starting

• Initializing

• Running

• Stopping

• Started with Errors

• Failed

• Waiting for resources

48

About the Details pane

Depending on which options you have selected in the navigation tree, the
Details pane on the right side of the Servers management area shows a list
of servers, server groups, states, categories, or nodes. The following table
describes the information listed for servers in the Details pane.

Note:

For nodes, server groups, categories, and states, the Details pane usually
shows names and descriptions.

System Management

DescriptionDetails pane column

Server Name or Name

State

Enabled

Displays the name of the server.

Displays the current status of the
server. You can sort by server state
using the Server Status list in the
navigation tree. Possible server
states include the following:

• Stopped

• Starting

• Initializing

• Running

• Stopping

• Started with Errors

• Failed

• Waiting for resources

Displays whether the server is en­abled or disabled.

Stale

Kind

If the server is marked as Stale,
then it requires a restart. For exam­ple, if you change certain server
settings in the server's Properties
dialog box, you may need to restart
the server before the changes will
take effect.

Displays the type of server.

49

System Management

DescriptionDetails pane column

Host Name

PID

Description

Date Modified

Backup and Restore

Displays the Host Name for the
server.

Displays the unique Process ID
number for the server.

Displays a description of the server.
You can change this description in
the server's Properties page.

Displays the date that the server
was last modified, or when the
server's state was changed. This
column is very useful if you want to
check the status of recently
changed servers.

Backing up your Explorer System

You can use the SAP BusinessObjects Enterprise Client Tools component
the Import Wizard to backup Explorer objects (Information Spaces and user
profiles), and then migrate those Information Spaces to a new
BusinessObjects Enterprise CMS. You need to follow these steps:

• Use the SAP BusinessObjects Enterprise Import Wizard to create a

Business Intelligence Archive file (BIAR) that contains the Explorer objects
on the CMS.

50

Note:

These objects include the user profiles and Information Spaces.

• Import the BIAR file to the new CMS.

For full details on how to use the Import Wizard, see: SAP BusinessObjects

Enterprise XI 3.1 Import Wizard Guide available at:

http://help.sap.com/businessobject/product_guides/boexir31/en/xi3­1_bip_importwiz_en.pdf.

Load Balancing

Loadbalancing

SAP BusinessObjects Explorer supports the clustering of your web application
server. Hardware or software load balancers can be used as the entry-point
for the web application servers to ensure that the processing is evenly
distributed among servers.

System Management

Information:

For information about load balancing for SAP BusinessObjects Enterprise,
refer to the SAP Product Availability Matrix (PAM) at: http://ser

vice.sap.com/pam. From the PAM home page, enter "Explorer XI 3.2" into

the Search field on the PAM home page.

Configuring the workload update setting for load balancing

The workload is balanced by ensuring that servers with the least load have
a higher job priority. Slave servers (within a cluster) ensure that the Explorer
Master Server is periodically updated with their workload costs.

The workload.update.delay parameter specifies the duration of time
(in milliseconds) between updates to the Explorer Master Server.

To change the workload update delay period, an administrator can either:

51

System Management

• Change a setting for a single node. Create or edit a properties file named

polestar.service.properties located under:

• C:\Program Files\Business Objects\Polestar12.0\

Add this entry: workload.update.delay=30, amend the value
accordingly, and restart the servers.

• Add the following to the command line to configure a single server:

-workload.update.delay 30

For example:

-loggingPath "C:/Program Files/Business Objects/Busi
nessObjects Enterprise 12.0/Logging/" -serverkind
polestarMaster -trace true -workload.update.delay 30

Note:

The default value of workload.update.delay is 15 000 milliseconds.
Altering the setting (especially if the specified value is too low) can have an
impact on network traffic and performance. The value must be significantly
smaller than the value of watchdog.timeout.

Deploying Multiple Search Servers for Improved Information Space Exploration

If the main activity of your user population is exploration, then it is
recommended you deploy SAP BusinessObjects Explorer in a cluster with
additional Explorer servers to ensure maximum performance when users
navigate Information Spaces.

52

System Management

Deploying a high-end machine to the cluster improves the performance and
lowers any server constraints.

Related Topics

• Explorer User Profiles

Deploying Multiple Index Servers for Improved Indexing

The indexing of Information Spaces is dependent on the following:

• the number of Explorer servers deployed and how they are deployed

• the hardware (CPU, memory, hard disk) used for Explorer servers

• the Java Virtual Machine heap

If your aim is to improve indexing performance, it is recommended you put
one installation of all four Explorer servers (Master, Indexing, Search, and
Exploration) on the machine where SAP BusinessObjects Enterprise is
installed, and additional Explorer Indexing Servers on separate machines,

53

System Management

ensuring they are directed to the SAP BusinessObjects Enterprise installation.
The indexing load is shared across all the indexing servers.

54

The number of servers required is dependent on the number of users
expected to use SAP BusinessObjects Explorer. For example, if you expect
a high number of users indexing the large Information Spaces at the same
time (an extreme scenario), then an additional server is required. Indexing
many Information Spaces has an impact on explorers while they are exploring.
It is recommended you schedule Information Spaces for indexing when there
is less activity, such as over night.

Note:

It is good practice to install a Explorer Search Server and a Explorer
Exploration Server on the additional machines. This allows those machines
to share the load of searching and exploration when there is no indexing in
progress.

Related Topics

• Indexing best practices

System Management

Periodic Tasks

Verifying Information Space indexes

It is recommended that administrators verify that indexes are up to date at
regular intervals. To do this:

1. Log into SAP BusinessObjects Explorer with a Space Creator or

Administrator profile.

2. Select the "Manage Spaces" tab.

3. View the lists of Information Spaces and verify that the Index icon is green

for all of the Information Spaces.

4. In the case of an "Index" icon being red, it is necessary to re-index the

Information Space. You can either click Index Now or schedule indexing
by selecting Edit next to the appropriate Information Spaces and then
defining a schedule.

User Administration and Authentication

User Management

Managing users and groups

User profiles are managed and stored in the SAP BusinessObjects Enterprise
Central Managment Server. The administration consol you use to manage
the user profiles is the Central Management Console (CMC).

For information on creating users and groups, and assigning rights see the

Setting Rights and the Managing Users and Groups chapters in the SAP
BusinessObjects Enterprise XI 3.1 Administrator's Guide available on the

SAP Help portal at http://help.sap.com.

55

Explorer User Profiles

The SAP BusinessObjects Explorer users include the following profiles:

Space Explorers

Space Explorers make up the majority of the SAP BusinessObjects Explorer
user population. They search for Information Spaces, navigate and analyze
the data within those Information Spaces, and save Information Spaces to
other file formats. These users sometimes export Information Spaces to
other applications to analyze the data further.

Space Creators

Space Creators make up a small percentage of the total SAP BusinessObjects
Explorer user population. They understand the underlying data structures in
the data providers consumed by the application and understand the business
concerns of their Space Explorer collaborators. With this knowledge, Space
Creators can build Information Spaces that contain contextually related sets
of data, and so provide Space Explorers with a complete picture for a given
business query.

System Management

56

Your system requirements and sizing parameters will depend on the
percentage of Space Explorers and Space Creators across your SAP
BusinessObjects Explorer deployment.

Administrators

Administrators are responsible for the following:

• Scheduling Information Space indexing, so that the load on the system

can be kept to a minimum during peak usage times.

• Managing SAP BusinessObjects Explorer user rights.

• Managing server settings.

More Information:

For full information on user management, access levels and authorization,
refer to the SAP BusinessObjects Explorer (blade) 2.0 Security Guide on
the SAP BusinessObjects > BI Solutions section of the SAP Help portal
at: http://help.sap.com.

Allocating rights to users and groups

Note:

It is important to ensure that end users have the appropriate rights to the
specific universes, folders, and Web Intelligence functionality they require
in order to be able to access the Information Spaces they want to explore.
For more information, see the How Information Spaces map to data providers
listed in Related Topics, below.

You configure SAP BusinessObjects Explorer user profiles within the
BusinessObjects Enterprise CMC. You need to specify the following types
of user authorization in the CMC:

• Define which Explorer features your users have access to, by granting

or denying rights to the appropriate objects

• Grant users application rights for the other SAP BusinessObjects

applications leveraged by SAP BusinessObjects Explorer

• Allocate the appropriate Access Level to users so they can perform

Explorer scheduling and export tasks as appropriate

• Verify users with a Space Creator or Administrator profile have the

appropriate access rights to any BusinessObjects universes on which
they need to build Information Spaces

• Verify users have the necessary rights to folders where Information Spaces

are stored on the BusinessObjects Enterprise CMS

System Management

Note:

If objects have object-level security applied to them (for example universe
objects within SAP BusinessObjects Designer), SAP BusinessObjects
Explorer supports this security.

Information:

For detailed information on user rights and setting those rights, refer to the
SAP BusinessObjects Enterprise Administrator's Guide for XI 3.1 available
at: http://help.sap.com.

Related Topics

• Authorization required for Information Spaces

• Explorer User Profiles

57

Explorer user rights per user profile

Note:

In previous releases, SAP BusinessObjects Explorer was called SAP
BusinessObjects Polestar. The previous name appears in the SAP
BusinessObjects Enterprise CMC.

Depending on the profiles you wish to allocate to your Explorer users, you
need to grant specific permissions.

Table 5-4: Feature usage permissions for Explorer users

PermissionsUser Profile

Explore Information Spaces

Explore Information Spaces: Export to Book­mark/Email

System Management

Space Explor­er

Explore Information Spaces: Export to CSV

Explore Information Spaces: Export to Image

Explore Information Spaces: Export to Web Intelli­gence

Log onto Polestar and view this object in the CMC

58

System Management

PermissionsUser Profile

Explore Information Spaces

Explore Information Spaces: Export to Book­mark/Email

Explore Information Spaces: Export to CSV

Explore Information Spaces: Export to Image

Explore Information Spaces: Export to Web Intelli­gence

Space Cre­ator

Manage Information Spaces

Manage Information Spaces: Create a new Space

Manage Information Spaces: Launch indexing

Manage Information Spaces: Modify a space

Manage Information Spaces: Schedule indexing

Delete objects

Edit this object

Log onto Polestar and view this object in the CMC

59

System Management

PermissionsUser Profile

Explore Information Spaces

Explore Information Spaces: Export to Book­mark/Email

Explore Information Spaces: Export to CSV

Explore Information Spaces: Export to Image

Explore Information Spaces: Export to Web Intelli­gence

Manage Information Spaces

Administrator

Manage Information Spaces: Create a new Space

Manage Information Spaces: Launch indexing

Manage Information Spaces: Modify a space

Manage Information Spaces: Schedule indexing

Delete objects

Edit this object

Log onto Polestar and view this object in the CMC

Modify the rights users have to this object

Securely modify rights users have to objects

Because SAP BusinessObjects Explorer is an add-on to SAP
BusinessObjects Enterprise and leverages the SAP BusinessObjects Web
Intelligence and SAP BusinessObjects InfoView applications, some additional
Application Rights are also required for each Explorer user profile

60

Table 5-5: Application Rights for Explorer users

BusinessObjects Enterprise Application RightsUser Profile

System Management

Space Ex­plorer

Application Right - InfoView: Log on to InfoView and
view this object in the CMC

Application Right - InfoView: Log on to InfoView and
view this object in the CMC

Space
Creator

Application Right - CMC: Log on to the CMC and view
this object in the CMC

Application Right - Web Intelligence: Create document

Application Right - InfoView: Log on to InfoView and
view this object in the CMC

Adminis
trator

Application Right - CMC: Log on to the CMC and view
this object in the CMC

Application Right - Web Intelligence: Create document

SAP BusinessObjects Enterprise comes with predefined Access Levels. You
need to allocate the appropriate Access Levels to your Explorer users so
they can perform the scheduling and export tasks that match the needs of
their user profile.

Table 5-6: Access Levels for Explorer users

User Pro­file

Space
Explorer

BusinessObjects Enter­prise Access Level(s)

View On Demand

The user can explore Information
Spaces and can export to Web
Intelligence, CSV, or to an image.

61

System Management

User Pro­file

BusinessObjects Enter­prise Access Level(s)

Schedule

The user can manage Information
Spaces and schedule.

Space
Creator

View On Demand

The user can explore Information
Spaces and can export to Web
Intelligence, CSV, or to an image.

Adminis
trator

Note:

When configuring authorizations for Space Creators and Administrators,
ensure that they have the correct access levels to Universes and Universe
Connections. The access levels state the rights they have for Universes and
Universe Connections. Having the right of Data Access for a Universe
Connection allows the user to access the Universe for Information Space
creation.

For full information on the user rights and security levels available at the SAP
BusinessObjects Enterprise level, refer to the SAP BusinessObjects
Enterprise Administrator's Guide for XI 3.1 available at: http://help.sap.com.

Related Topics

• Explorer User Profiles

Full Control

The user has full access and
control to SAP BusinessObjects
Explorer.

Authentication methods

SAP BusinessObjects Explorer supports the authentication methods
supported by SAP BusinessObjects Enterprise:

• Enterprise

• Windows AD

• LDAP

• SAP R/3

62

System Management

To enable SAP R/3 authentication on your SAP BusinessObjects Explorer
deployment, you need to perform some manual configuration procedures on
the Explorer server.

Configuring SAP BusinessObjects Explorer for SAP authentication

This table provides the settings you need to configure in order to make SAP
authentication available to SAP BusinessObjects Explorer users.

Note:

Before configuring SAP BusinessObjects Explorer for SAP authentication,
verify that SAP authentication is already configured for the BusinessObjects
Enterprise CMS. For information on how to do this, refer to the SAP
BusinessObjects Explorer (blade) 2.0 Installation Guide available on the
"SAP BusinessObjects" tab at. http://service.sap.com.

The SAP authentication settings are stored within the Explorer settings
properties file (default.settings.properties) in: <INSTALLDIR>/bob
je/enterprise120/java/applications.

Table 5-7: SAP authentication web application settings

DescriptionSetting

default.sapsys

tem.name

SAP system.

show.sapsys

tem.name

SAP system name
is shown within the
Log On page.

Example Configu­ration (without
SAP Authentica­tion)

Example Configu­ration (for SAP
Authentication)

SAP_IDThe name of the

truefalseDetermines if the

63

System Management

disable.sapsys

tem.name

client.name

show.sap

client.name

disable.sap

client.name

DescriptionSetting

system name text
box within the Log
On page. You can­not change the
textbox value.

SAP client name is
shown within the
Log On page.

client name textbox
within the Log On
page. You cannot
change the textbox
value.

Example Configu­ration (without
SAP Authentica­tion)

Example Configu­ration (for SAP
Authentication)

falsetrueDisables the SAP

100The SAP client ID.default.sap

truefalseDetermines if the

falsetrueDisables the SAP

default.authentica

tion.method

authentications

64

The default log on
authentication to
use. The value is
selected in the Au-
thentication list of
the Log On page.

The values that
populate the Au-
thentication list.

prise

secEnter

prise,secWinAD,se

cLDAP

secSAPR3secEnter

secEnterprise

secWinAD, se

cLDAP,sec

SAPR3

Example: Properties file configured for SAP authentication

default.sapsystem.name=SAP_ID
show.sapsystem.name=true
disable.sapsystem.name=false
default.sapclient.name=100
show.sapclient.name=true
disable.sapclient.name=false
default.authentication.method=secSAPR3
authentications=secEnterprise,secWinAD,secLDAP,secSAPR3

Single Sign On

Note:

In previous releases, SAP BusinessObjects Explorer was called SAP
BusinessObjects Polestar. The directories on the Explorer servers use the
previous name: polestar.

You can configure SAP BusinessObjects Explorer for Single Sign On (SSO)
for the following authentication methods:

• Enterprise

• Windows AD

• LDAP

System Management

The following files are used to configure SSO:

• $<PolestarWebappRoot>/WEB-INF/classes/sso.properties

contains all of the SSO options

• $<PolestarWebappRoot>/WEB-INF/web.xml contains a servlet filter

that needs to be activated for Vintela authentication (for Windows AD)

• $<PolestarWebappRoot>/WEB-INF/default.settings.proper

ties contains Explorer startup options that can be overridden by the
SSO in the sso.properties file

Related Topics

• Activating Single Sign On

• SSO for WinAD authentication using Vintela

• SSO for LDAP authentication using SiteMinder

65

• Enabling Trusted Authentication

Activating Single Sign On

SSO must already be configured on BusinessObjects Enterprise before you
configure SSO on SAP BusinessObjects Explorer.

Information:

See the SAP BusinessObjects Enterprise Administrator's Guide for XI 3.1
at: http://help.sap.com.

To activate SSO:

1. Stop the Explorer Web Application Server.

2. Open the following file for edit:

$<PolestarWebappRoot>/WEB-INF/classes/sso.properties

3. Set the following parameters to the values specified:

System Management

ValuesSetting

66

truesso.global.enabled

<provider_name>sso.global.providers

Note:

By default, the sso.properties file contains a set of ready-to-use
values for the sso.global.providers file. The property must only be
set once in the entire file. However, you can specify multiple providers
using a comma-separated list of providers.

4. Optional: three additional parameters can be set:

System Management

ValuesDescriptionSetting

sso.glob­al.cms

sso.glob­al.au­thentica­tion

sso.glob­al.erro­rOnFail­ure

the authentication. If no value
is specified, the de
fault.cms.name value set
in the default.set
tings.properties is used.

Controls the authentication
method used.

Controls how the SSO system
behaves if no credential has
been found.

trueControls the CMS used during

Possible values are:

• secEnterprise

• secLDAP

• secWinAD

Two possible values:

• false - the logon work-

flow continues normally as
it would if SSO was not
enabled

• true - the logon dialog is

not displayed

Example:

sso.global.enabled=true
sso.global.authentication=
sso.global.cms=hostname:port
sso.global.providers=sso.vintela

67

SSO for WinAD authentication using Vintela

The Vintela Authentication Services provider uses the credentials
automatically passed from the browser to the web server to authenticate the
user against an Active Directory server.

Note:

the authentication cannot be overriden and is implicitely set to secWinAD.

It works as follows:

• Retrieves the Windows credential from the current execution context

using Vintela

• Logs on to the server with authentication using these credentials

To enable Vintela Authentication Services for SSO on WinAD, you need to
make two additional modifications to $<PolestarWebappRoot>/WEB-
INF/web.xml.

• uncomment the definition of the authFilter

• uncomment the mapping of the authFilter

System Management

68

You also need to set the following parameters:

System Management

ValuesDescriptionSetting

class­Name

cms

tion. It can be used to override the de­fault CMS.

Example:

#
# Vintela parameters (sso.vintela provider)
#
sso.vintela.className=com.businessobjects.datadiscov
ery.sso.vintela.VintelaSSOProvider
sso.vintela.cms=

SSO for WinAD using Kerberos

com.businessob­jects.datadiscov­ery.sso.vintela.VintelaS­SOProvider

<cms_name>controls the CMS used for authentica-

SAP BusinessObjects Explorer supports WinAD using Kerberos. You need
to set up WinAD authentication with Kerberos on your BusinessObjectst
Enterprise system. No configuration is necessary on the Explorer servers.

Information:

See the SAP BusinessObjects Enterprise Administrator's Guide for XI 3.1
at: http://help.sap.com.

69

SSO for LDAP authentication using SiteMinder

The SiteMinder provider uses a cookie SMSESSION containing a unique
session ID to be used as a user name to perform an authentication using
secLDAP or secWinAD.

Note:

this provider is based on a generic provider with predefined values, as
specified below.

It works as follows:

• Retrieves the SiteMinder session cookie from the current execution context

• Logs on to the server with authentication using this cookie value

You need to set the following parameters:

System Management

70

System Management

Set­ting

class­Name

cms

authen­tication

user.re­trieval

thentication. It can be used to
override the default CMS

the method to be used to retrieve
the user name

ValuesDescription

com.businessobjects.datadiscov­ery.sso.generic.GenericSSO­Provider

<cms_name>controls the CMS used for au-

By default, this is set to: se­cLDAP. It can be changed to
secWinAD

The value is set to COOKIE by
default.

Note:

The default value should not be
changed.

us­er.param

specifies the parameter used by
the user.retrieval method to re­trieve the user name

The value is set to SMSESSION
by default.

Note:

The default value should not be
changed.

Example:

#
# SiteMinder parameters (sso.siteminder)
#

71

sso.siteminder.className=com.businessobjects.datadiscov
ery.sso.generic.GenericSSOProvider
sso.siteminder.cms=
sso.siteminder.authentication=secLDAP
sso.siteminder.user.retrieval=COOKIE
sso.siteminder.user.param=SMSESSION

Enabling Trusted Authentication

You need to configure the Business Objects Enterprise CMC for trusted
authentication before you can enable trusted authentication on SAP
BusinessObjects Explorer.

Information:

See the SAP BusinessObjects Enterprise Administrator's Guide for XI 3.1
at: http://help.sap.com.

To enable trusted authentication on SAP BusinessObjects Explorer:

1. Stop the Explorer Web Application Server.

2. Open the following file for edit:

$<PolestarWebappRoot>/WEB-INF/classes/sso.properties

System Management

72

3. Set the following parameters:

ValuesSetting

cms.default

abled

4. Find the following string:

Enter the CMS name and port number as follows:

<servername.portnumber >

truesso.enabled

falsesiteminder.en-

System Management

trusted.auth.user.retrieval

5. Enter the parameter value that corresponds to the user retrieval method

you want to implement:

73

System Management

ValueUser Retrieval Method

Retrieve the user name from a call to getRemoteUser (
) on the HttpServletRequest object for the current request
in a servlet or JSP.

Note:

For .NET the following properties need to be set on your
InfoViewApp directory, using IIS Manager:

• disable Anonymous access checkbox

• enable the Windows Integrated Authentication

checkbox

Retrieve the user name from the contents of a specified
parameter in the request URL.

Note:

You define the query string parameter in the trust­ed.auth.user.param parameter in the web.xml file for
SAP BusinessObjects InfoView.

cookie.

RE­MOTE_US­ER

HTTP_HEAD­ER

COOKIERetrieve the user name from the contents of a specified

74

Note:

You define the cookie in the trusted.auth.user.param
parameter in the web.xml file for SAP BusinessObjects
InfoView.

WEB_SES­SION

Retrieve the user name from the contents of a specified
session variable.

Note:

You define the web session variable in the trusted.auth.us­er.param parameter in the web.xml file for SAP Busines­sObjects InfoView.

System Management

ValueUser Retrieval Method

Retrieve the user name from a call to getUserPrincipal (
) .getName ( ) on the HttpServletRequest object for the

USER_PRIN­CIPAL

current request in a servlet or JSP.

For more information about the possible parameter values, see the SAP

BusinessObjects Enterprise Administrator's Guide for XI 3.1 at:

http://help.sap.com.

6. Verify you have specified how to retrieve the shared secret for

BusinessObjects Enterprise.
To retrieve the shared secret from a session variable, you need to

configure the $<PolestarWebappRoot>/WEB-INF/class
es/sso.properties file on SAP BusinessObjects Explorer.

7. Set the following parameter value in the $<PolestarWebapp

Root>/WEB-INF/classes/sso.properties file:

ValueParameter

trust­ed.auth.shared.se-

Enter the session variable name from which to retrieve
the shared secret.

cret

8. Save and close the file.

Re-start the Explorer Web Application Server.

75

System Management

Managing Information Spaces

Authorization required for Information Spaces

The supported data providers for SAP BusinessObjects Explorer XI 3.2 are:

• BusinessObjects universes (.unv files) created using the SAP

BusinessObjects universe designer tool. The universes can be based on
RDBMS or OLAP data sources.

• Excel spreadsheets (.xls, .xlsx files) created using Microsoft Excel

Building on BusinessObjects universes

To create an Information Space on a universe you need to have the following
rights enabled for your in the SAP BusinessObjects Enterprse CMC:

• access rights to the universe

• access rights to the folder in which the universe is stored on the CMS

• the ability to create and edit Web Intelligence queries

This is necessary because Explorer uses the SAP BusinessObjects Web
Intelligence query engine behind the scenes to retrieve the data to the
Information Space.

• rights to refresh Web Intelligence queries

This is necessary so that the Information Space values can be refreshed
by the latest values on the underlying data source whenever the
Information Space is scheduled.

Uploading Excel spreadsheets as data provider

The Excel files used by Explorer need to be flat files, that is simple data files
with one record per row without structuring such as multiple tables, or
crosstabs or charts.

1. How you select the Excel spreadsheet depends on where the file is stored:

• If the file is stored on the CMS, click the Manage Spaces tab and then

select the file from within the "Excel spreadsheets" folder.

76

System Management

• If the file is on your local machine, navigate to the" Upload a

spreadsheet to explore" section on the Home tab, click Browse and
then select the file from your local directory.

2. Optional: If the file is on your local machine, you can opt to explore it

immediately in Explorer.
If you want to specify how each type of data should be translated when

viewed as objects within Explorer, then you need to configure the new
Information Space before you explore it. For example, if the Excel file
contains more than one sheet, you can specify which sheet you want
Explorer to use. You can also specify for each column whether the values
are labels (that is, non-numerical characters) or if the values are measures.
In the case of values being measures, you can select whether the measure
is a SUM, MIN or MAX value.

Note:

By default, Explorer interprets all numerical values as SUM, except for
dates.

3. How you specify properties for the Information Space depends on where

the Excel file is stored:

• click Preview and Configure.

• click Configure.

4. If the file contains multiple sheets, select which sheet you want to make

explorable and then click the drop-down box above each column to specify
whether Explorer should interpret the column values as a measure or
label.

5. To verify that the Information Space contains no errors, click

Validate.

If the Excel file is stored on the CMS, the Information Space remains available
from within Explorer. If the Excel file is stored on your local machine, the
Information Space is automatically deleted when you log out of Explorer.
However, you can save the Information Space as a bookmark and so re-visit
it.

Related Topics

• Configuring the number of possible concurrent Excel uploads

77

System Management

Controlling access rights to the Information Space folders

After creating and testing an Information Space, set security rights to the
folder where the Information Space is located within the SAP BusinessObjects
Enterprise CMC. Security rights can prevent any unauthorized personnel
accessing, viewing, or performing operations on the Information Space.

Alternatively, move the Information Space to a secure folder.

Indexing best practices

Performance during indexing is dependent upon the hardware (hard drive,
memory and JVM heap size) number of concurrent users, number of
Information Spaces being indexed concurrently, and the size of those
Information Spaces.

If users only access SAP BusinessObjects Explorer during working hours,
schedule the indexing over night, users are not impacted by indexing. If you
have medium sized Information Spaces and concurrent user access is not
expected, then a single high-end machine is considered to be efficient.

78

However if you have many users indexing and exploring large Information
Spaces constantly, ensure the following:

• SAP BusinessObjects Explorer is deployed in a cluster with additional

machines each having extra servers

The number of machines deployed is dependent on the number of
expected concurrent users and the size of the Information Spaces.

• fast hard disk drives are installed on each machine

• there is a large amount of memory on each machine (especially on the

host machine with the Master Server)

• the JVM heap size for each server on each machine is configured correctly

according to available memory

Scheduling Information Spaces for indexing does not impact performance if
you have deployed, installed, and configured everything correctly.

Note:

If BWA indexes consumed by Explorer are re-indexed using the BWA Index
Maintenance Wizard for SAP BusinessObjects Explorer, then it is necessary
to re-index the Information Spaces built on those indexes, using Explorer.

Testing your Information Space

After indexing your Information Space, perform a test to ensure it has been
indexed correctly and it is what you expect:

• Ensure that the Information Space appears within the "Home" tab.

• Click the Information Space to launch it.

• Check the facets to see if they represent the objects you selected during

creation.

• Navigate through the data to ensure that the Information Space matches

the original business needs and user requirements.

Information Space design best practices

System Management

Before creating Information Spaces, gather the information requirements of
your end users by asking the following questions:

• What exactly is the business need of the Information Space?

If you know what the Information Space is going to be used for, then you
can simply identify the related data source objects. For example, the
business need is for knowing the sales revenue last year for all of your
European stores. You could select the Sales Revenue measure, the
Country, City, and Store dimensions, and finally, the Last Year filter.

• How many users are expected to access and explore the Information

Space?

If you know that the Information Space is for several users, select only
necessary objects. If you select too many objects that can have little use
for the user, exploration and indexing can be impacted. It can also cause
confusion to users.

• What are the sizing limits?

79

System Management

Be aware of the sizing limits of your installation. Ask your administrator
for further information.

• What are the security expectations?

Ensure that you select objects that are only meant to be in the Information
Space.

• Is a single Information Space the best option?

Several small Information Spaces can often be better than a single
Information Space.

• What is the best data provider to use?

Depending on the business need and user demand, choose a source
data system and data provider that is the most efficient and most accurate.

• What is the context of the Information Space?

While choosing your data source objects, ensure that you know if any
contexts are required. A context makes certain that the Information Space
represents the desired perspective. For example: Sales or Reservations.

• If my Information Space is created on a BusinessObjects universe, what

filters can be applied so that only data of interest is retrieved?

80

By using filters, only the data necessary for a specific informaton need is
included into the Information Space. For example, by including a filter
called "Last Year,", only data from the previous year is retrieved into the
Information Space when users explore it.

Note:

Filters are created at the data provider level when the BusinessObjects
universe or BWA index is designed.

• Is the definition you want valid?

Validate the definition of your Information Space before indexing, by
clicking the Validate button when you have selected the objects and filters
you want to include.

Network and Communication Security

Network and Communication Security

Network security

You can deploy SAP BusinessObjects Explorer in a distributed scenario over
multiple nodes, using firewalls and reverse proxies for your security to set
up a complex environment that ensures security and failover.

81

Network and Communication Security

Firewall port usage for SAP BusinessObjects

82

Explorer

Network and Communication Security

When you deploy SAP BusinessObjects Explorer, you can protect your
network with a firewall, however the firewall can block network communication
between your deployment nodes. For example, if you have deployed the
Explorer Web Application on one node, deployed the Explorer servers on
another node and various BusinessObjects Enterprise servers are already
deployed on a third node, you may have to open ports to allow the nodes to
communicate.

Each server can be configured so that they use a specific port. The firewall
can then be configured so that the specific ports are open.

It is necessary to choose a set of port numbers which do not interfere with
other network services and it is necessary to ensure that the correct servers
are configured. For example, the following servers are required to have their
ports configured on a simple Explorer deployment:

• Central Management Server

• Explorer Master Server

• Explorer Indexing Server

• Explorer Search Server

• Explorer Exploration Server

• Web Intelligence Processing Server

Note:

If you allow access to the CMS, other services can connect and exchange
information.

Example: Port configuration

This example demonstrates how you could configure servers on a simple
deployment:

83

Reverse proxies

SAP BusinessObjects Explorer supports the same reverse proxy configuration
as SAP BusinessObjects Enterprise. No specific reverse proxy configuration
for SAP BusinessObjects Explorer is required.

Network and Communication Security

PortServer

64002Central Management Server

64023Explorer Master Server

64022Explorer Indexing Server

64024Explorer Search Server

64021Explorer Exploration Server

64032Web Intelligence Processing Server

Information:

For information about reverse proxy configuration for SAP BusinessObjects
Enterprise, refer to the BusinessObjects Enterprise Administrator's Guide XI

3.1 available on the "SAP BusinessObjects" tab at: http://help.sap.com.

Configuring servers for SSL

You can use the Secure Sockets Layer (SSL) protocol for all network
communication between clients and servers in your BusinessObjects
Enterprise deployment.

To set up SSL for all server communication you need to perform the following
steps:

• Deploy BusinessObjects Enterprise with SSL enabled.

• Create key and certificate files for each machine in your deployment.

84

• Configure the location of these files in the Central Configuration Manager

(CCM) and your web application server.

Note:

If you are using thick clients, such as Crystal Reports or Designer you will
also need to configure these for SSL if you will be connecting to the CMS
from these thick client. Otherwise, you will get errors when you attempt to
connect to a CMS that has been configured for SSL from a thick client that
has not been configured the same way.

Creating key and certificate files

To set up SSL protocol for your server communication, use the SSLC
command line tool to create a key file and a certificate file for each machine
in your deployment.

Note:

• You need to create certificates and keys for all machines in the

deployment, including machines running thick client components such
as Crystal Reports. For these client machines, use the sslconfig
command line tool to do the configuration.

• For maximum security, all private keys should be protected and should

not be transferred through unsecured communication channels.

Network and Communication Security

To create key and certificate files for a machine

1. Run the SSLC.exe command line tool.

The SSLC tool is installed with your BusinessObjects Enterprise software.
(On Windows, for example, it is installed by default in C:\Program
Files\Business Objects\BusinessObjects Enterprise 12.0\win32_x86.)

2. Type the following command:

sslc req -config sslc.cnf -new -out cacert.req

This command creates two files, a Certificate Authority (CA) certificate
request (cacert.req) and a private key (privkey.pem).

3. To decrypt the private key, type the following command:

85

Network and Communication Security

sslc rsa -in privkey.pem -out cakey.pem

This command creates the decrypted key, cakey.pem.

4. To sign the CA certificate, type the following command:

sslc x509 -in cacert.req -out cacert.pem -req -signkey cakey.pem -days
365

This command creates a self-signed certificate, cacert.pem, that expires
after 365 days. Choose the number of days that suits your security needs.

5. Using a text editor, open the sslc.cnf file, which is stored in the same

folder as the SSLC command line tool.

Note:

Using a text editor is highly recommended for Windows because Windows
Explorer may not properly recognize and display files with the .cnf
extension.

6. Perform the following steps based on settings in the sslc.cnf file.

• Place the cakey.pem and cacert.pem files in the directories

specified by sslc.cnf file's certificate and private_key
options.

86

By default, the settings in the sslc.cnf file are:

certificate = $dir/cacert.pem

private_key = $dir/private/cakey.pem

• Create a file with the name specified by the sslc.cnf file's database

setting.

Note:

By default, this file is $dir/index.txt. The file can be empty.

• Create a file with the name specified by the sslc.cnf file's serial

setting.

Ensure that this file provides an octet-string serial number (in
hexadecimal format).

Network and Communication Security

Note:

To ensure that you can create and sign more certificates, choose a
large hexadecimal number with an even number of digits, such as

11111111111111111111111111111111.)'

• Create the directory specified by the sslc.cnf file's new_certs_dir

setting.

7. To create a certificate request and a private key, type the following

command:

sslc req -config sslc.cnf -new -out servercert.req

The certificate and key files generated are placed under the current
working folder.

8. Make a copy of the private key.

copy privkey.pem server.key

9. To sign the certificate with the CA certificate, type the following command:

sslc ca -config sslc.cnf -days 365 -out servercert.pem -in servercert.req

This command creates the servercert.pem file, which contains the signed
certificate.

10. Use the following commands to convert the certificates to DER encoded

certificates:

sslc x509 -in cacert.pem -out cacert.der -outform DER

sslc x509 -in servercert.pem -out servercert.der -outform DER

Note:

The CA certificate (cacert.der) and its corresponding private key
(cakey.pem) need to be generated only once per deployment. All machines
in the same deployment must share the same CA certificates. All other
certificates need to be signed by the private key of any of the CA
certificates.

11. Create a text file for storing the plain text passphrase used for decrypting

the generated private key.

12. Store the following key and certificate files in a secure location (under the

same directory) that can be accessed by the machines in your
BusinessObjects Enterprise deployment:

87

Network and Communication Security

• the trusted certificate file (cacert.der)

• the generated server certificate file (servercert.der)

• the server key file (server.key)

• the passphrase file

This location will be used to configure SSL for the CCM and your web
application server.

Configuring the SSL protocol

After you create keys and certificates for each machine in your deployment,
and store them in a secure location, you need to provide the Central
Configuration Manager (CCM) and your web application server with the
secure location.

To configure the SSL protocol in the CCM

1. In the CCM, right-click the Server Intelligence Agent and choose

Properties.

2. In the Properties dialog box, click the Protocol tab.

3. Make sure Enable SSL is selected, and provide the file path for the

directory where you stored the key and certificate files.

Note:

Make sure you provide the directory for the machine that the server is
running on.

To configure the SSL protocol for the web application server

1. If you have a J2EE web application server, run the Java SDK with the

following system properties set. For example:

88

Network and Communication Security

-Dbusinessobjects.orb.oci.protocol=ssl -DcertDir=d:\ssl

-DtrustedCert=cacert.der -DsslCert=clientcert.der -DsslKey=client.key

-Dpassphrase=passphrase.txt

The following table shows the descriptions that correspond to these
examples:

DescriptionExample

DcertDir=d:\ssl

The directory to store all the certifi­cates and keys.

Trusted certificate file. If specifying

DtrustedCert=cacert.der

more than one, separate with
semicolons.

DsslCert=clientcert.der

DsslKey=client.key

Dpassphrase=passphrase.txt

Certificate used by the SDK.

Private key of the SDK certificate.

The file that stores the passphrase
for the private key.

2. If you have an IIS web application server, run the sslconfig tool from

the command line and follow the configuration steps.

89

Network and Communication Security

90

Data storage security

Data and metadata storage locations

Data is stored in binary format in indexes. Where the data is stored depends
on the data provider:

• If the data provider is a BusinessObjects universe or an Excel

spreadsheet, the data is stored on the BusinessObjects Enterprise Central
Management Server (CMS) file system.

• If the data provider is SAP NetWeaver BW Accelerator, providing data to

Explorer either from SAP NetWeaver BW or from non-DAP data sources
(via SAP BusinessObjects Data Services), the data is stored on the BW
Accelerator.

Metadata is stored in the BusinessObjects Enterprise CMS. When indexing,
multiple files called “indexes” are created. There are exploration indexes and
global search indexes (leveraged by the Search on the Home tab of Explorer).
By default, indexes are located under InstallDir\BusinessObjects
Enterprise 12.0\Data\Polestar on each node except the Explorer
Master servers. As an administrator, you can change the storage location
per server. You do this from within the SAP BusinessObjects Enterprise
CMC, for each of the servers.

Data storage security

Note:

When users export their exploration views of Information Spaces to CSV or
Excel files, temporary data is stored on the SAP BusinessObjects Enterprise
File Repository Service (FRS). This data is not human readable.

Data protection

SAP BusinessObjects Explorer relies on database, SAP BusinessObjects
Enterprise platform and SAP NetWeaver BW and BW Accelerator security.
Explorer itself does not store data except in the indexes leveraged by Explorer
Information Spaces. These indexes are stored in a binary format that is not

91

Cookies

Data storage security

human readable. Nevertheless, indexes may contain sensitive data. To
ensure that the data is secured, the BusinessObjects Enterprise CMS file
system folders, which host the indexes based on BusinessObjects universes
and Excel spreadsheets, need to be set to restricted access. BW Accelerator
indexes need to be secured using SAP NetWeaver BW security.

The client-side cookies used by Explorer do not store business data; the
only information maintained by the browser (using cookies) is the session
token. Explorer cookies are not persistent. Users of shared computers simply
need to make sure they close the browser before leaving the workstation.

92

High Availability

Ensuring system availability

If you have a large or mission-critical implementation of SAP BusinessObjects
Explorer, you will want to ensure high availability for the following services:

• SAP BusinessObjects Enterprise CMS - deploy more than one

BusinessObjects CMS to manage your BusinessObjects Enterprise
services. The two CMS servers work together to maintain consistency of
critical data.

• SAP BusinessObjects Explorer Master server - deploy more than one

Explorer Master Server to manage the other Explorer servers. The Master
Servers work together to maintain the consistency of critical data.

To do this, you need to install two SAP BusinessObjects Enterprise CMS
servers and two SAP BusinessObjects Explorer Master servers, and cluster
those servers so that the two CMS servers run together and the two Master
servers run together. This "high availability" support helps to ensure that
users can still access information when there is an equipment failure.

Related Topics

• Configuring failover between CMS servers

• Configuring failover between Explorer Master servers

High Availability

Configuring failover between CMS servers

To run several SAP BusinessObjects Enterprise CMS machines together,
you need to create a cluster. A cluster consists of two or more CMS servers
working together against a common CMS system database. If a machine
that is running one CMS fails, a machine with another CMS will continue to
service SAP BusinessObjects Enterprise requests.

93

Note:

For full details on how to cluster a CMS with an existing CMS, refer to the

Clustering Central Management Servers chapter in the SAP BusinessObjects
Enterprise XI 3.1 Administrator's Guide available on the SAP Help portal at

http://help.sap.com.

Configuring failover between Explorer Master servers

You need to have two Explorer Master servers, each deployed on a separate
host.

To set up failover between two Explorer Master servers:

1. Log into the SAP BusinessObjects Enterprise Central Management

Console (CMC).

2. Go to "Applications".

3. Click "Explorer", and add the following lines into the "Advanced

configuration" field:

High Availability

94

masters.multicast.group=230.0.0.1
masters.multicast.port=9876

Note:

Multicast needs to be activated on each blade that has an Explorer Master
server.

Troubleshooting

Understanding error messages

Information about each error message generated by an Explorer service or
component is provided in the SAP BusinessObjects Explorer Error Message
Guide available at: http://help.sap.com.

Troubleshooting

95

Troubleshooting

96

More Information

LocationInformation Resource

More Information

SAP BusinessObjects
product information

SAP Help Portal

http://www.sap.com

Select http://help.sap.com > SAP BusinessObjects.

You can access the most up-to-date documentation cov­ering all SAP BusinessObjects products and their deploy­ment at the SAP Help Portal. You can download PDF
versions or installable HTML libraries.

Certain guides are stored on the SAP Service Marketplace
and are not available from the SAP Help Portal. These
guides are listed on the Help Portal accompanied by a
link to the SAP Service Marketplace. Customers with a
maintenance agreement have an authorized user ID to
access this site. To obtain an ID, contact your customer
support representative.

97

SAP Service Marketplace

More Information

LocationInformation Resource

http://service.sap.com/bosap-support > Documentation

•

Installation guides: https://service.sap.com/bosap-

instguides

•

Release notes: http://service.sap.com/re

leasenotes

The SAP Service Marketplace stores certain installation
guides, upgrade and migration guides, deployment guides,
release notes and Supported Platforms documents. Cus­tomers with a maintenance agreement have an authorized
user ID to access this site. Contact your customer support
representative to obtain an ID. If you are redirected to the
SAP Service Marketplace from the SAP Help Portal, use
the menu in the navigation pane on the left to locate the
category containing the documentation you want to ac­cess.

Developer resources

SAP BusinessObjects ar­ticles on the SAP Commu­nity Network

Notes

Forums on the SAP
Community Network

98

https://boc.sdn.sap.com/

https://www.sdn.sap.com/irj/sdn/businessobjects-sdklibrary

https://www.sdn.sap.com/irj/boc/businessobjects-articles

These articles were formerly known as technical papers.

https://service.sap.com/notes

These notes were formerly known as Knowledge Base
articles.

https://www.sdn.sap.com/irj/scn/forums

LocationInformation Resource

http://www.sap.com/services/education

More Information

Training

Online customer support

Consulting

From traditional classroom learning to targeted e-learning
seminars, we can offer a training package to suit your
learning needs and preferred learning style.

http://service.sap.com/bosap-support

The SAP Support Portal contains information about Cus­tomer Support programs and services. It also has links to
a wide range of technical information and downloads.
Customers with a maintenance agreement have an autho­rized user ID to access this site. To obtain an ID, contact
your customer support representative.

http://www.sap.com/services/bysubject/businessobjectscon
sulting

Consultants can accompany you from the initial analysis
stage to the delivery of your deployment project. Expertise
is available in topics such as relational and multidimension
al databases, connectivity, database design tools, and
customized embedding technology.

99

More Information

100