how to check log backup in sap hana

Step 1:    Login to Database host as sidadm
     
Step 2:   Check if BKPMON key is working fine

hdbsql -jU bkpmon
Welcome to the SAP HANA Database interactive terminal.

Type:  \h for help with commands
       \q to quit

hdbsql=>
hdbsql SID=>

    •If not check user privileges and grant missing role

Step 3:    Check what is log mode:

  SELECT DISTINCT log_mode FROM SYS.M_LOG_BUFFER

Step 4:    Check if log backups are running fine:

 select * from "SYS"."M_BACKUP_CATALOG" order by SYS_START_TIME desc

Checking Bkpmon User Status: 

Run the below command from OS :

> hdbuserstore list

DATA FILE       : xyz/usr/sap/SID/home/.hdb/vsa01/XSFS_HDB.DAT
KEY FILE        : xyz/usr/sap/SID/home/.hdb/vsa01/XSFS_HDB.KEY

KEY BKPKEY
  ENV : vadbabc:3001355
  USER: bkpkey
KEY WW
  ENV : vadbabc:3001355
  USER: system

How to Reset System User Password in SAP Hana

If the SYSTEM user’s password is lost, you can reset it as the operating system administrator by starting the index server in emergency mode.

Step 1. Login to SAP HANA Server

Log on to the server on which the of the master index server is running

Step 2.Switch to SAP HANA Admin user

Now we need to switch to SAP HANA admin user using following command
su – sidadm

Step 3.Stop the Database

Shut down the instance by executing the following command:/usr/sap//HDB/exe/sapcontrol -nr -function StopSystem HDB

Step 4.Start the Nameserver in Background

Now start the name server in background by executing the following commands:

○xyz/usr/sid/HDB/exe/hdbnameserver &

Step 5.Start the  Compile Server in Background

start the compile server by executing the following
○xyz/usr/sid/HDB/exe/hdbcompileserver &

Step 6.Start the Indexserver with Special Flag resetUserSystemNote

Now start the index server by executing this command

xyz/usr/sid/HDB/hdbenv.sh
○xyz/usr/sid/HDB/exe/hdbindexserver -resetUserSystemNote

Note:In a scale-out system, you only need to execute the commands on the master index server.

The following prompt appears: resetting of user SYSTEM – new password

Step 7.Enter a new password for the SYSTEM user.

You must enter a password that complies with the password policy configured for the system.
The password for the SYSTEM user is reset and the index server stops.

Step 8.Kill Compileserver and Nameserver

In the terminals in which they are running, run the following command

HDBinfo

HDB info displays the list of hdb process that are running.

Now you kill the corresponding Process ID of compile server and name server by below command

Kill -9

Step 9.Start the Database

Then start the instance by executing the following command:xyz/usr/sid//HDB/exe/sapcontrol -nr -function StartSystem

If you previously deactivated the SYSTEM user, it is now also reactivated. This means you will need to deactivate it again.

How to deactivate user in SAP Hana

Deactivate the SYSTEM User:

As the most powerful database user, SYSTEM is not intended for use in production systems. Use it to create lesser privileged users for particular purposes and then deactivate it.

SYSTEM is the database superuser. It has irrevocable system privileges, such as the ability to create other database users, access system tables,etc. In addition, to ensure that the administration tool SAP HANA cockpit can be used immediately after database creation, SYSTEM is automatically granted several roles the first time the cockpit is opened with this user.Note SYSTEM does not automatically have access to objects created in the SAP HANA repository.

In a system with multitenant database containers, the SYSTEM user of the system database has additional privileges for managing tenant databases, for example, creating and dropping databases, changing configuration (*.ini) files of databases, and performing database-specific data backups.

Prerequisites:

You have the system privilege USER ADMIN.

The administrator can deactivate a user account with the following SQL command or SQL console of the SAP HANA studio:

ALTER USER DEACTIVATE USER NOW
Example:

ALTER USER SYSTEM DEACTIVATE USER NOW

After the user account is deactivated, the user cannot log on to the SAP HANA database until

the administrator resets the users password.


Note: You can still use the SYSTEM user as an emergency user even if it has been deactivated. Any user with the system privilege USER ADMIN can reactivate SYSTEM with the statement

 ALTER USER SYSTEM ACTIVATE USER NOW.

---This will list down the deactivated/locked users.

select * from "sys"."users" where user_deactivated='true';
---or---
select * from "public"."users" where user_deactivated='true';

select name, user_deactivated, invalid_connect_attempts from "sys"."p_principals_" where name  ='username'

How to Unlock the User in HANA

This Topic will explain about how to unlock the schema in SAP HANA and below sql's provide information about how to unlock the user in SAP HANA .

Live Example : Our ERP Test schema was getting locked in SAP HANA and it was causing a downtime for the Customer application , we had to enable an audit policy on HANA to find out who’s locking the user .A database user may be locked because of the (default) password policy defined:

indexserver.ini > password policy > maximum_invalid_connect_attempts = 6

How to list all SAP HANA users with their lock status?

We want to list down all users created in SAP HANA system with locked/Unlocked status.

Requirement: We want to list SAP HANA users with their lock status.
Prerequisite:  We need a database user with DATA ADMIN or CATALOG READ assigned.

Steps:

   1> Connect to the required system via HANA Studio
   2> Open Administration perspective,  You can open it from Window -> Open -> Perspective -> Administration Console
   3> Execute following SQL in SQL console:

---this will list all users in HANA systems.
Select * from "SYS"."USERS";

Select * from "PUBLIC"."USERS";

---This will list down the deactivated/locked users.

Select * from "SYS"."USERS" WHERE USER_DEACTIVATED='TRUE';
Select * from "PUBLIC"."USERS" WHERE USER_DEACTIVATED='TRUE';

---This will list down the unlocked/active users.
Select * from "SYS"."USERS" WHERE USER_DEACTIVATED='FALSE';
Select * from "PUBLIC"."USERS" WHERE USER_DEACTIVATED='FALSE';



How to activate user which is locked and following message comes when try to connect;

vsa100 ABC/home> hdbsql -jU DEFAULT
Welcome to the SAP HANA Database interactive terminal.
Type:  \h for help with commands
       \q to quit
hdbsql=>

* 416: user is locked; try again later: lock time is 1440 minutes; user is locked until 2015-03-09 12:11:41.1530000 (given in UTC) [1440,2015-03-09 12:11:41.1530000] SQLSTATE: HY000

hdbsql=> exit
This is because user tried with too many invalid attempts.

If too many invalid attempts >> Issue the command - ALTER USER RESET CONNECT ATTEMPTS to activate it again.

Open HANA Studio, connect to the system >> expand security >> expand users >> identify the user and

double click to open the details of respective user

Click “Activate User” at the top right of the user window wizard, you will prompt to confirm.
To control password policy HANA has a monitoring view as below:-

hdbsql QNI=> select * from M_PASSWORD_POLICY
PROPERTY,VALUE
"last_used_passwords","5"
"maximum_invalid_connect_attempts","5"
"maximum_password_lifetime","182"
"maximum_unused_inital_password_lifetime","28"
"maximum_unused_productive_password_lifetime","365"
"minimal_password_length","8"
"minimum_password_lifetime","1"
"password_expire_warning_time","14"
"password_layout","A1a"
"password_lock_time","1440"
"force_first_password_change","true"
11 rows selected (overall time 12.331 msec; server time 1234 usec)

In case you would need user never face password expiry and locking issues due to failed login attempts, you can alter the configuration parameters as below:- so that the password policy on database gets change.

Second Method for Unlock the Schema by Using SQL :

Disable pwd expire for technical users :
ALTER USER DISABLE PASSWORD LIFETIME

UNLOCK USER :
alter user password ;

CHECK IF USER IS DEACTIVATED:
SELECT NAME, USER_DEACTIVATED, INVALID_CONNECT_ATTEMPTS FROM "SYS"."P_PRINCIPALS_" WHERE NAME='username'

CHECK INVALID PWD ATTEMPTS:
select * from sys.INVALID_CONNECT_ATTEMPTS where user_name='username'

FOR Reseeting INVALID PWD ATTEMPTS if any:
alter user username DROP CONNECT ATTEMPTS;

SQL Command  for Monitoring & Alerting the User:

Following commands help us to identify the failed attempts information or Invalid Password Attempts:

hdbsql ABC=select * from sys.INVALID_CONNECT_ATTEMPTS where user_name='username'

USER_NAME,SUCCESSFUL_CONNECT_TIME,INVALID_CONNECT_ATTEMPTS
"SAP","2014-06-10 10:32:21.105000000",5

Check for User Status (Deactivated/Activated) :

SELECT NAME, USER_DEACTIVATED, INVALID_CONNECT_ATTEMPTS FROM “SYS”.”P_PRINCIPALS_” WHERE NAME='username'

Below command will reset the failed connection attempts of the particular user: 

alter user reset connect attempts
1 row selected (2989 usec)

Disable Password Expire for technical users:

ALTER USER DISABLE PASSWORD LIFETIME

User Password Reset :

alter user username  password ;

Another workaround is to change the password of the respective user.

alter user ABC DROP CONNECT ATTEMPTS;
alter user ABC password ;
ALTER USER ABC FORCE PASSWORD CHANGE
ALTER USER ABC DISABLE PASSWORD LIFETIME 

Backup failed with Invalid value for key (bkpmon)

Here , I Explained about backup failed with Invalid value for KEY (bkpmon) and the error message is backup failed with return code [1] and stderr [* -10104: Invalid value for KEY (bkpmon)

ERROR Code -
[lddbabc:9090 (4.1.1.1)] Command [su - abcadm -c "/usr/sap/ABC/home/backup.pl"] failed with return code [1] and stderr [* -10104: Invalid value for KEY (bkpmon)

workaround for the error -

Step 1: Connect to DB using Backup User.

vsa0002:HDB:abcadm ~ 860> hdbsql -jU bkpmon

Welcome to the SAP HANA Database interactive terminal.

Type:  \h for help with commands
       \q to quit

hdbsql=>
* -10104: Invalid value for KEY (bkpmon)
hdbsql=>
* -10104: Invalid value for KEY (bkpmon)

---if we are getting  same error then follow below step----- 

Step 2:  Check  Hana DB Version & Backup Script Version.

vsa0002:HDB:abcadm ~ 862> HDB version
HDB version info:
  version:                 1.00.102.03.1449674847
  branch:                 fa/newdb100_maint_rel
  git hash:                d20cd4981dab98ab6c30307d71d1b111e8725670
  git merge time:      2015-12-09 16:27:27
  weekstone:           0000.00.0
  compile date:        2015-12-09 16:39:52
  compile host:        ld700
  compile type:        rel


vsa0002:HDB:abcadm ~ 863> ./backup.pl   -v
version: 6

1> Remove or Rename old Backup.pl Script .
2> Download Backup Script (backup.pl)  from SAP Support & Check backup Script Version.
vsa0002:HDB:abcadm ~ 871> ./backup.pl -v

Step 3: Install the Backup.pl Script.

vsa0002:HDB:abcadm  ~ 873> ./backup.pl  -i
Installing backup.pl here.

Step 4: login into DB from Command Prompt Using Backup User.

vsa0002:HDB:abcadm ~ 874> hdbsql -jU bkpmon

Welcome to the SAP HANA Database interactive terminal.

Type:  \h for help with commands
       \q to quit

hdbsql=>
hdbsql ABC=>

Congratulation : Issue has been Resolved & wait for next backup run or we can test manually!!!

Export Import in Hana (Hana Refresh)

Activity :  HANA Refresh

Source DB : ABC
Source Schema : ABC_PROD

Target DB : CBA
Target Schema : CBA_TEST

Step 1 : Take export of  ABC_PROD  using EXPORT command.

Export Command:
EXPORT ""."*" AS BINARY INTO '/hdb/ABC/backup/data/refresh'

Step 2: Convert the create.sql/index.sql using find and replace command.

Find and Replace the source name to target:
find . -name 'create.sql' -exec sed -i 's,(source_change_on_run),(target_change_on_run),g' {} \; -print > /tmp/create_output.txt
find . -name 'index.sql' -exec sed -i 's,(source_change_on_run),(target_change_on_run),g' {} \; -print > /tmp/index_output.txt

find . -type f -exec sed -i 's,(source_change_on_run),(target_change_on_run),g' {};    -print

Step 3: Import the dump to CBA_TEST using IMPORT command

Import Command:
IMPORT "*"."*" AS BINARY FROM '/hdb/BAC/backup/data/refresh/refresh' WITH RENAME SCHEMA "(source_change_on_run)" TO "(target_change_on_run)" THREADS 16

Step 4: Validate the size of schema and row counts

Get the Schema size from both side:

SELECT SCHEMA_NAME AS "Schema",round(sum(TABLE_SIZE)/1024/1024) AS "Size in MB" FROM M_TABLES where SCHEMA_NAME='' GROUP BY SCHEMA_NAME

Get the Schema based Table row count from both side:

select schema_name,table_name,record_count from m_tables where schema_name='' order by table_name

Backup failed with Commoncrypto Error

Here , I Exaplined about backup failed with Common Crypto Error and the error message is "crypto provider 'commoncrypto' not available"

Error Code Detail:
cmd output: [Sat Jun 20 19:00:19 2015] ERROR: [vadbabc:9090 (4.1.1.1)] Command [su - abcadm -c "/usr/sap/ABC/home/backup.pl"] failed with return code [2] and stderr [* 447: backup could not be completed: [300001] Invalid SSL configuration: crypto provider 'commoncrypto' not available SQLSTATE: HY000] and stdout []

Reason and Prerequisites:

HANA Revision 90 or above the SAP Cryptographic Library (CommonCryptoLib) is delivered with the HANA binaries. One of its functions inside HANA is to calculate cryptographic checksums, which is also done for ensuring a consistent backup.

The usage of the CommonCryptoLib requires a correct environment for all HANA processes.

In particular, the two environment variables DIR_EXECUTABLE and SECUDIR have to be set as a precondition for the correct function of the CommonCryptoLib. These two environment variables are set automatically during the installation of HANA.

Whenever we face backup issue due to commoncrypto not available , follow below step:

1.       Just type ‘env’ once we connect adm before we source hdbenv.csh.

2.       Use the following command echo $DIR_EXECUTABLE and  echo $SECUDIR to check whether environment variables are set.

3.       If variables are not set then go to home directory and perform necessary changes:

The .sapenv.sh script (located in the home directory of the adm) sources /usr/sap/$SAPSYSTEMNAME/HDB[0-9][0-9]/HDBSettings.sh to ensure the correct setup of the HANA environment. HDBSettings.sh sources hdbenv.sh which is responsible for setting up the two environment variables DIR_EXECUTABLE and SECUDIR.

4.      We have done necessary changes now in .sapenv.csh script for system ABC and we can perform database restart to reflect the same and trigger backup.

Table Types in Hana

Here , we are going to discuss about table types in SAP HANA database and how to create table by using SQL Command and HANA Studio.

SAP HANA supports two types tables.

1 - Row Store table
2 - Column Store table

In this session, we will learn :

-    How to create, update and delete tables in SAP HANA.
-    How to see definition and data preview of tables.
-    How to change column type of a table.

Create a Table Using Standard SQL:

1.    Select your Schema. Right click and select "SQL Console". Otherwise you can also click on "SQL" button on top panel as shown in below figure.

2.    Copy the SQL statement below in SQL editor.

            CREATE COLUMN TABLE TEST_TABLE1 (
            ID INTEGER,
            NAME VARCHAR(10),
            DESCRIPTION VARCHAR(100),
            PRIMARY KEY (ID)
             );

   3.    Click on Execute.

  4.    Right-click on Tables under the Navigator Tab and click on Refresh to display the name of the            newly created table.

 5.    Right click on the table and click on "Open Definition" to see the table details.

Create a Table with The SAP HANA Studio Tools:

1.    Select your Schema. Right click and select "New Table"

2.    Enter the Table Name

3.    Choose the Table Type, e.g. "Column Store"

4.    Enter the required table fields, data types, Key characteristics, etc. by clicking on the "+" sign              below, and click on the Create table icon (or F8) when ready.

Topic on - Row Store Table in SAP HANA
Topic on - Column Store Table in SAP HANA
Topic on - Convert Row Store to Column Store Table in HANA

Star Schema in Hana

Star schema is not a new concept. This is a very famous design approach which was there even before SAP HANA came. The understanding of star schema will help you to understand HANA analytic view.

What is Star Schema?

The star schema (also called multi-dimensional schema) is the simplest style of data warehouse schema.

Star Schema – a single object (the fact table) sits in the middle and is connected to other surrounding objects (dimension tables) like a star.

Each dimension is represented as a single table. The primary key in each dimension table is related to a foreign key in the fact table.


 

It is called a star schema because; the entity-relationship diagram of this schema resembles a star, with points radiating from a central table. The center of the star consists of a large fact table and the points of the star are the dimension tables.

Facts and Dimension Tables:

The fact table holds the main data i.e. the actual data. It includes a large amount of aggregated data, such as sales, profit etc.
Dimension tables include the attributes that describe the data in different perspective.

For example : If sales is the fact then Sales per Year, Sales per Country are the different perspective of seeing data. Here Country and Year would be 2 different dimensions.
Each dimension table is joined to the fact table using a primary key to foreign key join, but the dimension tables are not joined to each other.

Fact table:

o    Contain key numeric measures of the business

o    Connected to dimensions

o    Two types of columns:

o    Facts or measures

o    Foreign keys to dimension tables

o    Primary key is formed by combining foreign keys pointing to dimension tables

Dimension Tables:

o    Contain information that represents attributes or aspects of the business

o    Contain relatively static data

o    Are joined to fact table through a foreign key reference

 

 

Advantages of Star Schema:

Performance

o    Faster query operation

Data model is easy to understand

o    Based on business process

o    Support multi-dimensional analysis

Easy to define hierarchies

o    Continent –> Country –> City

o    Shift – Day – month – Year

Easy to navigate

o    Number of table joins reduced

Maintainable and Scalable

o    Can add new fact tables which use existing dimensions

o    Supported by many front-end tools