Export (0) Print
Expand All

Plan to deploy Duet Enterprise for SharePoint and SAP Server 2.0

 

Applies to: Duet Enterprise for Microsoft SharePoint and SAP Server 2.0

Topic Last Modified: 2013-12-18

Summary: Learn how to plan a deployment of Duet Enterprise 2.0 in a SharePoint Server 2013 environment.

This article describes the planning that you should do before you begin an installation of Duet Enterprise for Microsoft SharePoint and SAP Server 2.0. The procedures and information presented in this article are listed in the order in which they must be used. All hardware and software must comply with the information found in Hardware and software requirements for Duet Enterprise for Microsoft SharePoint and SAP Server 2.0.

The installation and configuration process will require several hours to complete. You will need to work with your SAP administrator who will provide you with a SAPSSL.cer certificate and the endpoint URLs. You will provide the SAP administrator with two certificates: SharePointSSL.cer and DuetRoot.cer and the publishing URL of your extended SharePoint site. We recommend that you schedule time when both the SharePoint administrator and the SAP administrator are available. In addition to the items listed in this article, you need to review all hardware and software requirements for Duet Enterprise 2.0 and also for all Windows, SQL Server, and SharePoint Server computers that are used for this deployment.

The overall installation and configuration process will proceed in the following order:

  1. Hardware and software requirements for Duet Enterprise for Microsoft SharePoint and SAP Server 2.0

  2. Prepare the environment for Duet Enterprise for SharePoint and SAP Server 2.0

  3. Install Duet Enterprise for SharePoint and SAP Server 2.0

  4. Import models in Duet Enterprise for SharePoint and SAP Server 2.0

  5. Configuration check for Duet Enterprise for SharePoint and SAP Server 2.0

We recommend that you obtain and record this information before you begin your deployment. We have provided the following deployment reference table that lists the names of the accounts and service applications described in the Duet Enterprise 2.0 install and configure process.

The Name as documented column in this table contains the names of the items you are tracking while deploying Duet Enterprise. These are the names that are referred to throughout this guide. The Name used column is for your use to record the names of these items.

Table: Deployment reference for Duet Enterprise 2.0

Name as documented Name used

Secure Store Service Application

EndPoint URL: MetadataURL

EndPoint URL: LsiUrl

Business Data Connectivity Service Application

User Profile Service Application

Certificate: SharePoint SSL

Certificate : SAP SSL

Certificate : Duet Root

Security Account: Duet Admin

Security Account: DuetPublisher

Web Application Name

Web Application URL

Web Application (Extended) URL

Web Application (Extended) Zone

Site Collection: sites/DuetEnterprise2

Site Collection: Team site Template

Site: DuetReportingandWorkflow

Site: Team site Template

In this article:

Endpoint URLs are URL links that point the SharePoint Server system to specific endpoints in the SAP system and are bound to each imported Business Data Connectivity (BDC) model. These URLs must be obtained from the SAP administrator for each BDC model that you import. There are two URLs for each model:

  • LsiUrl   This is the service URL with which SAP exposes data for a particular feature.

  • MetadataURL   This will be automatically be picked up by the LsiUrl when the command is run.

You need three certificates to help secure Duet Enterprise 2.0 communications between clients and the server and between the servers running SharePoint and SAP. These certificates are created during the Duet Enterprise 2.0 installation process on both the SharePoint and SAP systems.

  • DuetRoot.pfx   Created when you configure a root certificate by using the DuetConfig.exe -createselfsignedcertificate command. This certificate is used to create user certificates that are sent to SAP along with end-user requests. The process for creating this certificate must be completed in the following order:

    1. Create the certificate as a .pfx file.

    2. Configure the certificate. This includes storing it in the Secure Store Service Application.

    3. Export the certificate as a .cer file. This is necessary because the SAP system needs the certificate with the public key only.

    4. Share the .cer file with the SAP administrator. The SAP administrator will create a trust relationship for this certificate.

  • SharePointSSL.cer   Secures server requests for calls from SAP to SharePoint. This certificate is created on the SharePoint system by using Internet Information Services (IIS) Manager, exported by using the Microsoft Management Console, and shared with the SAP administrator to be trusted in the SAP system.

  • SAPSSL.cer   Secures server requests for calls from SharePoint to SAP. This certificate is created on the SAP system and shared with the SharePoint administrator to be trusted in the SharePoint system.

Two Active Directory Domain Services (AD DS) accounts are required to install Duet Enterprise 2.0, as shown in the following table.

Table: Domain accounts required to install Duet Enterprise 2.0

Account Purpose Requirements

DuetAdmin

  • Runs Setup.exe

  • Runs DuetConfig.exe commands

  • A member of the Windows Administrators group on the computer that is running SharePoint Server 2013.

  • A member of the Farm Administrators group on the SharePoint Server farm on which you are installing Duet Enterprise 2.0.

  • Full Control permissions on the User Profile service application is required to configure RoleSync by using the DuetConfig.exe -configurerolesync command.

DuetPublisher

Used by the SAP system to connect to the SharePoint system for pushing reports and workflow notifications.

No permissions need to be set on the SharePoint Server 2013 farm for this account.

You must give the name of the account you are using as the DuetPublisher account to the SAP administrator. We recommend that you use an account in AD DS named DuetPublisher. The SAP administrator will map this user account to one or more SAP roles in SAP NetWeaver Gateway that have access to SAP reports.

ImportantImportant:
This account cannot be the same as the SharePoint farm account or the Managed account assigned to the application pool of the web application using by Duet Enterprise.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft