How authentication works in Duet Enterprise 2.0

Duet Enterprise 2.0 stores all business processes and data in the SAP system while letting SharePoint users access the processes and data from SharePoint websites and Outlook 2013. Because SAP and SharePoint authenticate users differently, Duet provides a single sign-on authentication model that authenticates each user individually.

It’s helpful to understand the following things before you look at the overall authentication process.

• A user logs on to SharePoint by using their SharePoint user identity. This can be either forms-based authentication or credentials stored in Active Directory Domain Services (AD DS), but is typically associated with a user account stored in AD DS.
• The SAP environment can’t authenticate a user’s SharePoint identity. Instead, a Duet Enterprise component installed on the SharePoint Server 2013 farm swaps the user’s Windows credentials for a user certificate that SAP NetWeaver uses to authenticate the user. When Duet Enterprise 2.0 is installed, the SAP administrator creates a trust relationship with the DuetRoot Certificate (an X.509 Root Authority certificate), which is stored in the SharePoint Secure Store Service. This certificate is used to create a certificate for each individual user on the fly.
• Information in an SAP environment can’t be secured with Windows credentials or SharePoint credentials (which in this case would be the user’s SharePoint identity). Instead, information is secured in SAP using SAP user accounts. When deploying Duet Enterprise 2.0, an SAP administrator maps each SharePoint user account to a unique SAP user. This way, a user who logs into a SharePoint website can access data that’s stored in SAP without getting an extra login prompt.

The following picture shows a high-level view of authentication flow in a Duet Enterprise 2.0 environment. It shows the steps that occur when a SharePoint user accesses SAP information from a SharePoint site.

Tip:
To see this picture and the following list that describes the process without having to scroll, download the Authentication flow in Duet Enterprise 2.0 poster.

 

Figure: Duet Enterprise 2.0 authentication

The following list describes the steps shown in the preceding picture. This picture assumes that a SharePoint user has requested data that’s stored in the SAP environment.

A.   A user logs on to a Duet Enterprise 2.0-enabled SharePoint website using his SharePoint user identity. Because the website contains an external list or Web Part that surfaces SAP data, the request is sent to the Business Connectivity Services runtime in the SharePoint farm.

B.   The Business Connectivity Services runtime invokes the Duet Enterprise 2.0 OData Extension Provider.

C.   The Duet Enterprise 2.0 OData Extension Provider gets the DuetRoot Certificate from the Secure Store.

D.   The Duet Enterprise 2.0 OData Extension Provider uses the DuetRoot Certificate to create an X.509 user certificate and sends the certificate to the Business Connectivity Services runtime.

E.   The Business Connectivity Services runtime sends the request with the user certificate to the SAP NetWeaver Gateway component of SAP NetWeaver in a request packet.

Tip:
SAP NetWeaver with the SAP NetWeaver Gateway component installed is also known as SAP NetWeaver Gateway.

 

F.   Because SAP NetWeaver trusts the DuetRoot Certificate that was used to create the user certificate, SAP NetWeaver can authenticate the user and look up the SAP user who is mapped to the SharePoint user who is identified by the certificate.

G.   The SAP user account that’s mapped to the SharePoint user is returned to SAP NetWeaver.

H.   SAP NetWeaver uses the SAP user account to request access to the requested information in the SAP system and, if the user is authorized to access the information, the requested information is sent to SAP NetWeaver Gateway.

I.   SAP NetWeaver Gateway sends the reply as a response packet to the Business Connectivity Services runtime on the on-premises SharePoint farm.

J.   The Business Connectivity Services runtime passes the information to the SharePoint user. In this case, to the website from which the user has requested the information.

Note:
The two-way connection between the SharePoint Server farm and SAP NetWeaver is secured by using two Secure Sockets Layer (SSL) certificates. One certificate is bound to a SharePoint web application and trusted by the SAP administrator. The other certificate is bound to SAP NetWeaver and trusted by the SharePoint administrator.

 

Using SAP roles to access SharePoint objects

In the enterprise, the tasks that a user does are usually related to that user’s role. Because of this, it’s handy to grant permissions to resources, such as list items, websites, and documents, based on SAP roles. Conceptually, SAP roles are like SharePoint groups except that they’re created and managed in SAP.

In SAP NetWeaver, users are assigned one or more roles, such as Sales Representative, Project Manager, Executive, and Human Resources Specialist. SAP roles can be broad, such as All Sales Managers, or narrow, such as Sales Managers Eastern Region.

In Duet Enterprise 2.0, these SAP roles can be used to grant permissions in SharePoint Server. Anything you can set permissions on in SharePoint Server can be assigned permissions using SAP roles.

This includes objects directly related to Duet Enterprise 2.0, such as SAP reports, external lists, actions on external content types, and any general and securable SharePoint Server objects, such as websites or document libraries.

After a role is granted permissions to an object, any user who is assigned that role will then have permissions to use that object.

If you remember nothing else about RoleSync, remember that SAP NetWeaver admins assign SAP users to roles and they also assign SharePoint users to SAP users. This effectively assigns one or more SAP roles to SharePoint users.

Duet Enterprise 2.0 uses the Duet Enterprise Profile Synchronization Timer Job feature to bring the user role assignments from the SAP system into the SharePoint user profile store. Duet Enterprise 2.0 also uses the Duet Enterprise Claims Provider to help manage the role-based permissions to securable objects in SharePoint Server.

Note:
Think of role synchronization as a one-way street. Users’ roles that are defined in the SAP system are brought into the SharePoint user profile store. No properties in the SharePoint user profiles are sent from SharePoint back to SAP.

 

During role synchronization, the set of SAP users is imported into the SharePoint user profile store by using Business Connectivity Services. For each SAP user who has a related user profile in SharePoint, all of the SAP roles assigned to that user are listed in the user profile store.

Role synchronization connects from SharePoint Server to an external system on the SAP side named “SAPUsersService.” This external system sends the user-to-roles mappings to the SharePoint user profile store.

After role synchronization is completed, you’ll see a new field, called SAP Roles at the bottom of the User Profile page. The SAP roles assigned to the user are separated by semicolons.

SAP Roles as seen on a User Profile page.

Role synchronization is typically scheduled to be run on a schedule by using the Duet Enterprise Profile Synchronization Timer Job. You decide how often to synchronize roles and how many users to import at a time.

After roles are synchronized with the SharePoint user profile store, users and administrators can grant access to SharePoint securable objects using the SAP roles. Before this capability is available, a SharePoint farm administrator needs to activate the Duet Enterprise SAP Roles Claims Provider feature at the farm level which makes the claims provider available.

Note:
When a user’s role is changed in the SAP system, the change can take some time (up to 10 hours) to be propagated to the SharePoint system. This might temporarily prevent users from being authorized if their roles have changed since the last sync job.

Business Connectivity Services (BCS) client side logging for Office 2010 when working with Duet Enterprise

Use tracing on the client (SharePoint Server 2010) 
http://technet.microsoft.com/en-us/library/ff700209.aspx

Here are the condensed steps that I use on the client when troubleshooting issues related to taking Duet Enterprise lists offline. 
NOTE: You must be an Administrator on the computer to use the tracing.

Create the Data Collector Set:

1. Launch Perfmon (Start –> Run –> Perfmon) 
2. Expand Data Collector Sets 
3. Right-click on “User Defined” and choose “New Data Collector set” 
4. Give it a name, I use “BCS” 
5. Choose the “Create Manually” option and click Next 
6. Check the box labeled “Event trace data” and click Next 
7. Next to the Providers box, click the “Add…” button and wait for the list to load. 
8. Select the item named “Microsoft-Office-Business Connectivity Services” and click “OK” 
9. Leave everything at the default values and click “Finish” 
10. You should now see your “BCS” Data Collector Set listed under “User Defined” in Perfmon.

 

Start collecting the trace information:

1. Select the “BCS” data collector set you created previously. 
2. Click the “Start the Data Collector Set” button. 
3. Reproduce the issue. 
4. Click the “Stop the Data Collector Set” button to stop the trace. 
5. A trace file with a .etl extension should be created in a path like this: 
    C:\PerfLogs\Admin\BCS\MACHINENAME_20110824-000001\DataCollector01.etl

View the trace:

1. Launch Event Viewer (Start –> Run –> eventvwr.msc) 
2. Action menu  –> “Open Saved Log…” 
3. In the “Open Saved Log” dialog, navigate to the .etl trace file you created earlier and choose Open. 
4. When prompted to convert to the new event log format choose Yes. 
5. Change the display name if you would like then click OK 
6. You should see the trace information in event viewer.

How To : Customize the Duet Workflow Task form in InfoPath 2013

Contents

• Introduction
• Displaying the SAP business properties
• Adding and deleting controls on the form
• Adding heading images to the form and applying a theme

Introduction

After a task site is published through SharePoint Designer, the task form ApprovalProcess.xsn is generated. The form has a default layout. But we may also want to display the SAP business properties, add some more controls relevant to the use of the form, or delete some irrelevant controls. We may also want to give a nice look and feel to the form. We can do these customizations easily with the help of InfoPath 2013.

Scenario

We have published a task site of the task type TestTask using SharePoint Designer 2013. The task form has the default layout shown below. We want to customize the form to include a SAP business property, add a control, remove a control, add a heading image, and apply a theme.

Figure 1. TestTask task form with default layout

Displaying the SAP business properties

Prerequisite: We can display the SAP business properties in the workflow task form provided that we have included the properties in the Extended Business Properties text box while creating the task site.

Steps:

1. In SharePoint Designer, click ApprovalProcess.xsn.

Figure 2. ApprovalProcess.xsn in SharePoint Designer

InfoPath Designer opens with an auto-generated layout of the form.

Figure 3. InfoPath Designer with auto-generated layout of the TestTask form

2. Insert a new row, wherever you want, for the business property LeaveDaysUsedTillToday that you want to display in the form.

a. In the first column, enter the field name as you want to see it displayed in the form, for example,Leaves Used Till Today.

Figure 4. Entering field name in the first column

b. In the second column, we need to get the value for the business property LeavesUsedTillTodayfrom the Workflow Business Document Library. Thus, we need to create a secondary data connection with the Workflow Business Document Library.

3. Create a secondary data connection with the Workflow Business Document Library as follows: 

a. Under Actions, click Manage Data Connections.

Figure 5. Clicking Manage Data Connections in InfoPath

The Data Connections dialog box appears.

Figure 6. Data Connections dialog box

b. In the Data Connections dialog box, select Context  from the list of Data Connections for the form template, and click Add. The Data Connection Wizard starts.

Figure 7. Data Connection Wizard

c. Click Next without changing any settings. The wizard now asks for the source of data. SelectSharePoint library or list as the source of data.

Figure 8. Selecting SharePoint library or list in the Data Connection Wizard

d. Click Next. The wizard now prompts you to enter the location of the SharePoint site.

e. Enter the URL of the task site, and click Next.

Figure 9. Entering task site location in the Data Connection Wizard

f. Select the Workflow Business Data Document Library for the data connection, and click Next.

Figure 10. Selecting Workflow Business Data Document Library for the data connection

g. Select the Title and LeavesUsedTillToday fields, and click Next. The Title field will help us filter the data corresponding to a task from the Workflow Business Data Document Library. The Title field is the concatenation of the Related Content field in the main data connection and the string “.xml“.

Figure 11. Selecting the Title field and LeaveDaysUsedTillToday field

h. Click Next.

Figure 12. Data Connection Wizard

i. Click Finish.

Figure 13. Finishing the Data Connection Wizard

j. Close the Data Connections dialog box that now has the data connection to the Workflow Business Data Document Library.

Figure 14. Data Connections dialog box with the new data connection

4. Click in the second column of the new row that we inserted in step 3. On the Home tab in the ribbon, click Calculated Value (fx) button in the Controls pane.

Figure 15. Choosing Calculated Value in InfoPath

The Insert Calculated Value dialog box appears.

5. Click the fx button next to the XPath text box.

Figure 16. Insert Calculated Value dialog box

The Insert Formula dialog box appears as shown in the following figure.

6. Click Insert Field or Group.

Figure 17. Insert Field or Group button

The Select a Field or Group dialog box appears, as shown in the following figure.

7. Click Show advanced view.

Figure 18. Show advanced view link

Now, we have the option to select the data connection also. 

Figure 19. Select a Field or Group dialog box

8. Select the secondary data connection to the Workflow Business Document Library from the drop-down list.

Figure 20. Choosing a secondary data connection

9. Expand the dataFields tree structure until you see LeaveDaysUsedTillToday. SelectLeaveDaysUsedTillToday. Since we want to get only the business property for the corresponding task, we need to filter the data received from the data connection. Click Filter Data.

Figure 21. Filter Data button

10. The Filter Data dialog box appears. Click Add.

Figure 22. Add button in the Filter Data dialog box

The Specify Filter Conditions dialog box appears.

Figure 23. Specify Filter Conditions dialog box

11. Specify the filter conditions as follows:

a. In the first drop-down list, choose Select a field or group.

Figure 24. Choosing Select a field or group

b. Choose Workflow Business Data Document Library as the data source.

c. Expand the dataFields tree structure until you see Title. Select Title, and then click OK.

Figure 25. Title in the Select a Field or Group dialog box

d. In the second drop-down list in the Specify Filter Conditions dialog box, select is equal to.

e. In the third drop-down list in the Specify Filter Conditions dialog box, select Use a formula.

Figure 26. Selecting Use a formula in the list

f. The Insert Formula dialog box opens. Click Insert Function.

Figure 27. Insert Function button

The Insert Function dialog box opens.

Figure 28. Insert Function dialog box

g. Select Text in the Categories list, and then select concat in the Functions list. Click OK.

Figure 29. Choosing category and function

The formula corresponding to the selection appears in the Insert Formula dialog box.

Figure 30. Concat Formula prototype (skeleton) in the Insert Formula dialog box

h. Double-click the first argument in the concat function. The Select a Field or Group dialog box opens. Under the Main data connection, expand the dataFields tree structure till you see Related Content. Select the subfield :Description under Related Content. Click OK.

Figure 31. :Description subfield under Related Content

i. Write the string “.xml” as the second argument in the concat function. Delete the comma following the second argument and the third argument.

The updated formula is as shown in the following figure. Click OK.

Figure 32. Updated concat formula (with provided arguments) in Insert Formula dialog box

j. Click OK in the dialog boxes in the order: Specify Filter Conditions, Filter Data, Select a Field or Group.

The final overall formula appears in the Insert Formula dialog box. (This dialog box was opened in step 5 and is still open)

Figure 33. Final formula in the Insert Formula dialog box

12. Click OK in the Insert Formula dialog box (shown above) to return to the Insert Calculated Valuedialog box where the XPath corresponding to our selections has been updated.

Figure 34. Updated XPath in the Insert Calculated Value dialog box

Click OK.

13. Click the File tab on the ribbon. Click Quick Publish.

Figure 35. Publish your form

14. The Save As dialog box opens.

Figure 36. Saving the form template

15. Click Save. The Microsoft InfoPath dialog box stating the successful publishing of the form template appears. Click OK.

Figure 37. Form template published successfully

16. Open the task site and look up any of the tasks. The task appears as shown in the following figure. The SAP business property LeavesUsedTillToday has the value 10 in this task.

Figure 38. Task on the task site with LeavesUsedTillToday business property

Adding and deleting controls on a form

Suppose we want to add a control—for example, ID—from the main data connection to the workflow task form, and delete the control Consolidated Comments from the form.

1. Insert a new row for the ID field.

Figure 39. Inserting a new row for the ID field

2.  Drag the ID field from the Fields task pane onto the canvas. The label for the control appears automatically in the left column when you drag the field into the right column of the table. However, this is true only if you highlight both columns when you release the mouse.

Figure 40. ID field in right column

3. Delete the row containing the control for Consolidated Comments.

Figure 41. Consolidated Comments row deleted

3. Click the File tab on the ribbon. Click Quick Publish. The Microsoft InfoPath dialog box stating the successful publishing of the form template appears.

4. Click OK.

5. Open the task site and look up any of the tasks. The task appears as shown in the following figure. The task has the ID field with value 1 and no Consolidated Comments control.

Figure 42. Task on the task site with ID control and without Consolidated Comments control

Adding heading images to the form and applying a theme

1. Place your cursor in the title area of the page layout. Add a title—for example, MyTask—in the required format and font.

Figure 43. Title area of the page layout

2. Add the heading image to the form by inserting a picture from the Insert tab on the ribbon.

3. On the Page Design tab, apply the Professional – Standard theme. The easiest way to select the theme is to expand the Themes gallery by clicking the arrow at the lower-right corner. Professional – Standard is the first theme in the Professional section.

Figure 44. Page Design tab

The title, heading image, and page design should now resemble the following figure.

Figure 45. New title, heading image, and page design

4. Click the File tab on the ribbon. Click Quick Publish. The Microsoft InfoPath dialog box stating the successful publishing of the form template appears.

5. Click OK.

6. Open the task site and look up any of the tasks. The task appears as shown in the following figure. The task has the desired heading image and theme.

Figure 46. Task on the task site with desired heading image and theme

Using SharePoint FAST to unlock SAP data and make it accesible to your entire business

An important new mantra is search-driven applications. In fact, “search” is the new way of navigating through your information. In many organizations an important part of the business data is stored in SAP business suites.

A frequently asked need is to navigate through the business data stored in SAP, via a user-friendly and intuitive application context.

For many organizations (78% according to Microsoft numbers), SharePoint is the basis for the integrated employee environment. Starting with SharePoint 2010, FAST Enterprise Search Platform (FAST ESP) is part of the SharePoint platform.

All analyst firms assess FAST ESP as a leader in their scorecards for Enterprise Search technology. For organizations that have SAP and Microsoft SharePoint administrations in their infrastructure, the FAST search engine provides opportunities that one should not miss.

SharePoint Search

Search is one of the supporting pillars in SharePoint. And an extremely important one, for realizing the SharePoint proposition of an information hub plus collaboration workplace. It is essential that information you put into SharePoint, is easy to be found again.

By yourself of course, but especially by your colleagues. However, from the context of ‘central information hub’, more is needed. You must also find and review via the SharePoint workplace the data that is administrated outside SharePoint. Examples are the business data stored in Lines-of-Business systems [SAP, Oracle, Microsoft Dynamics], but also data stored on network shares.

With the purchase of FAST ESP, Microsoft’s search power of the SharePoint platform sharply increased. All analyst firms consider FAST, along with competitors Autonomy and Google Search Appliance as ‘best in class’ for enterprise search technology.

For example, Gartner positioned FAST as leader in the Magic Quadrant for Enterprise Search, just above Autonomy. In SharePoint 2010 context FAST is introduced as a standalone extension to the Enterprise Edition, parallel to SharePoint Enterprise Search.

In SharePoint 2013, Microsoft has simplified the architecture. FAST and Enterprise Search are merged, and FAST is integrated into the standard Enterprise edition and license.

SharePoint FAST Search architecture

The logical SharePoint FAST search architecture provides two main responsibilities:

1. Build the search index administration: in bulk, automated index all data and information which you want to search later. Depending on environmental context, the data sources include SharePoint itself, administrative systems (SAP, Oracle, custom), file shares, …
2. Execute Search Queries against the accumulated index-administration, and expose the search result to the user.

In the indexation step, SharePoint FAST must thus retrieve the data from each of the linked systems. FAST Search supports this via the connector framework. There are standard connectors for (web)service invocation and for database queries. And it is supported to custom-build a .NET connector for other ways of unlocking external system, and then ‘plug-in’ this connector in the search indexation pipeline. Examples of such are connecting to SAP via RFC, or ‘quick-and-dirty’ integration access into an own internal build system.

In this context of search (or better: find) in SAP data, SharePoint FAST supports the indexation process via Business Connectivity Services for connecting to the SAP business system from SharePoint environment and retrieve the business data. What still needs to be arranged is the runtime interoperability with the SAP landscape, authentication, authorization and monitoring.

An option is to build these typical plumping aspects in a custom .NET connector. But this not an easy matter. And more significant, it is something that nowadays end-user organizations do no longer aim to do themselves, due the involved development and maintenance costs.

An alternative is to apply Duet Enterprise for the plumbing aspects listed. Combined with SharePoint FAST, Duet Enterprise plays a role in 2 manners: (1) First upon content indexing, for the connectivity to the SAP system to retrieve the data.

The SAP data is then available within the SharePoint environment (stored in the FAST index files). Search query execution next happens outside of (a link into) SAP. (2) Optional you’ll go from the SharePoint application back to SAP if the use case requires that more detail will be exposed per SAP entity selected from the search result.  An example is a situation where it is absolutely necessary to show the actual status. As with a product in warehouse, how many orders have been placed?

Security trimmed: Applying the SAP permissions on the data

Duet Enterprise retrieves data under the SAP account of the individual SharePoint user. This ensures that also from the SharePoint application you can only view those SAP data entities whereto you have the rights according the SAP authorization model. The retrieval of detail data is thus only allowed if you are in the SAP system itself allowed to see that data.

Due the FAST architecture, matters are different with search query execution. I mentioned that the SAP data is then already brought into the SharePoint context, there is no runtime link necessary into SAP system to execute the query. Consequence is that the Duet Enterprise is in this context not by default applied.

In many cases this is fine (for instance in the customer example described below), in other cases it is absolutely mandatory to respect also on moment of query execution the specific SAP permissions.

The FAST search architecture provides support for this by enabling you to augment the indexed SAP data with the SAP autorisations as metadata.

To do this, you extend the scope of the FAST indexing process with retrieval of SAP permissions per data entity. This meta information is used for compiling ACL lists per data entity. FAST query execution processes this ACL meta-information, and checks each item in the search result whether it allowed to expose to this SharePoint [SAP] user.

This approach of assembling the ACL information is a static timestamp of the SAP authorizations at the time of executing the FAST indexing process. In case the SAP authorizations are dynamic, this is not sufficient.

For such situation it is required that at the time of FAST query execution, it can dynamically retrieve the SAP authorizations that then apply. The FAST framework offers an option to achieve this. It does require custom code, but this is next plugged in the standard FAST processing pipeline.

SharePoint FAST combined with Duet Enterprise so provides standard support and multiple options for implementing SAP security trimming. And in the typical cases the standard support is sufficient.

Applied in customer situation

The above is not only theory, we actually applied it in real practice. The context was that of opening up of SAP Enterprise Learning functionality to operation by the employees from their familiar SharePoint-based intranet. One of the use cases is that the employee searches in the course catalog for a suitable training.

This is a striking example of search-driven application. You want a classified list of available courses, through refinement zoom to relevant training, and per applied classification and refinement see how much trainings are available. And of course you also always want the ability to freely search in the complete texts of the courses.

In the solution direction we make the SAP data via Duet Enterprise available for FAST indexation. Duet Enterprise here takes care of the connectivity, Single Sign-On, and the feed into SharePoint BCS. From there FAST takes over. Indexation of the exposed SAP data is done via the standard FAST index pipeline, searching and displaying the search results found via standard FAST query execution and display functionalities.

In this application context, specific user authorization per SAP course elements does not apply. Every employee is allowed to find and review all training data. As result we could suffice with the standard application of FAST and Duet Enterprise, without the need for additional customization.

Conclusion

Microsoft SharePoint Enterprise Search and FAST both are a very powerful tool to make the SAP business data (and other Line of Business administrations) accessible. The rich feature set of FAST ESP thereby makes it possible to offer your employees an intuitive search-driven user experience to the SAP data.

Your favourite Apps showcased here by SharePoint Samurai Studios will be available for use/download in App Stores Soon!!

Seller Dashboard account approved

		Congratulations! Your account in the Microsoft Seller Dashboard is approved. You can sign in to the Seller Dashboard, and do the following: Add apps and submit them for approval. Add or update payout information. If you want to list your apps for purchase, you need to provide payout information. If you want to list your apps as free, then payout information is not required. Check the approval status of your submitted apps. For more information, see Add Apps in the Microsoft Seller Dashboard. Sincerely, Seller Dashboard Team Note: This message was sent from an unmonitored email address. Please do not reply to this message. If you have questions or need help, please see Seller Dashboard Help.
		Microsoft Corporation | One Microsoft Way Redmond, WA 98052-6399 Microsoft respects your privacy. To learn more, please read our Privacy Statement. Legal Information

Duet Enterprise and NetWeaver – Feautures of and Benefits for businesses by integrating SAP with SharePoint

For years organisations have been scratching their heads trying to figure out how to provide collaboration capabilities on data held within SAP systems.

Many have developed custom solutions and achieved mixed results. We have also seen the rise of Duet 1.x from Microsoft and SAP that provided 11 specific solutions that surfaced data residing in SAP via Microsoft Office. These were good solutions but limited due to their lack of extensibility.

Hence the excitement over Duet Enterprise and the benefits that have been realised are exactly what everyone has been looking for. InfoSys Technologies have just released a case study with Microsoft that discusses their Duet Enterprise project and it is an interesting read. Particularly the benefits realised:

1. Minimal Development Effort

2. Higher Adoption

3. Enhanced Productivity

How can these benefits be real?

Well, to start with, Duet Enterprise provides all the relevant plumbing to blend both SAP and SharePoint “Platforms”. SAP and Microsoft position Duet Enterprise as the “Foundation” layer between the two platforms.

Architecturally speaking the Duet Enterprise Add-on’s must be installed on SAP Netweaver 7.02 Servers and the SharePoint 2010 Farm. The SAP Netweaver 7.02 Servers work as the gateway to the SAP backend systems and can actually support any version of SAP system. The Duet Enterprise is built on SharePoint 2010 and makes use of the Business Connectivity Services that enables the full Create Read Update Delete (CRUD) operations to data residing on external systems. The options for user experience are the same for any SharePoint 2010 solution; Mobile, Office or a Browser. There are no SAP or Duet Enterprise clients.

Ok, but what does this do?

This provides organisations with a jointly supported, (Microsoft and SAP) technical approach and OOB tools to address the common challenges faced when integrating SAP systems. Such as;

Authentication: Using Claims-Based authentication to ensure SSO is available between SharePoint 2010 sites and SAP backend systems.

Authorisation: Able to secure objects in SharePoint using SAP Roles, supporting concepts such a Manager seeing more than an employee.

Monitoring: Duet Enterprise SharePoint Health Rules are provided to proactively monitor your Duet Enterprise solutions. Also available are Duet Enterprise Management Pack for System Centre Operations Manager, a quick video here shows it in action.

It is also worth taking a look at the Duet Enterprise Architecture for more information.

These are just some of the behind the scenes aspects of Duet Enterprise that essentially provide a jump start in any SAP/SharePoint integration project. However, there is also another layer that exemplifies how data from SAP can be surfaced through SharePoint 2010 and Office 2010. (Office 2010 isn’t a pre-req but certainly a better experience!).

Currently included are;

1. Duet Enterprise Workflow

Duet Enterprise Profile

Duet Enterprise Collaboration

Duet Enterprise Sites

Duet Enterprise Reporting

All of this provide a way to jump start development of a solution that can be used OOB or easily extended to suit specific requirements. The result here is that organisations are able to surface data typically locked away in backend SAP systems to a much wider audience and in an inexpensive way. I may blog on what each of these are in the future and how to extend them.

Once deployed, IT departments have a “Foundation” in place to support future extensibility. Once users start seeing what is possible I fully expect the flood gates to open with requests for composite applications.

What else do you get?

1. Long-term product roadmap commitment from SAP and Microsoft
2. Platform for innovation: broad ecosystem of ISV and service partners offering Business Pack Solutions
3. Partner solutions/apps certified by SAP

Tip: Bypass WebProxy for BCS service application in Duet Enterprise landscape

Setting up a fresh Duet Enterprise landscape, I was confronted with an issue trying to import BDC Models from the SAP Gateway system into SharePoint BCS:

Application definition import failed. The following error occurred: Error loading url: “http://….”. This normally happens when url does not point to a valid discovery document, or XSD schema.

Using Fiddler I detected that the problem cause is a “(407) Proxy Authentication Required” issue: “The ISA server requires authorization to fulfill the request. Access to proxy filter is denied.” Although I did setup a rule in Windows CredentialsManager for automatic authentication against the web proxy, this is not picked up in the context of BCS service application as an autonomous running process. As it turns out, by default .NET web applications and services will attempt to use a proxy, even if it doesn’t need one.

So how then to resolve from this situation? Multiple approaches are possible here:

1. Explicitly set the Proxy Credentials for the BCS application process. It is not possible to set the proxy credentials direct in the web.config of 14hive\webservices\bdc. Instead you must use a 2-step delegation approach: refer in the web.config to a custom Proxy module implementation, and build the custom Proxy to explicitly set the proxy credentials:

   namespace ByPassProxyAuthentication
   {
       public class ByPassProxy : IWebProxy
       {
           public ICredentials Credentials
           {
               get { 
                   return new NetworkCredential(
                       "username", "password", "domain"); }
               set { }
           }
       }
   }
   
       <defaultProxy enabled="true" useDefaultCredentials="false">

2. Disable usage of (default)proxy altogether for the BCS application process. This is a viable approach in case the consumed external systems are all within the internal company network infra.

   <system.net>  
     <defaultProxy  
       enabled="false"  
       useDefaultCredentials="false"/>  
     </system.net>

3. Disable usage of (default)proxy for specific addresses for the BCS application process.

   <system.net>
       <defaultProxy>
           <bypasslist>
               <add address="[a-z]+\.contoso\.com" />
               <add address="192\.168\..*" />
               <add address="Netbios name of server" />
           </bypasslist>
       </defaultProxy>
   </system.net>

   The first bypasses the proxy for all servers in the contoso.com domain; the second bypasses the proxy for all servers whose IP addresses begin with 192.168. The third bypass entry is for the ServerName

4. Disable usage of proxy for specific address on system level. This is in fact the most simple approach, just disable proxy usage for certain url’s for all processes on system level. That is also the potential disadvantage, it can be that it is not allowed to disable proxy usage for all processes. You disable the proxy via IE \ Internet Options \ Connections \ LAN Settings \ Advanced \ Proxy Server \ Exception <Do not use proxy server for addresses beginning with>.

Informational sources used:

• Configuring Proxy settings in .NET config file
• Web Service access + internal traffic + 407 Proxy Authentication Required
• Proxy Configuration issues with UPA in SharePoint 2010 /2013

Why integrate SAP with SharePoint? Find out why!

Mobile First…

Probably everyone has heard of “Mobile first”. This concept is not only something that SAP is promoting (Going Mobile at SAP), but also partners, customer and analysts like Gartner  or Forbes are clearly supporting this strategy.

The concept and idea are very clear: if you design applications to run on a mobile device with its small screen, then everything — the whole user interfacce — has to be simple and intuitive.

One of the most prominent examples of this strategy is SAP Fiori. Based on SAPUI5 beautiful and intuitive applications are created and extremely well accepted by our customers.

 

… does not mean mobile only

In a customer presentation that I attended some time ago I also heard this feedback. SAP Fiori is an extremly powerful step by SAP to address workers across devices: whether they work on a mobile, tablet or desktop. However, the customer continued saying:

“Mobile is sexy, but only 5% of our workers are using mobile devices (for their jobs). The majority of my users are still using a desktop”.

I thought of this as a very interesting statement. Obviously I am also using a mobile device, but looking at a “Day in my life”, I start with using my mobile device, but then I use lots of other different technologies to interact with SAP data — and in a lot of cases these different technologies are powered somehow by Microsoft.

“Don’t forget the desktop”

Still the data that I am accessing when working on my desktop is very often the same as the data which I need to access from my mobile device. So I would need to get SAP data in the tools that are running on my desktop.  And the desktop still is dominated in great numbers by Microsoft. Depending on which numbers you want to believe Windows is installed on 70% to 90% of desktops and Microsoft Office is running on over 1 billion devices world wide and is used in most organizations:

Having this in mind it is clear that “Mobile first does not mean mobile only“

Why don’t we take the concept and ideas — and actually the applications and scenarios — and make them available on the Microsoft desktop?

Using SAP data from within Microsoft Office

When you get a Purchase Order or Credit Memo and you are sitting in front of your Microsoft Outlook already writing an email — wouldn’t it be great to get this workflow directly as a Task in Outlook and be able to approve it from there?

For the business partners, that you just worked with on your tablet in you SAP Fiori application  — wouldn’t it be beneficial to have the very same contacts in your Microsoft Outlook?

Similar with the tracked time that you just viewed in your SAP Fiori My Timesheet app on your mobile device — wouldn’t it be good to have these dates also in your Microsoft Outlook Calendar?

94% of companies use Microsoft Office

Similar to Microsoft Windows, Microsoft Office is still the dominant productivity suite at our customers. Not necessarily always the latest and greatest version, but definitely Microsoft Office. So in addition to having the power and flexibility of SAP Fiori an integration in Microsoft Office would absolutely make sense. We could not only offer an additional user interface by bringing SAP data to known and used Microsoft UIs, but also improve user productivity by keeping the end-user in the UI that they are currenlty working with.

Going beyond these existing scenarios it can also make a lot of sense to empower the users to interact with data from SAP in a way they are already used to. When you think of mass data manipulation probably Microsoft Excel comes into your mind. So again this Microsoft based UI / tool could be the perfect choice for the end-users to work with data from SAP.

The challenges in integrating SAP to MSFT world

All these integrations have one fundamental problem. You have to make sure that the integration, the interoperability between these known applications and data from SAP is easy, quick and secure. A recent study by IDC stated that more and more hobby developers build applications. Developing applications is getting easier and easier with impressive and powerful tools such as Visual Studio. However, developing and designing applications for life can be complicated. Gartner looked at the overall total cost of ownership of such applications. A very important factor to the total cost of ownership is the very first design of the application. How easily is the data consumed? How flexible is the application? How are security concerns like SSO, tracing, monitoring and scalability aspects handled?

Keeping the hobby developers in mind and also surveys that show that only very few developers have security and “enterprise ready” know-how this is an issue.

Nexus of forces

The “nexus of forces” which Gartner started to highlight some time ago is a similar example of this. To quote:

“The Nexus of Forces is the convergence and mutual reinforcement of social, mobility, cloud and information patterns that drive new business scenarios. Although these forces are innovative and disruptive on their own; together they are revolutionizing business and society, disrupting old business models and creating new leaders. The Nexus is the basis of the technology platform of the future.”

from http://www.gartner.com/technology/research/nexus-of-forces/

This technology platform needs a basis that not only addressed these forces, but also makes sure this is done in a secure and enterprise compliant / ready manner.

SAP NetWeaver Gateway productivity accelerator for Microsoft!

Luckily this is exactly what SAP NetWeaver Gateway productivity accelerator for Microsoft addresses with the interoperability framework between SAP and Microsoft. The Microsoft developer can stick to their knowledge. They can build applications for Microsoft Outlook, for Excel, for any .NET based application. They can be hobby developers from the business who “just” leverage templates and tools from Visual Studio to build beautiful applications — SAP NetWeaver Gateway productivity accelerator for Microsoft takes care of the interoperability and enterprise ready aspects.

It gives IT the confidence and security that SAP NetWeaver Gateway productivity accelerator for Microsoft based applications adhere to certain design-patterns, leverage company wide security and supportability requirements. And help applications to be scalable from the very first POC for a few business users to the final roll-out to 10,000 users.

With this framework the business is all of sudden empowered to respond to critical changes in the workplace at their own speed. They don’t have to rely on IT to help — because IT has already provided the required framework to make these changes happen.

Optimizing the investments in Microsoft and SAP by providing a bridge that brings the two worlds together SAP NetWeaver Gateway productivity accelerator for Microsoft boosts workplace agility. This engagement initiative provides the business the flexibility they need to leverage existing skills, while still complying with corporate and IT regulations.

How to successfully make the 2 worlds of SAP and SharePoint meet

In essence, a ‘Duet Enterprise custom scenario’ development project is not different from other application development projects.

The customer – either the real end-user, or product management for package software -, has an idea about what to achieve and functional + non-functional (quality) requirements to underline the idea.

Often this idea is still vague, and the requirement set far from complete and on aspects also contradictionary.

The waterfall approach to yet start with application development (specify, build, test) typically ends up with wrong or failed end-results: the application does not live up to the real customer needs and expectations, and the budget is largely overrun as consequence of responding on the requirements changes.

The agile movement came up to improve on this bad practice. Central is the structural involvement of the user (representative) during the full course of the development project.

Continuous, the user is in the lead about the specifics and the behaviour of the application functionality to be delivered.

In Scrum, this responsibility is formalized within the product owner role.

Application mockup
A proven approach to enable the product owner to validate, correct, and ultimately confirm the application functionality is by make it experience, ‘touchable’.

Provide the product owner with a realistic impression of the application behavour + feature(s) that the project will build: a clickable prototype / mockup.

Based on multiple positive experiences (also within non-Duet Enterprise project, e.g. BI Dashboards), we strongly believe in the added value and power of application mockup. We regard the role of UX / UID expert crucial for customer involvement, and thus for delivering the correct application functionality.

Meeting of 2 worlds

Yet, a Duet Enterprise project also is very much different from ‘normal’ projects.
The cause lies with the meeting of 2 very different environments: IT technology, platform concepts, and human nature.

The tradional SAP environment is transaction oriented, with focus on structural business process executions.

The Microsoft environment, and in particular SharePoint, is far more loose. Ad-hoc processes are the norm, the individual user decides how to perform a specific (business) action. When these 2 worlds + thinking come together in a Duet Enterprise project, the first outcomes are often dramatic.

SAP versus SharePoint architects,
business analysts and developers do not understand each other (concepts).
Both ‘parties’ disagree on how and where (that is, on SAP or on SharePoint side) custom development should be done.

The personal preference on how to achieve the SAP+SharePoint integration is influenced by one’s own technology frames and familiair concepts.

This has the risk that the user is forgotten: the user interests must be central, deliver an optimal user experience.

Align through Blueprint Duet Enterprise scenario’s

To break through this, we utilize in our Duet Enterprise development process a blueprint step with the focus exclusive on the Duet Enterprise specific scenarios.

This blueprint is derived and agreed by a mixed group of SAP and SharePoint representatives. The goal of this step, and its endresult, is to come to a mutual understanding of the solution direction for each of the Duet Enterprise scenario’s.

Self-employed constraints are to stick as close to the standards of both the SAP business package and SharePoint platform. Where feasible, we do allow custom development.

Here we apply Duet Enterprise integration patterns that we have identified and defined: Consumer-oriented, Provider-oriented, and XML-Funneling pattern.

Of course, the discussion and preferences about where to make custom adjustments still manifest within the Duet Enterprise blueprinting step.

However, as it now has the full focus of all involved, mutual agreement is earlier and more effective reached. This is the so-called ‘workshop effect’.

Also, in this focused approach, comparable application situations are easier to recognize. And where so identified, the earlier agreed solution approach can be reused.

Starting point for the blueprint derivation is the User Interface Design as validated and confirmed by the product owner.
In the blueprint we derive and define per identified Duet Enterprise scenario the following pieces:

Global description of the scenario: screenshot of the mockup screen and textual explanation. The purpose is to facilitate on high level a common understanding of the functionality in the scenario.

There is no intend to compete with or replace use cases.
Derivation, explanation and justification of solution direction. At minimal explanation of the proposed solution direction.

But whenever applicable, also the rationale of why an alternative solution direction is dropped.

SAP building blocks: standard RFC’s, BAPIs; identification of needed custom SAP building blocks


Blueprint validation by Design Authority / Authorities

Justified mantra nowadays within SAP and Microsoft IT departments is to avoid unnecessary or otherwise avoidable custom development. Instead stick close to the standard delivered functionality of both landscapes.

It is also evident that fully excluding custom development is not feasible when you are developing company custom scenario’s.

We facilitate the consistency and continuity in the Duet Enterprise solution directions by confirming the blueprint to Duet Enterprise Rules, Conventions and Guidelines.

The Design Authorities of both SAP and Microsoft IT departments validate the blueprint against these agreements. Derivation can be allowed, but requires the formal approved of the respective Design Authority (SAP, Microsoft, and in some cases both).

SAP + SharePoint realizations based on the blueprint

With the blueprint accepted and delivered, from here on SAP and SharePoint teams in the project can start with their own development activities for the Duet Enterprise scenario’s.

Since representatives of the teams were involved in deriving the blueprint, the concrete software design + development can be done relatively independent of the other party.

Of course the data contract details of each SAP / Duet Enterprise interface are input for the SharePoint consumption.

Regular sharing the SAP design with the SharePoint developers can achieve this.

Building solutions on Duet Enterprise – What does this mean exactly?

Any kind of enterprise application can be built on top of Duet Enterprise, e.g. to support particular business activities for Product Lifecycle Management (PLM), Supply Chain Management (SCM), Customer Relationship Management (CRM), … etc .

However the idea here is not to rebuild application interfaces that already exist. Instead through Duet Enterprise we provide a set of application building blocks from which new kinds of solutions can be composed. We expect that these new kinds of solutions will enable collaboration, communications, or content management in Office and SharePoint in extension to the core SAP business processes.

The consumers of these solutions would be information workers who need access to SAP information and services as they perform their business activities, or who participate in business processes managed in SAP, but are not typically power users of the SAP interfaces.

The building blocks that we will provide through Duet include both functional building blocks (e.g. application components for SAP data models like Customer, Product, Employee, … etc.) , as well as infrastructural building blocks (e.g. for Reporting, Workflow, Collaboration, … etc.).

These infrastructural building blocks are what Christian described as ‘Ready To Use’ capabilities in his blog posting earlier.

So an example of a solution built on Duet Enterprise might be an extension to inventory management processes in SAP to allow ad-hoc collaboration and reporting in SharePoint around alerts and notifications raised from a warehouse or a factory floor.

However while Duet Enterprise provides a new set of building blocks, it does not add a new set of tools. Solution builders can leverage existing skillsets, and use standard tools like Visual Studio, SharePoint Designer, and ABAP Workbench. They would use these tools to compose these building blocks into new kinds of solutions that support a particular type of business activity.

This solution would typically combine ad-hoc collaboration in SharePoint with structured process in SAP, and bring in contextual business data and reports to support decision making for that activity.

Let us take a specific example. In today’s enterprises there are typically virtual teams to service key customer accounts. A particular account v-team would include employees who report into different organizational units, e.g. Sales, Marketing, Support … etc., and who work out of different geographic locations.  While organizationally separate, these v-teams need a way to collaborate among themselves, and to manage their working activities.

Out-of-the-box with Duet Enterprise we will ship a set of composites, one of which is the customer collaboration workspace for account teams. This will enable any person with access to account information in SAP, to browse the list of customer accounts within SharePoint, and for any account request access to a collaboration workspace.

This is a SharePoint site that gets auto-provisioned by the Duet Foundation the first time that the workspace is requested by a member of the account v-team, using the packaged composite that ships with Duet Enterprise. The site comes pre-wired with connections to SAP information and services.

For example the account v-team members can view and edit account related information that is managed by SAP, as well as view reports related to the account, and can take for granted that the Duet Foundation provides the integrated security and administrative support which is necessary to support such activities.

Now consider the design time experience to support the flow described above. The composite for the customer collaboration workspace which we provide in Duet Enterprise is a collection of building blocks that have been assembled together in a particular way. This provides a starting point for further customization and solution building.

For example, there is a set of web services that are exposed from within the Duet Enterprise SAP Add-on (e.g. Customer, Sales Contact, … etc.), there is a set of External Content Types provided for SharePoint (that map to the SAP web services), and there is a  SharePoint site definition which provides a template for the customer collaboration workspaces which are auto-provisioned for v-team members.

In addition there are SharePoint Features for the ready to use capabilities (e.g. Related Reports) that can be stapled to the Site Definition. So a solution builder can customize the composite by extending the web services and the external content types, by adding new SharePoint web parts or Features if needed, and by customizing the site definition files for the workspace, or even creating entirely new site definitions.

Finally the solution builder leverages hooks in the Duet Foundation to plug in these new or customized composites.

Duet Enterprise – Creating and Deploying a Mobile Adapter Class for Business Data Action Web Parts

Learn how to create a mobile adapter class to display mobile views for Business Data Action Web Parts.

In Microsoft SharePoint 2010, mobile views are available for both the Business Data Builder Web Part and the Business Data Item Web Part. In the Starter Services site of Duet Enterprise for Microsoft SharePoint and SAP, a mobile view is available for only the Business Data Item Web Part. You must define a mobile adapter class to make mobile views available for other Business Data Web Parts. This topic describes how to write a mobile adapter class for Business Data Action Web Parts.

Creating and Deploying a Mobile Adapter Class for Business Data Action Web Parts

---

The procedures in this section describe how to create and deploy a mobile adapter class for displaying Business Data Action Web Parts.

The following are the basic steps to create and deploy a mobile adapter class:

1. Create a mobile adapter class for Business Data Action Web Parts.
2. Edit the compat.browser file.
3. Register your adapter as a safe control.

To create a mobile adapter class for Business Data Action Web Parts

1. In Microsoft Visual Studio 2010, create a new class library project named DuetMobileCustomization. Add references to the System.Web assembly and Microsoft.SharePoint.dll assembly.
2. Add a using statement for the Microsoft.SharePoint.WebPartPages namespace. Depending on the details of your adapter implementation, add using statements for other namespaces. Commonly, mobile adapters make calls to types in the System.Web.UI.MobileControls namespace, Microsoft.SharePoint namespace, and Microsoft.SharePoint.MobileControls namespace.
3. Add a class named WebPartClassMobileAdapter, where WebPartClass is a placeholder for the name of the Web Part that you are adapting. For example, if you are adapting the BusinessDataActionsWebPart, name the adapter class BusinessDataActionsWebPartMobileAdapter. This class should inherit from the WebPartMobileAdapter class.
4. Add a namespace named MyCompany.SharePoint.WebPartPages.MobileAdapters. (Replace MyCompany with your company’s name.)
5. Copy the following code into the new BusinessDataActionsWebPartMobileAdapter class.
   C#

   Copy

   using System;
   using System.Collections;
   using System.Collections.Generic;
   using System.Globalization;
   using System.Security.Permissions;
   using System.Web;
   using System.Web.Security;
   using System.Web.UI.MobileControls;
   
   using Microsoft.BusinessData.MetadataModel;
   using Microsoft.BusinessData.MetadataModel.Collections;
   using Microsoft.BusinessData.Runtime;
   
   using Microsoft.SharePoint.Portal.MobileControls;
   using Microsoft.SharePoint.MobileControls;
   using Microsoft.SharePoint.Utilities;
   using Microsoft.SharePoint.WebControls;
   using Microsoft.SharePoint.WebPartPages;
   using Microsoft.SharePoint.Portal.WebControls;
   using Microsoft.Office.Server.Diagnostics;
   
   namespace Microsoft.SharePoint.WebPartPages
   {
       public class BusinessDataActionsWebPartMobileAdapter : WebPartMobileAdapter
       {

6. Because the WebPartMobileAdapter.Control property cannot be overridden, you might have to create a custom version of it by hiding and replacing it. You can do this by declaring a new Control property in your derived class by using the new keyword, as shown in the following example.
   C#

   Copy

   protected new BusinessDataActionsWebPart Control
           {
   [Microsoft.SharePoint.Security.SharePointPermission(System.Security.Permissions.SecurityAction.Demand, 
   ObjectModel = true)]
               get { return base.Control as BusinessDataActionsWebPart; }
           }

   For more information about how to create a custom version of WebPartMobileAdapter.Control and hiding and replacing it, and why you might have to do this, see the Control property.

7. If the default implementation of the CreateControlsForSummaryView method of the WebPartMobileAdapter class is not appropriate for mobile access to the Web Part in your specific implementation, override it. An override should create any necessary child controls and add them to the Controls collection in the order in which they should appear on a mobile device. The display should contain at least a small icon and a title for the summary view on a mobile device. If those are the only display elements that that you must have, you do not have to override the CreateControlsForSummaryView method. The WebPartMobileAdapter class contains two helper methods you can use to create your display: CreateWebPartIcon() and CreateWebPartLabel().When you must display more information than what appears in the default summary view (for example, when your adapted Web Part has multiple child items that are the same type), you can add a count of the total number of children to the summary view by placing a Label control after the icon and title. The following code shows how to do this.

   Note
   This example assumes that the custom Web Part that you are adapting has a Count property of type String that returns the total number of child items.

   C#

   Copy

   protected override void CreateControlsForSummaryView()
           {
               this.CreateControlsForWebPartHeader();
               this.CreateControlsForBusinessDataActions();
           }
   
           private void CreateControlsForWebPartHeader()
           {
               Image iconImage = this.CreateWebPartIcon(WebPartIconLink.NoLink);
               iconImage.BreakAfter = false;
               this.Controls.Add(iconImage);
               this.Controls.Add(this.CreateWebPartLabel());
           }
   
           private void CreateControlsForBusinessDataActions()
           {
               try
               {
                   IList<string> result = this.Control.SelectedActions;
                   try
                   {
                       if (this.Control.BdcEntity != null)
                       {
                           IList<IAction> displayActions = GetActionsToDisplay(this.Control.BdcEntity);
                           result = new List<string>();
   
                           foreach (IAction action in displayActions)
                           {
                               Link l = new Link();
                               l.Text = action.Name;
   // This example does not create the Parameter value. 
   // Add logic to set the action of the parameter before storing this value in the Link Navigation URL.
                               l.NavigateUrl = action.Url;
                               this.Controls.Add(l);
                           }
                       }
                   }
                   catch (MetadataException)
                   {
                       // Metadata error. Just default to returning the Web Part's selected Actions.
                       result = this.Control.SelectedActions;
                   }
               }
               catch (Exception e)
               {
                   throw e;
               }
           }
   private IList<IAction> GetActionsToDisplay(IEntity entity)
           {
               IList<IAction> result = new List<IAction>();
               INamedActionDictionary namedActionDictionary = entity.GetActions();
               if (namedActionDictionary.Count != 0)
               {
                   // First add all the currently selected actions.
                   foreach (string selectedActionName in this.Control.SelectedActions)
                   {
                       if (namedActionDictionary.ContainsKey(selectedActionName))
                       {
                           result.Add(namedActionDictionary[selectedActionName]);
                       }
                       // else
   
                   }
   
                   // Action may not be in the SelectedActions list,
                   // but the Web Part is configured to display new actions and
                   // this action is not one of the explicitly de-selected ones. Add it to UI.
                   if (this.Control.DisplayNewActions)
                   {
                       foreach (IAction action in namedActionDictionary.Values)
                       {
                           if (!result.Contains(action)
                               && !this.Control.DeselectedActions.Contains(action.Name))
                           {
   
                               result.Add(action);
                           }
                       }
                   }
               }
   
               return result;
           }
   
           public void cmd_Click(object sender, EventArgs e)
           {
               string CommandText = ((Command)sender).Text;
   
           }

8. If the default implementation of CreateControlsForDetailView is not appropriate for mobile access to the Web Part in your specific implementation, override it. The default implementation renders an icon and title followed by a message that states that there is no detailed view for the Web Part. If you have overridden the CreateControlsForSummaryView method and do not want to provide a detailed view, override CreateControlsForDetailView and have it do nothing, as shown in the following example.
   C#

   Copy

   protected override void CreateControlsForDetailView()
           {
               // No Detail View
           }

9. To change the icon that appears next to the Web Part title, override one or more of the following properties:
   • SummaryViewTitleIconUrl  The icon that appears next to the title when the Web Part is collapsed.
   • DetailViewTitleIconUrl  The icon that appears next to the title when the Web Part is expanded.
   • TitleIconUrl  The icon that appears next to the title when the mobile device does not support expand or collapse scripting.

   The code in the following example shows how to override the TitleIconUrl property. In this override, if the Web Part displays a list and the list has an icon of its own in its ImageUrl property, that icon is displayed.

   C#

   Copy

   protected override string TitleIconUrl
   {
       get
       { 
           SPContext context = SPContext.GetContext(HttpContext.Current);
   
           if (String.IsNullOrEmpty(context.List.ImageUrl))
           {
               return base.TitleIconUrl;
           }
           return context.List.ImageUrl;
       }
   }

10. Compile the assembly, give it a strong name, and then deploy it either to the global assembly cache or to the \BIN folder of the Web application on every front-end web server in the farm. To deploy it to the global assembly cache, ensure that GlobalAssemblyCache is selected in the Assembly Deployment Target of the Properties pane of your class library project in Visual Studio 2010. This topic assumes that you are deploying to the global assembly cache.

To edit the compat.browser file

1. In a text editor, open the compat.browser file that is located at \\Inetpub\wwwroot\wss\VirtualDirectories\port_number\App_Browsers\compat.browser, where port_number is the port of the web application. Scroll to the <browser> element that has the refID attribute value of default. This element will have a child element named <controlAdapters> that looks much like the code in the following example.
   XML

   Copy

   <controlAdapters>
     <adapter controlType="Microsoft.SharePoint.WebPartPages.XsltListViewWebPart, Microsoft.SharePoint, 
   Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
       adapterType="Microsoft.SharePoint.WebPartPages.XsltListViewWebPartMobileAdapter, Microsoft.SharePoint, 
   Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
     <adapter controlType="Microsoft.SharePoint.WebPartPages.ListViewWebPart, Microsoft.SharePoint, 
   Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
       adapterType="Microsoft.SharePoint.WebPartPages.ListViewWebPartMobileAdapter, Microsoft.SharePoint, 
   Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
     <adapter controlType="Microsoft.SharePoint.Applications.GroupBoard.WebPartPages.WhereaboutsWebPart, Microsoft.SharePoint, 
   Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
       <adapter controlType="Microsoft.SharePoint.Applications.GroupBoard.WebPartPages.WhereaboutsWebPart, Microsoft.SharePoint, 
   Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
                        adapterType="Microsoft.SharePoint.Applications.GroupBoard.WebPartPages.WhereaboutsWebPartMobileAdapter, Microsoft.SharePoint, 
   Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
               <adapter controlType="Microsoft.SharePoint.WebPartPages.ImageWebPart, Microsoft.SharePoint, 
   Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
                        adapterType="Microsoft.SharePoint.WebPartPages.ImageWebPartMobileAdapter, Microsoft.SharePoint, 
   Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
   </controlAdapters>

2. Add an <adapter> element as a child of the <controlAdapters> element. This child element maps your adapter class to the custom Web Part that it adapts. Notice that both the controlType attribute and adapterType attribute are required. The value for both should be the fully qualified name of the class and the four-part name of the assembly. To obtain your adapter assembly’s public key token, in Visual Studio 2010 on the Tools menu, click Get Assembly Public Key. For another way to obtain the public key token, see How to: Create a Tool to Get the Public Key of an Assembly (http://msdn.microsoft.com/en-us/library/ee539398.aspx). For more information about this XML markup, see Browser Definition File Schema (browsers Element) (http://msdn.microsoft.com/en-us/ms228122.aspx). The following code shows one example of an <adapter> element.
   XML

   Copy

   <adapter controlType="Microsoft.SharePoint.Portal.WebControls.BusinessDataActionsWebPart, 
   Microsoft.SharePoint.Portal, 
   Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" 
   adapterType="Microsoft.SharePoint.WebPartPages.BusinessDataActionsWebPartMobileAdapter, MobileCustomization, 
   Version=1.0.0.0, Culture=neutral, PublicKeyToken=<assemblyPublic Key>" />

   Note

   To deploy your adapter class to a server farm, you must change the compat.browser file as described earlier on every front-end web server. Do not overwrite the existing compat.browser file with a compat.browser file of your own because this might cancel adapter mappings that are made by other Microsoft SharePoint 2010 solution providers. Consider deploying the adapter as part of a SharePoint 2010 Feature. In the FeatureActivated event handler, create a timer job that adds the required <adapter> element to the compat.browser file on every front-end web server. For detailed information about programmatically editing the compat.browser file on all servers by using a timer job, see How to: Run Code on All Web Servers (http://msdn.microsoft.com/en-us/library/ff464297.aspx).

To register your adapter as a safe control

1. In your Visual Studio 2010 project, add an XML file named webconfig.CompanyName.xml, where CompanyName is the name of your company or another name that is not likely to be used by any other SharePoint Foundation 2010 solution providers.

   Tip

   We recommend that you register your adapter by deploying it inside a SharePoint 2010 solution. The steps in this section are required only if your development computer is a single front-end web server. A SharePoint 2010 solution enables you to register controls as safe on all front-end web servers when your solution is deployed. For more information about using solution deployment to register controls as safe, see Solutions Overview (http://msdn.microsoft.com/en-us/library/aa543214.aspx), Manually Creating Solutions in SharePoint Foundation (http://msdn.microsoft.com/en-us/library/aa543741.aspx), and Solution Schema (http://msdn.microsoft.com/en-us/library/ms442108.aspx).

2. Add an <action> element that follows the model in the example below to the file. The TypeName attribute of the <SafeControl> element can be the name of your adapter class, such as UserTasksWebPartMobileAdapter. If you have multiple adapter classes in the same namespace, you can use an asterisk (*) as the value of TypeName.
   XML

   Copy

   <action>
      <add path="configuration/SharePoint/SafeControls">
       <SafeControl
         Assembly=" MobileCustomization, Version=1.0.0.0, Culture=neutral, PublicKeyToken=<myPublicKeyToken>"
         Namespace="Microsoft.SharePoint.WebPartPages"
         TypeName="*"
         Safe="True"
         AllowRemoteDesigner="True"
       />
     </add>
   </action>

   Caution
   Using an asterisk (*) as the value of TypeName makes every class in the namespace a safe control. If you have some classes in the assembly that should not be designated as safe, move them to a different assembly or avoid using the asterisk (*) value.

   For more information about the <SafeControl> element and web.config files, see How to: Create a Supplemental .config File (http://msdn.microsoft.com/en-us/library/ms439965.aspx) and Working with Web.config Files (http://msdn.microsoft.com/en-us/library/ms460914.aspx).

3. Save the file. You must now copy it to the %ProgramFiles%\Common Files\Microsoft Shared\web server extensions\14\CONFIG folder on your development computer. The simplest way to do this on your development computer is to add the following lines to a post-build event command line or to a batch file script.
   Copy

   xcopy /y webconfig.MyCompany.xml "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\CONFIG"
   stsadm –o copyappbincontent

   Note
   This code assumes that you have followed the recommendations in How to: Add Tool Locations to the PATH Environment Variable (http://msdn.microsoft.com/en-us/library/ee537574.aspx).

   The copyappbincontent Stsadm.exe command performs the action defined by the <action> element in your Web configuration .xml file. In this case, it inserts the new <SafeControl> element of your adapter into the web.config file at the root of the web application. It first removes any existing <SafeControl> elements for the adapter. This lets you rerun the Stsadm command with every build without creating duplicate <SafeControl> elements.) For more information about Stsadm, see Stsadm command-line tool (http://msdn.microsoft.com/en-us/library/cc288981(office.12).aspx).

 

How to : Configure a Customer or Product workspace for offline availability using Duet Enterprise and SAP

In the Duet Enterprise Web site, an entity workspace contains one or more lists with data from an SAP backend. For example, the Products workspace has a list of products, or the Customers workspace has a list of customers, contacts, inquiries and quotations list.

Working with an entity workspace offline gives you more flexibility to use the workspace data. For example, if you configure the Customer workspace for offline availability, you can consolidate your business contacts from SAP with your other Outlook contacts in Outlook 2010. You can then use Outlook 2010 more effectively for corresponding with business contacts and customers.

To make a workspace available offline, first create a downloadable package (called a BCS solution) that contains several important elements, such as lists of workspace data, task panes, and actions.

Lists In the Customers workspace, two lists are available for offline use—Customers and Contacts.

Task pane A workspace task pane is a window that provides information about another workspace element, or about options to perform a task. For example, a task pane can show details of a contact or a product.

Actions A task (such as Open Workspace) that you are able to perform related to a workspace.

In Outlook 2010, task panes and actions enable an interactive experience of connecting and working with the information in a workspace. By default, Duet offers a few pre-defined task panes and actions. However, if the default ones do not meet your needs, you can add customized task panes and actions. Customized task panes and actions add functionality to the offline experience in Outlook 2010. For example, you can create a task pane that lists the quotations and inquiries related to a customer, or an action to open an email template or reports for a particular contact, and so on.

Note The Connect to Outlook option in a SharePoint 2010 site only enables you to take the list data in a workspace offline, and not task panes and actions.
Step 1: Enable libraries and upload building block files to the site collection

Building block files are source files for the task panes, actions, and other core files that you need to package together to enable the workspace to function offline in Outlook 2010. First, you have to upload these source files to the site collection. Later in the process, you create a package of building block files to download to Outlook 2010.

To configure a workspace for offline use, three types of building block files are important.

A BCS Solution Task Pane file, which is an Extensible Markup Language (XML) file. You can use the task pane file that duet provides, or use a custom file.
A Business Data Action file, which is also an XML file. You can use the default action file or use a custom file.
The Dynamic Linked Library (DLL) file that implements the task pane and action.

Note If you are unsure of the location or the name of the file, contact your server administrator.
Enable libraries on the site collection

First, you have to enable the libraries on the site collection that stores these building block files. The following steps describe how to enable libraries:

From the Site Actions menu, click Site Settings.
Under Site Collection Administration, click Site collection features.

Note If the Site collection features option does not appear, then click Go to top level settings option under Site Collection Administration. The Site Collection Features option will now appear.

On the Features page, against BCS Solution Galleries, click Activate.

You are now ready to upload the source files to the site collection starting with the DLL file.
Upload the building block files to the site collection

Click Site Collection Administration on the breadcrumb navigation at the top of the page.
On the Site Settings page, under BCS Solution Galleries, click Application Assemblies.
On the All Documents page, click Add document. Then in the Upload Document window, click Browse to navigate to the DLL file, and then click OK.
On the Site Actions menu, click Site Settings.
On the Site Settings page, under BCS Solution Galleries, click Task panes.
On the All Documents page, click Add document. Then in the Upload Document window, click Browse to navigate to the task pane file (for example, ContactDetails.xml), and then click OK.
On the Site Actions menu, click Site Settings.
On the Site Settings page, under BCS Solution Galleries, click Business data actions.
On the All Documents page, click Add document. Then in the Upload Document window, click Browse to navigate to the action file (for example, CollabOnAction.xml), and then click OK.

Step 2: Build the BCS solution

A BCS solution is a package of downloadable files that enable specific functionality. In this case, the BCS solution contains a collection of files that together enable elements of a Duet workspace to function offline. It includes workspace lists, BCS Solution Task Panes, and BCS Data Actions. When you create a BCS Solution, the resulting objects are called BCS Solution Artifacts.

To build a BCS solution, you have to follow these steps:

Configure a setting that will make the workspace available offline in Outlook 2010.
Add the BCS Solution Task Pane files for the workspace.
Add the Business Data Action files for the workspace.
Generate the BCS Solution Artifacts.

Note If you are unsure of what files to use or where they are located, contact your server administrator.
Configure a workspace for offline availability

Open the Customers collaboration space.
From the Site Actions menu, click Site Settings.
On the Site Settings page, under Site Actions, click Manage site features.
On the Features page, locate the BCS Solution Design Feature and click Activate.
Click Site Settings on the breadcrumb navigation at the top of the page.
On the Site Settings page, under Duet Enterprise Administration, click Outlook Application Designer.
On the Outlook Application Designer page, under External Lists, click Contacts.
On the Outlook settings page, under List Settings, click Outlook Client Settings.
In the Edit Outlook settings for this external list dialog box, select the Offline this external list to Outlook and Auto generate Outlook forms check boxes and click OK.
(Optional) Repeat steps 7 to 9 for configuring another workspace.

You are ready to upload the task pane files for the workspace.
Upload the Business Data Task Pane files for the workspace

Note If you are unsure of what files to use or where they are located, contact your server administrator.

On the Outlook settings page, under Task Panes, click Add from Business Data Task Panes Gallery.
In the Add task pane page, do the following:

In Select a task pane, select a task pane from the available task panes.
In Display properties, enter a display name and a tool tip for the task pane. A tool tip is the text that appears when you hover over the task pane in Outlook 2010.
In Default task pane, select Make this the default task pane if you want to make the selected task pane as the default task pane.
Click OK.
(Optional) Repeat the previous steps to upload additional task panes.

Note If you do not see any task panes listed, it might mean that your site administrator has not uploaded the task pane files to the site collection. Contact your site administrator.

You are now ready to upload the action files for the workspace.
Upload the Business Data Action files for the workspace

On the Outlook settings page, under Business Data actions, click Add from Business Data Actions Gallery.
On the Add business data actions page, do the following:

In Select a business data action, select an action from the available actions.

Note If you do not see any actions listed, it might mean that your site administrator has not uploaded the action files to the site collection. Contact your site administrator.

In Display properties, enter a display name Open Customer Workspace and a tool tip for the action. The tool tip text appears when you hover over the task pane in Outlook 2010.
Click OK.
In Map business data action parameters, select a field from the dropdown menu of entity fields.
Click OK.
(Optional) Repeat steps 25 and 26 for adding more action files.

Generate the BCS Solution Artifacts

The next step is to generate the BCS Solution Artifacts. A BCS Solution Artifact is a software object that collects elements of the solution into a logical unit that the system can process.

On the Outlook settings page, click Back to the Outlook Application Designer page.
Click Generate BCS Solution Artifacts.
Click OK when you get a message that the operation is successfully completed.

Step 3: Generate the BCS Solution and open in Outlook 2010

Once you have generated the BCS Solution Artifact, you or other users with the necessary permissions can generate the BCS Solution and download the solution in Outlook 2010.

On the Site Actions menu, click Generate BCS Solution.
On the Generate BCS Solution page, in Certificate, select a certificate, and then click OK.

Note If the OK button is not available, it means that the farm administrator has not uploaded the necessary certificates to the Trusted Publishers and Trusted Root Certification Authorities stores in the farm. Contact your server administrator for further assistance.

Click OK in the Web page to confirm when the operation completes successfully.

Duet Enterprise opens the All Documents page, where you can download the solution in Outlook 2010. In the All Documents page, you can even manage permissions for the solution. This means you can add users who can download the solution in Outlook 2010, or even remove users.
Download the solution in Outlook 2010

On the Site Actions menu, select Download BCS Solution. Click Allow.
On the Microsoft Office Customization Installer dialog box, click Close.

The Contacts list now opens automatically in Outlook 2010. In Outlook 2010, you can view and update contact details, email contacts, or open a customer workspace corresponding to a contact.

Follow these steps to work with contacts:

In Outlook 2010, double-click a contact in the contacts list.
On the contact details window, click the Duet Enterprise tab, and click View SAP actions. The View SAP actions option displays the task pane and action that we added in the earlier steps.

View SAP actions

Do one of the following:

Click Show Details Task Pane to view the contact details task pane. The task pane displays the contact’s full name and the title. By default, the task pane is docked to the contact details window, and this position might prevent you from viewing the full details. You can undock it by clicking the dropdown appearing next to Customers, and then clicking Move.

Customers task pane in Outlook 2010

Click Open Customer Workspace to open the customer workspace on the Duet Enterprise Web site for the selected contact.

Each time you open Outlook 2010, a synchronization window opens automatically to show that Outlook 2010 is synchronizing with the workspace on the Duet Enterprise Web site.