sap-tutorials
diff --git a/‎tutorials/hxe-ua-configure-security/hxe-ua-configure-security.md‎
Lines changed: 133 additions & 0 deletions b/‎tutorials/hxe-ua-configure-security/hxe-ua-configure-security.md‎
Lines changed: 133 additions & 0 deletions
diff --git a/‎tutorials/hxe-ua-getting-started-binary/hxe-ua-getting-started-binary.md‎
Lines changed: 101 additions & 0 deletions b/‎tutorials/hxe-ua-getting-started-binary/hxe-ua-getting-started-binary.md‎
Lines changed: 101 additions & 0 deletions
diff --git a/‎tutorials/hxe-ua-getting-started-vm/HXE_hdb_info.PNG‎
16.5 KB b/‎tutorials/hxe-ua-getting-started-vm/HXE_hdb_info.PNG‎
16.5 KB
@@ -0,0 +1,133 @@
+---
+title: Configure SAP HANA, express edition Security
+description: Your SAP HANA, express edition installation has several preconfigured security settings. Before using SAP HANA, express edition, complete these security tasks.
+tags: [  tutorial>beginner, topic>HXE, products>sap-hana,-express-edition ]
+---
+## Prerequisites  
+ - **Proficiency:** Beginner
+ - **Tutorials:** [Start Using SAP HANA, express edition](http://go.sap.com/developer/tutorials/hxe-ua-getting-started-vm.html)
+
+## Next Steps
+ - Select a tutorial from the [Tutorial Navigator](http://go.sap.com/developer/tutorial-navigator.html) or the [Tutorial Catalog](http://go.sap.com/developer/tutorials.html)
+
+## Details
+### You will learn  
+How to perform security tasks to ensure that your security settings are not known outside your organization. You will learn how to apply the HXE license to ensure your installation keeps working after the default grace period expires.
+
+### Time to Complete
+**15 Min**.
+
+---
+
+### Apply the HANA, express-edition license key
+If you don’t apply the license, your SAP HANA, express edition will stop working after the default grace period of 60-90 days. If you have SAP HANA Studio or the HANA Studio eclipse plugin then begin at **Using Studio**. Otherwise proceed to **Using HDBSQL**.
+
+### Applying the License Key with HANA Studio
+
+#### Obtain your hardware key
+If you are using the SAP HANA Studio eclipse plugin, you can do the following.
+1. Start SAP HANA studio.
+2.	On the Systems tab, select SYSTEMDB@HXE (SYSTEM).
+3.	View properties for SYSTEMDB@HXE (SYSTEM).
+4.	Select License properties. Open the System License tab.
+5.	Make a note of the Hardware Key value.
+
+#### Order your license key
+1. Go to [sap.com/minisap](http://sap.com/minisap) and fill out all required information.
+2.	For System ID, select HXE.
+3.	For Hardware Key, enter the hardware key value you recorded earlier.
+4.	Submit the form. The license key is emailed to you.
+5.  Save the license key file to your hard disk under the name `HXE.txt`.
+
+#### Apply the license key
+1.	In SAP HANA studio, view properties for SYSTEMDB@HXE (SYSTEM).
+2.	Select License properties. Open the System License tab.
+3.	Click Delete License Key to delete any existing licenses.
+4.	Click Install License Key.
+5.	Navigate to your license file and select it.  
+After confirmation, the properties page refreshes with your new license information.
+6. Proceed to **Change the SSFS Master Keys**
+
+### Applying the License Key with HDBSQL
+
+#### Obtain your hardware key
+1. Login in to your HANA, express edition as `hxeadm`.
+2.	Enter the following command:
+
+    `hdbsql -u system -p <your password> -d SystemDB "SELECT HARDWARE_KEY FROM M_LICENSE"`
+
+3.	Copy or otherwise record the value returned for `HARDWARE_KEY`
+
+#### Order your license key
+1. Go to [sap.com/minisap](http://sap.com/minisap) and fill out all required information.
+2.	For System ID, select HXE.
+3.	For Hardware Key, enter the hardware key value you recorded earlier.
+4.	Submit the form. The license key is emailed to you.
+5.  Save the license key file to your hard disk under the name `HXE.txt`.
+
+#### Apply the license key
+
+1.	Make a directory on your HXE machine to store the license.
+
+    `mkdir ~/license`
+
+    This command will make the directory `/usr/sap/HXE/home/license`
+2. If you do not have an SCP client, please download and install one. There are several very good open source `scp` clients available for Windows, Mac and Linux. Copy the file from your hard disk to the `/usr/sap/HXE/home/license` directory.
+3. Issue the following command to install the license key.
+
+    `hdbsql -u system -p HANAhxe2 -d SystemDB -I '/usr/sap/HXE/home/license/HXE_License.txt'`
+
+4.	Confirm that the license key was installed by issuing the following command.
+
+    `hdbsql -u system -p HANAhxe2 -d SystemDB "select hardware_key, expiration_date from m_licenses"`
+
+ The expiration date should be one year from today.
+5. Proceed to **Change the SSFS Master Keys**.
+
+
+### Change the SSFS Master Keys
+1. Log on to the HANA system as **`hxeadm`** and shut the system down using the `sapcontrol` program:  
+**/`usr/sap/hostctrl/exe/sapcontrol` -nr 00 –function Stop**
+2. Re-encrypt the master key of the instance SSFS:  
+**`RSEC_SSFS_DATAPATH`=/`usr`/sap/`HXE`/`SYS`/`global`/`hdb`/security/`ssfs`
+export `RSEC_SSFS_DATAPATH`
+`RSEC_SSFS_KEYPATH=/usr/sap/HXE/SYS/global/hdb/security/ssfs rsecssfx changekey` $(`rsecssfx generatekey -getPlainValueToConsole`)**
+3. Add following to the end of /`usr`/sap/`HXE`/`SYS`/`global`/`hdb`/custom/`config`/`global.ini`:  
+**[cryptography]
+`ssfs_key_file_path = /usr/sap/HXE/SYS/global/hdb/security/ssfs`**
+4. Re-encrypt the system PKI SSFS with a new key - HDB start:  
+**`RSEC_SSFS_DATAPATH=/usr/sap/HXE/SYS/global/security/rsecssfs/data`  
+`export RSEC_SSFS_DATAPATH  RSEC_SSFS_KEYPATH=/usr/sap/HXE/SYS/global/security/rsecssfs/key rsecssfx changekey  $(rsecssfx generatekey -getPlainValueToConsole)`**
+5.	Restart the system:  
+**/`usr/sap/hostctrl/exe/sapcontrol` -nr 00 -function Start**
+
+For more information, see the [Change the SSFS Master Keys](https://help.sap.com/saphelp_hanaplatform/helpdata/en/58/1593c48739431caaccc3d2ef55c23f/frameset.htm) topic in the *SAP HANA Administration Guide*.
+
+### Change the Root Key
+Change the root key of your installation.
+1. Log on to the HANA system as **`hxeadm`** and shut the system down using the `sapcontrol` program:  
+**/`usr/sap/hostctrl/exe/sapcontrol` –nr 00 –function Stop**
+2. Generate a new root encryption key using the **`hdbnsutil`** program:  
+**cd /`usr/sap/HXE/HDB00/exe`  
+./`hdbnsutil` -`generateRootKeys` --type=`DPAPI`**
+3. Restart the system:  
+**/`usr/sap/hostctrl/exe/sapcontrol` -nr 00 -function Start**
+4. Reset the consistency information in the SSFS using the `hdbcons` program:  
+**cd /`usr/sap/HXE/HDB00/exe`
+./`hdbcons "crypto ssfs resetConsistency`" -e `hdbnameserver`**
+5. You have 20 seconds to rerun the command again to completely rewrite `ssfs` consistency information:  
+**./`hdbcons` -e `hdbnameserver` "crypto `ssfs resetConsistency`"**
+6. Change all application keys so that they are encrypted with the new root key by using SAP HANA studio or SAP HANA HDBSQL:  
+**ALTER SYSTEM APPLICATION ENCRYPTION CREATE NEW KEY**
+
+For more information, see the [Change the Root Key of the Internal Data Encryption Service](https://help.sap.com/saphelp_hanaplatform/helpdata/en/8f/bb69c47c224b3292ba078684f176e3/frameset.htm) topic in the *SAP HANA Server Installation and Update Guide*.
+
+### Deactivate the SYSTEM user
+1. Log in as SYSTEM user to create a user with the USER ADMIN system privilege:  
+**/`usr`/sap/HXE/HDB00/`exe/hdbsql -d SystemDB` -u SYSTEM -p <SYSTEM_PWD> "CREATE USER `MyAdminUser` PASSWORD <`MyAdminUserPwd`> NO `FORCE_FIRST_PASSWORD_CHANGE`;"  
+/`usr`/sap/HXE/HDB00/`exe/hdbsql` -d `SystemDB` -u SYSTEM -p <SYSTEM_PWD> "GRANT USER ADMIN to `MyAdminUser` WITH ADMIN OPTION ;" **
+2.	Log in as **`MyAdminUser`** to deactivate SYSTEM:  
+**/`usr`/sap/HXE/HDB00/`exe`/`hdbsql` -d `SystemDB` -u `MyAdminUser` -p <`MyAdminUserPwd`> "ALTER USER SYSTEM DEACTIVATE USER NOW;"**
+
+## Next Steps
+ - Select a tutorial from the [Tutorial Navigator](http://go.sap.com/developer/tutorial-navigator.html) or the [Tutorial Catalog](http://go.sap.com/developer/tutorials.html)
@@ -0,0 +1,101 @@
+---
+title: Getting Started with SAP HANA, express edition (Binary Installer Method)
+description: Explore how to connect to the SAP Web IDE for SAP HANA, Express Edition to start developing your project.
+tags: [  tutorial>beginner, products>sap-hana ]
+---
+## Prerequisites
+- Install SAP HANA, express edition. See [Installing Binary](http://go.sap.com/developer/tutorials/hxe-ua-installing-binary.html).
+
+## Next Steps
+ - Select a tutorial from the [Tutorial Navigator](http://go.sap.com/developer/tutorial-navigator.html) or the [Tutorial Catalog](http://go.sap.com/developer/tutorials.html)
+
+## Details
+### You will learn
+How to configure the binary install of SAP HANA, express edition.
+
+For troubleshooting information, see [SAP HANA, express edition Troubleshooting](http://go.sap.com/developer/how-tos/hxe-ua-troubleshooting.html).
+### Time to Complete
+**20 Min.**
+---
+### Record Your System's IP address
+
+1. In a terminal, enter: `/sbin/ifconfig`.
+2. The IP address is listed under the `eth0 interface` as `inet addr`. In the following example, the IP address is 10.172.90.53:
+
+  `etho Link encap:Ethernet HWaddr 00:0C:29:06:1F:93 inet addr:10.172.90.53`
+
+### Test Your Server installation
+
+1. In a terminal, enter: `HDB info`. The following services must be running:
+  * `hdbnameserver`
+  * `hdbcompileserver`
+  * `hdbpreprocessor`
+  * `hdbwebdispatcher`
+  * `hdbdiserver` (if XSA is installed)
+  * `XS services` (if XSA is installed)
+2. If any services are not running, enter `HDB start`. When the prompt returns, the system is started.
+
+### Test XSC, XSA, and Web IDE
+
+1. Check if XSC is working by going to the following URL:
+  `http://<ip-address-of-VM>:8000`
+2. Check if XSA is working:
+  a. In a terminal, use the following command to log into XSA services:
+  `xs login -u XSA_ADMIN -p <password>`
+  b. View a list of XSA applications using: `xs apps`
+  c. Confirm that `webide` shows in the list of XSA applications. Note the URL for it.
+3. Open the URL for Web IDE in a browser to confirm that it loads.
+
+### Install Eclipse and SAP HANA Tools
+
+#### Prerequisites
+* Confirm that your machine meets the system requirements for SAP HANA Tools, listed at [https://tools.hana.ondemand.com/#hanatools](https://tools.hana.ondemand.com/#hanatools)
+
+
+1. Download and install Eclipse Mars from [https://eclipse.org/downloads/](https://eclipse.org/downloads/), selecting one of the following packages:
+  * Eclipse IDE for Java EE Developers
+  * Eclipse IDE for Java Developers
+2. Open Eclipse and select a workspace.
+3. Install SAP HANA Tools:
+  a. Select _Help > Install New Software_
+  b. In the **Work with** field, enter https://tools.hana.ondemand.com/mars and click Add.
+  c. In the **Name** field, enter SAP HANA, express edition.
+  d. Expand the **SAP HANA Tools** node.
+  e. Select **SAP HANA Administrator (Developer Edition)**.
+  f. Accept the installation wizard prompts and restart Eclipse.
+  g. Select _Window > Perspective > Open Perspective > Other_.
+  h. Select the **SAP HANA Administration Console** perspective.
+4. Add the SAP HANA, express edition system:
+  a. On the **Systems** view, right-click and select **Add System**, or click the **Add System** button.
+  b. Enter the following information and click **Next**:
+    * Host Name: the IP address for your system
+    * Instance Number: 00
+    * Mode: Multiple containers, System database
+  c. Select Authentication by database user and enter the credentials for your SYSTEM user. Click **Finish** to connect.
+
+### Obtain and Apply a License Key
+
+1. Obtain your hardware key:
+  a. In Eclipse, connect to your system.
+  b. In the **Systems** view, right-click on your system and select **Properties**
+  c. Select **License**, then the **System License** tab.
+  d. Make a note of your hardware key.
+2. Order your license key:
+  a. In a browser, go to [http://www.sap.com/minisap](http://www.sap.com/minisap) and complete the form.
+  b. For **System ID**, select **HXE - SAP HANA, express edition (32 GB)**.
+  c. For **Hardware Key**, enter the hardware key for your system.
+  d. Submit the form. The license key is emailed to you.
+3. Apply the license key:
+  a. In Eclipse, click **Delete License Key** to remove existing licenses.
+  b. Click **Install License Key** and select the license key file.
+
+### Deactivate the SYSTEM user
+
+1. In a terminal, create a new admin user with the USER ADMIN system privilege:
+`/usr/sap/HXE/HDB00/exe/hdbsql -d SystemDB -u SYSTEM -p <SYSTEM-password> "CREATE USER <admin-username> PASSWORD <admin-password> NO FORCE_FIRST_PASSWORD_CHANGE;"
+/usr/sap/HXE/HDB00/exe/hdbsql -d SystemDB -u SYSTEM -p <SYSTEM-password> "GRANT USER ADMIN TO <admin-username> WITH ADMIN OPTION;"`
+2. Use the new admin user to deactivate the SYSTEM user:
+`/usr/sap/HXE/HDB00/exe/hdbsql -d SystemDB -u <admin-username> -p <admin-password> "ALTER USER SYSTEM DEACTIVATE USER NOW;"`
+
+## Next Steps
+ - Select a tutorial from the [Tutorial Navigator](http://go.sap.com/developer/tutorial-navigator.html) or the [Tutorial Catalog](http://go.sap.com/developer/tutorials.html)