Best Practices regarding AIA and CDP extensions

Similar Messages

• Best Practice regarding using and implementing the pref.txt file

  Hi All,
  I would like to start a post regarding what is Best Practice in using and implementing the pref.txt file. We have reached a stage where we are about to go live with Discoverer Viewer, and I am interested to know what others have encountered or done to with their pref.txt file and viewer look and feel..
  Have any of you been able to add additional lines into the file, please share ;-)
  Look forward to your replies.
  Lance

  Hi Lance
  Wow, what a question and the simple answer is - it depends. It depends on whether you want to do the query predictor, whether you want to increase the timeouts for users and lists of values, whether you want to have the Plus available items and Selected items panes displayed by default, and so on.
  Typically, most organizations go with the defaults with the exception that you might want to consider turning off the query predictor. That predictor is usually a pain in the neck and most companies turn it off, thus increasing query performance.
  Do you have a copy of my Discoverer 10g Handbook? If so, take a look at pages 785 to 799 where I discuss in detail all of the preferences and their impact.
  I hope this helps
  Best wishes
  Michael Armstrong-Smith
  URL: http://learndiscoverer.com
  Blog: http://learndiscoverer.blogspot.com

• How can i get best practice for SD and MM

  Please, can any body tell me how can i get best practices for SD and MM for functional approach?
  Thanks
  Utpal

  Hello Utpal,
  I am really surprised, in just 10 minutes you searched that site and found it not useful. <b>Check out my previous reply "you will not find screen shot in this but you can add it in this"</b>
  You will not find readymade document, you need to add this as per your requirement.
  btw, the following link gives you some more link for new SAP guys, this will be helpful. <b>Check out HOW to BASIC transaction</b>
  New to Materials Management / Warehouse Management?
  Hope this helps.
  Regards
  Arif Mansuri

• SAP RAR - Best Practice ECC,CRM and BW systems

  Hi All
  i have the requirement to configure RAR for the systems ECC,CRM and BW systems . Each system has only one client . whats the best practice regarding using the rules against each system . i am assuming the rules will be the same irrespective of the system but when i see the names of the initial files , they are system specific . can anybody elloborate around this . thanks
  Regards
  Prasad

  Prasad,
  To build on Chinmaya's explanation, make sure you use a logical system for CRM, BI, and ECC for the basis portion of the rule set (and only the basis portion).  This will keep you from duplicating your rules to meet your basis requirements.  The other rules should be attributed to the individual systems (or additional logical systems if including mult landscapes, ex. Dev, QA, and Prod ECC merged into one ECC logical system).

• DNS best practices for hub and spoke AD Architecture?

  I have an Active Directory Forest with a forest root such as joe.co and the root domain of the same name, and root DNS servers (Domain Controllers) dns1.joe.co and dns2.joe.co
  I have child domains with names in the form region1.joe.com, region2.joe.co and so on, with dns servers dns1.region1.joe.co and so on.
  Each region has distribute offices that may have a DC in them, servers named in the form dns1branch1.region1.joe.co
  Over all my DNS tests out okay, but I want to get the general guidelines for setting up new DCs correct.
  Configuration:
  Root DC/DNS server dns1.joe.co adapter settings points DNS to itself, then two other root domain DNS/DCs dns2.joe.co and dns3.joe.co.
  The other root domain DNS/DCs adapter settings point to root server dns1.joe.co and then to itself dns2.joe.co, and then 127.0.0.1
  The regional domains have a root dns server dns1.region1.joe.co with adapter that that points to root server dns1.joe.co then to itself.
  The additional region domain DNS/DCs adapter settings point to dns1.region1.joe.co then to itself then to dn1.joe.co
  What would you do to correct this topology (and settings) or improve it?
  Thanks in advance
  just david

  Hi,
  According to your description, my understanding is that you need suggestion about your DNS topology.
  In theory, there is no obvious problem. Except for the namespace and server plaining for DNS, zone is also needed to consideration. If you place DNS server on each domain and subdomain, confirm that if the traffic browsed by DNS will affect the network performance.
  Besides, fault tolerance and security are also necessary.
  We usually recommend that:
  DC with DNS should point to another DNS server as primary and itself as secondary or tertiary. It should not point to self as primary due to various DNS islanding and performance issues that can occur. And when referencing a DNS server on itself, a DNS client
  should always use a loopback address and not a real IP address. detailed information you may reference:
  What is Microsoft's best practice for where and how many DNS servers exist? What about for configuring DNS client settings on DC’s and members?
  http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx#dnsbest
  How To Split and Migrate Child Domain DNS Records To a Dedicated DNS Zone
  http://blogs.technet.com/b/askpfeplat/archive/2013/12/02/how-to-split-and-migrate-child-domain-dns-records-to-a-dedicated-dns-zone.aspx
  Best Regards,
  Eve Wang
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Best Practices regarding program RCOCB004

  Dear Colleagues
  I'd like to discuss the Best Practices regarding the setup of jobs to send Process Messages
  In my company we have a batch job with two steps. Each steps contain one variant of program RCOCB004.
  The first step will send messages with Status "To be sent", "To be resubmitted" and "To be resubm. w/warng"
  The second step will send messages with Status "Destination Error", "Terminated", "Incomplete"
  However, this job sometimes fails with error "Preceding job not yet completed (plant US07)"
  I'd like to discuss what is best way to set up this job in order to avoid this error and also improve performance.
  Thanks and Regards

  Dear,
  To keep the number of message logs in the system low, proceed as follows:
        1. Check the report variants for report RCOCB004 used in your send jobs.The sending of messages in status "Destination error" or "Terminated" is only useful if the error is corrected without manual intervention;for example with messages of category PI_PHST, if the sequence of the messages or time events was swapped in the first send process.
        2. Regularly delete the logs of the messages that were not sent to the destination PI01 using report RCOCB009 (Transaction CO62).
        3. Check whether it it is actually required to send messages to the destination PI01.This is only useful if you want to evaluate the data of these messages by means of the process data evaluation, or if the message data including the logs are to be a part of the process data documentation or the batch log. Remove destination PI01 for the message categories to which the above-mentioned criteria does not apply.You can activate destination PI01 again at a later stage.
        4. If you still want to send process messages to destination PI01, carry out a regular archiving of your process orders.As a result of the archiving, the message copies and logs in the process message record are also deleted.
        5. If the described measures do not suffice, you can delete the logs using Transaction SLG2.
  Control recipe send = RCOCB006 and you need to set the job to run after event SAP_NEW_CONTROL_RECIPES
  Process message send = RCOCB002 (cross plant) and RCOCB004 (specific plant). You need to create variants for these.
  Check the IMG documentation in PPPI for control recipes and process instructions where there is more information about this. Also standard SAP help is quite good on these points.
  Finally, if you are automatically generating process instructions then you need program RCOCRPVG plus appropriate variants.
  Hope it will help you.
      Regards,
  R.Brahmankar

• Best Practice for Planning and BI

  What's the best practice for Planning and BI infrastructure - set up combined on one box or separate? What are the factors to consider?
  Thanks in advance..

  There is no way that question could be answered with the information that has been provided.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Best practice for Plan and actual data

  Hello, what is the best practice for Plan and actual data?  should they both be in the same app or different?
  Thanks.

  Hi Zack,
  It will be easier for you to maintain the data in a single application. Every application needs to have the category dimension, mandatorily. So, you can use this dimension to maintain the actual and plan data.
  Hope this helps.

• SAP Business One Best-Practice System Setup and Sizing

  <b>SAP Business One Best-Practice System Setup and Sizing</b>
  Get recommendations from SAP and hardware specialists on system setup and sizing
  SAP Business One is a single, affordable, and easy-to-implement solution that integrates the entire business across financials, sales, customers, and operations. With SAP Business One, small businesses can streamline their operations, get instant and complete information, and accelerate profitable growth. SAP Business One is designed for companies with less than 100 employees, less than $75 million in annual revenue, and between 1 and 30 system users, referred to as the SAP Business One sweet spot. The sweet spot covers various industries and micro-verticals which have different requirements when it comes to the use of SAP Business One.
  One of the initial steps during the installation and implementation of SAP Business One is the definition of the system landscape and architecture. Numerous factors affect the system landscape that needs to be created to efficiently run SAP Business One.
  The <a href="http://wiki.sdn.sap.com/wiki/display/B1/BestPractiseSystemSetupand+Sizing">SAP Business One Best-Practice System Setup and Sizing Wiki</a> provides recommendations on how to size and configure the system landscape and architecture for SAP Business One based on best practices.

  For such high volume licenses, you may contact the SAP Local Product Experts.
  You may get their contact info from this site
  [https://websmp209.sap-ag.de/~sapidb/011000358700001455542004#India]

• PKI view , AIA and CDP locatiion for the RootCA has red crossover " unable to download"

  I am trying to create a PKI infrastructure on winserver2008R2 enterprise as follows
  offline ROOT CA---Standalone
  Online Intermediate CA -- enterprise
  PROBLEM: 
  on the intermediate CA: using enterprise PKI view , AIA and CDP locatiion for the RootCA has red crossover " unable to download"but enterprise pki view "manage AD container" indicated the AIA and CDP container 
  had OK for the root CA CDP and AIA.
  Any help will be appreciated
  INSTALLATION STEPS :
  i performed the ffg on offline RootCA
  create the CA policy policy file and store in windows folder
  install ADCS
  run post installation script
  The Certificate Service was successful and saw a green icon in the console
  I performed the ffg on  online enterprise CA
  create the CA policy policy file and store in windows folder
  install ADCS
  i successfully  published the root CA cert and CRL in the local store and AD. i saw the ffg message upon completion
  CertUtil: -addstore command completed successfully.
  CertUtil: -dsPublish command completed successfully.
  install ADCS
  below is the output for getreg ( CRL and AIA)
  C:\Users\Administrator.GORYEAL>certutil -getreg CA\CRLPublicationURLs
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\GINTC
  A\CRLPublicationURLs:
    CRLPublicationURLs REG_MULTI_SZ =
      0: 65:C:\Windows\system32\CertSrv\CertEnroll\%3%8%9.crl
      CSURL_SERVERPUBLISH -- 1
      CSURL_SERVERPUBLISHDELTA -- 40 (64)
      1: 79:ldap:///CN=%7%8,CN=%2,CN=CDP,CN=Public Key Services,CN=Services,%6%10
      CSURL_SERVERPUBLISH -- 1
      CSURL_ADDTOCERTCDP -- 2
      CSURL_ADDTOFRESHESTCRL -- 4
      CSURL_ADDTOCRLCDP -- 8
      CSURL_SERVERPUBLISHDELTA -- 40 (64)
      2: 0:http://%1/CertEnroll/%3%8%9.crl
      3: 0:file://%1/CertEnroll/%3%8%9.crl
      4: 65:file://\\www\Certdata\%3%8%9.crl
      CSURL_SERVERPUBLISH -- 1
      CSURL_SERVERPUBLISHDELTA -- 40 (64)
  CertUtil: -getreg command completed successfully.
  C:\Users\Administrator.GORYEAL>certutil -getreg CA\CACertPublicationURLs
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\GINTC
  A\CACertPublicationURLs:
    CACertPublicationURLs REG_MULTI_SZ =
      0: 1:C:\Windows\system32\CertSrv\CertEnroll\%1_%3%4.crt
      CSURL_SERVERPUBLISH -- 1
      1: 3:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11
      CSURL_SERVERPUBLISH -- 1
      CSURL_ADDTOCERTCDP -- 2
      2: 0:http://%1/CertEnroll/%1_%3%4.crt
      3: 0:file://%1/CertEnroll/%1_%3%4.crt
  CertUtil: -getreg command completed successfully.

  when i ran certutil -URL http://www.goryeal.com/CERTDATA/GROOTCA.crl 
   i saw a status message of OK
  when i paste the url(http://www.goryeal.com/CERTDATA/GROOTCA.crl) from pki view in the browser i got the message:
  404 - File or directory not found
  But when  i copy the url(http://www.goryeal.com/CERTDATA/) in the browser , i was able to see the root ca CRL :
   I revoked CA exchange cert and issue a new one but still no luck. Below is the verification for the ca exchange cert:
  certutil.exe -verify -urlfetch 
  c:\ca.cer
  Issuer:
      CN=GINTCA
      DC=goryeal
      DC=com
  Subject:
      CN=GINTCA-Xchg
      DC=goryeal
      DC=com
  Cert Serial Number: 61db778400000000000b
  dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
  dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
  ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000)
  HCCE_LOCAL_MACHINE
  CERT_CHAIN_POLICY_BASE
  -------- CERT_CHAIN_CONTEXT --------
  ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
  ChainContext.dwRevocationFreshnessTime: 6 Days, 21 Hours, 50 Minutes, 11 Seconds
  SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
  SimpleChain.dwRevocationFreshnessTime: 6 Days, 21 Hours, 50 Minutes, 11 Seconds
  CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=0
    Issuer: CN=GINTCA, DC=goryeal, DC=com
    NotBefore: 4/2/2014 5:00 PM
    NotAfter: 4/9/2014 5:10 PM
    Subject: CN=GINTCA-Xchg, DC=goryeal, DC=com
    Serial: 61db778400000000000b
    Template: CAExchange
    Template: CA Exchange
    5f c7 75 f7 e9 da 4b 96 ea 05 48 f2 2f 49 0d 96 b8 d0 f7 16
    Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    ----------------  Certificate AIA 
    Verified "Certificate (0)" Time: 0
      [0.0] ldap:///CN=GINTCA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=goryeal,DC=com?cACertificate?base?objectClass=certificationAuthority
    ----------------  Certificate CDP 
    Verified "Base CRL (06)" Time: 0
      [0.0] ldap:///CN=GINTCA,CN=INTCA,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=goryeal,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint
    Verified "Delta CRL (06)" Time: 0
      [0.0.0] ldap:///CN=GINTCA,CN=INTCA,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=goryeal,DC=com?deltaRevocationList?base?objectClass=cRLDistributionPoint
    ----------------  Base CRL CDP 
    OK "Delta CRL (06)" Time: 0
      [0.0] ldap:///CN=GINTCA,CN=INTCA,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=goryeal,DC=com?deltaRevocationList?base?objectClass=cRLDistributionPoint
    ----------------  Certificate OCSP 
    No URLs "None" Time: 0
      CRL 06:
      Issuer: CN=GINTCA, DC=goryeal, DC=com
      bc c0 e1 8c e1 4c 18 34 5f 06 ca c1 f2 a0 3b 4d 58 9f 27 70
      Delta CRL 06:
      Issuer: CN=GINTCA, DC=goryeal, DC=com
      69 cf 42 09 59 48 3f 07 bf b7 8a 4c 01 a6 45 5f 13 87 da 1b
    Issuance[0] = 1.2.3.4.1455.67.89.5
    Application[0] = 1.3.6.1.4.1.311.21.5 Private Key Archival
  CertContext[0][1]: dwInfoStatus=102 dwErrorStatus=0
    Issuer: CN=GROOTCA
    NotBefore: 3/26/2014 8:01 PM
    NotAfter: 3/20/2019 8:38 PM
    Subject: CN=GINTCA, DC=goryeal, DC=com
    Serial: 1297cd88000000000004
    Template: SubCA
    a4 96 15 fd 62 c1 1c 86 db 21 15 a7 d4 b4 0e 16 8f 03 2c de
    Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    ----------------  Certificate AIA 
    Verified "Certificate (0)" Time: 0
      [0.0] ldap:///CN=GROOTCA,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=goryeal,DC=com?cACertificate?base?objectClass=certificationAuthority
    Verified "Certificate (0)" Time: 0
      [1.0] http://www.goryeal.com/Certdata/ROOTCA_GROOTCA.crt
    ----------------  Certificate CDP 
    Verified "Base CRL (06)" Time: 0
      [0.0] ldap:///CN=GROOTCA,CN=ROOTCA,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=goryeal,DC=com?certificateRevocationList?base?objectClass=cRLDistributionPoint
    Failed "CDP" Time: 0
      Error retrieving URL: Error 0x80190194 (-2145844844)
      http://www.goryeal.com/Cerdata/GROOTCA.crl
    ----------------  Base CRL CDP 
    No URLs "None" Time: 0
    ----------------  Certificate OCSP 
    No URLs "None" Time: 0
      CRL 06:
      Issuer: CN=GROOTCA
      f7 3d fb a7 12 bf f1 b5 e9 35 b7 a1 2b 17 2a 28 29 36 c6 8a
    Issuance[0] = 1.2.3.4.1455.67.89.5
  CertContext[0][2]: dwInfoStatus=10c dwErrorStatus=0
    Issuer: CN=GROOTCA
    NotBefore: 3/20/2014 8:28 PM
    NotAfter: 3/20/2019 8:38 PM
    Subject: CN=GROOTCA
    Serial: 2157e0150f7e149e49295666612464ef
    b5 a8 4c e1 64 9d b0 aa c5 e4 b7 b0 4f 5e fe e3 99 aa 61 de
    Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
    Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
    Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    ----------------  Certificate AIA 
    No URLs "None" Time: 0
    ----------------  Certificate CDP 
    No URLs "None" Time: 0
    ----------------  Certificate OCSP 
    No URLs "None" Time: 0
    Issuance[0] = 1.2.3.4.1455.67.89.5
  Exclude leaf cert:
    e8 5b f7 0b 59 b4 84 97 87 96 1b f1 39 9b 15 14 24 84 d0 77
  Full chain:
    ca 29 87 01 d8 6f e6 28 d7 16 a9 5c 81 74 d3 b8 1e c9 44 53
  Verified Issuance Policies:
      1.2.3.4.1455.67.89.5
  Verified Application Policies:
      1.3.6.1.4.1.311.21.5 Private Key Archival
  Leaf certificate revocation check passed
  CertUtil: -verify command completed successfully.

• Looking for some best practice regarding Content Administrator access

  Hi. I am looking for some best practice or rule of thumb from SAP or from different companies how they address Portal Content Administrator access in Production environment. Basically, our company is implementing portal to work with SAP BW.  We are on SP 9. Basically, I am trying to determine if we should have 1-2 Portal Content Administrator in Production with 24/7 access or we should limit them from NOT having this.  Can you share with me some ideas of what is right? and what is not?
  Should we have access in Production? Or Should we have this access but limited? By the way, our users are allow to Publish BI reports/queries into Production.

  Hello Michael,
  Refer to this guide about managing initial content in portal.
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/00bfbf7c-7aa1-2910-6b9e-94f4b1d320e1
  Regards
  Deb
  [Reward Points for helpful answers]

• Best practice: parameters, reports and control flow

  I am developing an application that has a number of different reports, each of which has a combination of similar parameter LOVs.
  I defined the LOVs on page 0, with a corresponding DISPLAY hidden field for each one, with each set to conditional display if its DISPLAY=Y. I have a page process on each page with a standard block setting the appropriate _DISPLAY's to Y or N depending on whether they are needed on that page or not.
  It is becoming difficult to maintain, and I would prefer to have a single block of code that is called when entering all pages for the first time; where a CASE statement can switch on and off the various LOVs for each page by setting their correspondings _DISPLAY hiddens.
  I cannot find a clear answer for this in the forums; and I am not very clear if it is possible, or if it is the best practice.
  If anyone has any advice, please let me know!!
  Thanks
  Mark

  Hi Mark,
  One of the first points of best practice in Apex is that any non-trivial chunks of PL/SQL coding should be centralised in the database as stored code.
  In your case, your generic code would check the page that is being loaded and through a case statement, selectively set values to display the required fields for that page. One problem with this is that you still need to modify this procedure every time you add a new page.
  An alternative to this would be to do away with the _DISPLAY items and have the LOV items Condidtion type set to
  Current Page is Contained Within Expression 1 (Comma delimited list of pages)
  You then only need to list the pages the item is available for as a comma separated list in Expression 1.
  You could go even further by storing the display logic for each LOV item in tables in the database and make this completely dynamic, but this may be seen as overkill.
  Regards
  Andre

• Best practice for infoview and which folder to save webi or crystal reports

  All,
  I was wondering what are your thought about the following question.Imagine you have a customer using at the same time webi reports and also crystal reports against BW.
  The thing is that he is transporting the crystal report thru SAP using the rsadmin transaction to manage his crystal reports, but also use the SAP transport to move them to PROD .As far as webi, he is using the import wizard to move them to PROD. \
  As you know the crystal reports will end up into an SAP folder .. something that is such as SAP/(description of the menu role).
  Well webi reports happen to be inside the public folder.
  The question was .. what would be the best practice
  1 u2013 store all your crystal reports against BW in the SAP menu roles as it is ending up thru the SAP transport and have the webi reports inside the public folder ?
  2 u2013 Copy your webi reports from the public folder to the SAP /Menu role folder where my crystal reports are ?
  3 u2013 copy your crystal reports from the SAP/(menu role folder) to the Public folder ?
  Let me know what is your feeling as best practice
  Thank you
  Philippe

  Just a hint:
  The path SAP/2.0 is not mandatory. You can configure the SAP BW publisher on the BW side (transaction /CRYSTAL/RPTADMIN) so that your reports will be stored in another folder on the BOE side. Please note that the addition of the role name in the path cannot be overrided.
  Regards,
  Stratos

• PKGBUILD best practice for autotools and missing required files

  I am trying to update one of my packages in the AUR.  Upstream using GNU automake/autoconf tools and has worked just fine for previous versions.  This time around, the download from upstream is missing several of the mandatory files required by autoconf.  I am trying to figure out the best way to deal with this.
  1.  I can add just create them, and distribute them with the Tarbell, and push them into src directory prior to invoking autoconf.
  or
  2. I can use the --add-missing flag, but that requires the running of autoconf multiple times (unless I am confused) 
  What is the best practice when files such as NEWS and README are missing?

  I highly recommend you review Brad Hedlund's videos regarding UCS networking here:
  http://bradhedlund.com/2010/06/22/cisco-ucs-networking-best-practices/
  You may want to focus on Part 10 in particular, as this talks about running UCS in end-host mode without vPC or VSS.
  Regards,
  Matt

• Best Practice for Oil and Gas Field Data Capture

  Hi All
  What is the best practice to capture volume data of Oil and Gas commodities in SAP? There is a solution [FDC|http://help.sap.com/miicont-fdc] that address the requirements however what parameters it asks, whats the process and how it calculates different variables isn't provided over the resource center.
  Appreciate any response.
  Regards
  Nayab

  Hi Zack,
  It will be easier for you to maintain the data in a single application. Every application needs to have the category dimension, mandatorily. So, you can use this dimension to maintain the actual and plan data.
  Hope this helps.