To avoid authorization problems when starting the BR*Tools, bear in mind the following:
...
1. On the database server create local groups ORA_<DBSID>_DBA and ORA_<DBSID>_OPER (or ORA_DBA and ORA_OPER). Include the SAP users <SID>ADMand SAPSERVICE<SID> in this group, if this has not been done during the installation.
When you log on to the database with connect / as sysdba using SQLPLUS you no longer have to enter a password. The user is authorized to start and stop the database.
You can now call BRBACKUP and BRARCHIVE as usual:
brbackup -u system/<password>
2. BRBACKUP
If you call BRBACKUP at operating system level, the following alternatives (A;B) to the procedure described in 1. are available:
¡ Start BRBACKUP not with the standard ORACLE user system, but with the user OPS$ user, as in the following example:
brbackup -u
The OPS$ user must have granted the SAPDBA role for backups to be successful
¡ Activate the full Oracle authorization check. Perform the following steps:
§ In the profile init<SID>.ora, enter the parameter remote_login_passwortfile = exclusive.
§ Create an Oracle password file (if it does not already exist):
orapwd file=%ORACLE_HOME%\DATABASE\PWD<DBSID>.ORA password=<internal_password> entries=10
§ Restart the database.
§ Call SQLPLUS as the user SYS. Give the following authorizations to the user system:
Connect / as sysdba
grant sysdba to system;
grant sysoper to system;
§
Give a new
password to the user system
(optional):
alter user system
identified by <password>;
Now you can call BRBACKUP as usual:
brbackup -u system/<password>