Many SAP systems make use of standard operating system users that, on the operating system level, have comprehensive access rights to database resources.
Name |
System Default Value |
Type |
Authorizations |
---|---|---|---|
<sdb_user> |
sdb |
User |
Owner of all database resources Group member of <sdba_group> |
<sdba_group> |
sdba |
Group |
|
<support_group> |
sdb <database_name> |
Group |
Optional; support tasks |
root |
root |
User |
A SetUID root program is only required for a user change to <sdb_user> . |
<os_user> |
- |
User |
|
<sid> adm |
- |
User |
|
sqd <sid> |
- |
User |
Not for SAP liveCache databases SQD<SID> is owner of all database resources and is the operating system user for database administrators. Group member of <sdba_group> |
To keep unauthorized persons from learning the passwords of standard operating system users, we recommend the following measures:
Do not adopt the default passwords.
Use secure passwords.
Change the passwords regularly.
Changing the Passwords of Operating System Users (Unix and Linux)
Log on to the operating system as <sid> adm user.
Open a shell.
Enter the following command:
Enter the old and new passwords.
Repeat the procedure for the sqd<sid> user.
If you use the Network Information Service (NIS), you can read how to change the passwords of operating system users in the NIS Guide.
Changing the Passwords of Operating System Users (Microsoft Windows)
Log on to the operating system as a user from the Administrators group.
Change the password of the operating system user <SID>ADM.
Database Administration, Special Operating System Users and Groups