To avoid authorization problems when starting the BR*Tools, bear in mind the following:
On the database server create local groups ORA_<DBSID>_DBA and ORA_<DBSID>_OPER (or ORA_DBA and ORA_OPER). Include the SAP users <SID>ADM and SAPSERVICE<SID> in this group, if this has not been done during the installation.
When you log on to the database with connect / as sysdba using SQLPLUS you no longer have to enter a password. The user is authorized to start and stop the database.
You can now call BRBACKUP and BRARCHIVE as usual with the following command:
brbackup -u system/<password>
BRBACKUP
If you call BRBACKUP at operating system level, the following alternatives to the procedure described in 1. are available:
Start BRBACKUP not with the standard ORACLE user system, but with the user OPS$ user, as in the following example:
brbackup -u /
The OPS$ user must have granted the SAPDBA role for backups to be successful
Activate the full Oracle authorization check by performing the following steps:
In the profile init<SID>.ora, enter the parameter remote_login_passwortfile = exclusive.
Create an Oracle password file (if it does not already exist):
orapwd file=%ORACLE_HOME%\DATABASE\PWD<DBSID>.ORA password=<internal_password> entries=10
Restart the database.
Call SQLPLUS as the user SYS. Give the following authorizations to the user system:
Connect / as sysdba
grant sysdba to system;
grant sysoper to system;
Give a new password to the user system (optional):
alter user system identified by <password>;
Now you can call BRBACKUP as usual:
brbackup -u system/<password>