In SAP R/3 Release 4.0 the roles of the users ora<sid> and <sid>adm on Unix, or <SID>ADM and SAPSERVICE<SID> on Windows NT, were separate. Only the user ora<sid> , or <SID>ADM on NT, has unrestricted authorization for DBA operations. This user belongs to the two operating system groups oper and dba (Unix), or ORA<SID>DBA and ORA<SID>OPER (Windows NT).

In contrast the authorizations of the operating system user <sid>adm (Unix) or SAPSERVICE<SID> (Windows NT) are restricted to operator activities, such as starting/shutting down the database, performing database backups and database checks. This user only belongs to the operating system group oper (Unix), or ORA<SID>OPER (Windows NT).

• SYSDBA
  All authorizations
• SYSOPER
  Operator activities, but no read or write authorizations.
• SAPDBA
  Read and write authorizations in order to work with SAPDBA and BRBACKUP command options (and therefore CCMS DBA functions)

OS users	OS group	DB role	OS users
ora<sid>	dba oper	SYSDBA SYSOPER	INTERNAL (SYS)
<sid>adm	oper	SYSOPER	OPS$<SID>ADM
		SAPDBA

OS users	OS group	DB role	OS users
<SID>ADM	ORA_<SID>_DBA ORA_<SID>_OPER	SYSDBA SYSOPER	INTERNAL (SYS)
SAPSERVIE<SID>	ORA<SID>OPER	SYSOPER	OPS$SAPSERVICE<SID>
		SAPDBA

The prerequisite is that a DB user OPS$<OS_user> corresponding to the OS user is defined on the database, and identified as externally.

Once you have logged on successfully with the OS user, you can connect to the database with SVRMGR> connect / ,without having to enter another password. You are then working as OPS$<OS_user> . In the same way you can start the program SAPDBA with OS> sapdba –u / .

This OPS$ mechanism is always used if you call SAPDBA or BRBACKUP from the CCMS menu in the R/3 System.

The standard DB user is always SYSTEM. SYSTEM connects with the ORACLE option AS SYSOPER or AS SYSDBA for actions such as startup, shutdown, recover and so on, as well as selecting from V$ tables when the database is not open.