Standard Users 

By default, SAP NetWeaver Application Server (AS) Java provides standard users for administrative and guest access, as well as communication users for connecting to the installed data source. The standard users on the AS Java vary according to the data source and installation options as shown in the table below.

AS Java Standard Users

Description	AS ABAP Data Source	Database Data Source
Administrator user This user has wide-ranging administrative access to the AS Java. We recommend that you use strong  password and auditing policies for this user.	Specified during installation. We recommend: J2EE_ADM_<SID>	Specified during installation. Default suggestion: Administrator
Guest user This user is used for anonymous access to the AS Java. By default, this user is locked.	Specified during installation. We recommend: J2EE_GST_<SID>	Specified during installation. Default suggestion: Guest
Technical user You configure the communication user for an LDAP data source as a post-installation step.	Specified during installation. We recommend: SAPJSF_<SID> In case you have several AS Java systems with AS ABAP data sources,  we recommend that you create system-specific communication users using the above naming convention.	DB user is specified during installation. Default suggestion: SAP<SID>DB The AS Java also uses this user for DB connectivity when you configure the UME with a DB user store.

 

When using the UME with AS ABAP, the AS Java users must exist in the AS ABAP data source before installation. If you have several AS Java systems with AS ABAP data sources, we recommend that you create system-specific communication users using the naming convention provided above. In addition, you must complete the initial password setup for the AS ABAP users, before installing the AS Java.

For more information, see UME Data Sources in the UME documentation.

In addition to the above standard users, a default AS Java installation can also contain the following technical users.

Additional Standard Users of the AS Java

User	Description
SAP*	The emergency user exists in the emergency user store of the AS Java. It has full administrative authorizations. If you cannot access your AS Java by any other means you can activate this user to repair your configuration. For more information, see Activating the Emergency User.
pcd_service	Service user of the Portal Content Directory (PCD) service..
ume_service	Service user of the UME.

Security Considerations for Standard Users

You assign initial passwords for the AS Java standard users during installation. In your productive operations or after the installation is complete, you can use the UME and the AS Java administration tools to change the initial passwords, manage the default properties for these users, lock users and create users with equivalent permissions on the AS Java.

For more information, see Administration of Users and Roles in the Administration Manual.

By default, the administrator user is used by certain applications on the AS Java to perform administrative and installation tasks, for example software deployment and undeployment. For additional security, you can assign the use of another administrator user on the AS Java and lock the use of the administrator user.

For more information about creating AS Java users, see Managing Users, Groups, and Roles in the Administration Manual.

We recommend that you do not delete the default administrator user. If you decide to lock the default administrator user, you have to create another AS Java user with equivalent administrative privileges, for example by assigning it to the Administrators user group. In addition, you have to update the security credentials of the new administrator user in the AS Java file system secure store and in the configuration properties of the JMS service of the AS Java.

For more information, see Modifying the Default Administrator User in the Administration Manual.