If you use the DBA Planning Calendar in the Computing Center Management System (CCMS), which uses the BR*Tools, note the following:
Assign ora<dbsid>
and <sapsid>adm
to the groups dba
and oper
. BRBACKUP then logs on with connect / as sysoper.
The
group oper
(DB role: SYSOPER
) is an administrator group that is restricted to operator operations. oper
can start or shut down the database, perform backups, and so on, but has no read or write authorizations.
BRBACKUP and BRARCHIVE must also have full access to the SAP tables SDBAD
, SDBAH
and tables defined in the XDB interface. These access rights are contained in the database role SAPDBA
.
BRCONNECT only executes from CCMS when the database is open. Thereby, the appropriate database privileges are necessary for the following BRCONNECT operations:
-f stats
, -f next
, -f
cleantup, -f check
BRCONNECT must have write permissions to the following tables:
SDBAD
, SDBAH
, DBSTATC
, DBSTATTORA
, DBSTATHORA
, DBSTATIORA
, DBSTAIHORA
,
and other DBA* tables. These access rights are also contained in the SAPDBA
role.
In addition, BRBACKUP, BRARCHIVE, BRCONNECT, and BRTOOLS need to run under the user ora<dbsid>
. If you start these tools from the SAP System (or over the command line with the user <sapsid>adm
), you must first set
the SUID bit for these programs. This allows <sapsid>adm
to run the programs using the rights from ora<dbsid>
. Make sure the owner of these programs is ora<dbsid>
and set their access rights to 4775.
For more information, see SAP Note 8523.
Note
The owner for BRRESTORE, BRRECOVER, and BRSPACE is <dbsid>adm
and its access rights are 755.