The SQL Server database standard logins are necessary for the SAP system to connect to and to administer the database. To prevent unauthorized use of the associated privileges of these logins you should change from time to time their passwords.
The following table shows the relevant SQL Server standard logins.
Login Name |
Type |
---|---|
|
SQL Server system administrator |
|
SQL Server login for Java database user |
|
SQL Server login for ABAP database user |
|
Login for operating system account |
|
Login for operating system account |
The login sa
has system administration privileges for MS SQL Server. It is not needed for standard operations. If you log on as sa
you can perform all available tasks on the server without any restrictions. It is important to assign
a password to this user during or directly after the installation of SQL Server. Normally, this login is disabled during the installation of the SAP system. For more information, see “Changing Passwords for SQL Server Logins”.
You should protect the SQL Server login for the Java database with a strong password. Be aware that after changing the password for <SAP<SAPSID>DB
, you also need to update the password in the Secure Store
of the Java instance.
For more information, see “Changing Passwords for SQL Server Logins”.
You should protect the SQL Server login for the ABAP database with a strong password. For more information, see “Changing Passwords for SQL Server Logins”.
The <sapsid>adm
and SAPService<SAPSID>
logins have system administrator rights. If, for example, you run two SAP systems on one instance, you can have access to both systems with these users.
The <sapsid>adm
and SAPService<SAPSID>
logins can connect to the SQL Server using the Windows authentication mode. You should therefore, protect the logins with strong passwords. For more information, see “Changing Passwords
of Windows Accounts”.
Be aware that after changing the password for <sapsid>adm
and SAPService<SAPSID>
, you also need to specify the new password in the services used for the SAP system, and restart the services.