Many SAP systems make use of standard operating system users that, on the operating system level, have comprehensive access rights to database resources.
Name |
System Default Value |
Type |
Authorizations |
---|---|---|---|
<sdb_user> |
sdb |
User |
Owner of all database resources |
<sdba_group> |
sdba |
Group |
|
Support group |
sdb<database_name> |
Group |
Optional; support tasks |
root |
root |
User |
A SetUID root program is only required for a user change to <sdb_user>. |
<os_user> |
- |
User |
|
<sid>adm |
- |
User |
|
sqd<sid> |
- |
User |
Obsolete Not for SAP liveCache databases Owner of all database resources |
To keep unauthorized persons from learning the passwords of standard operating system users, we recommend the following measures:
Do not adopt the default passwords.
Use secure passwords.
Change the passwords regularly.
Log on to the operating system as <sid>adm user.
Open a shell.
Enter the following command:
passwd
Enter the old and new passwords.
Repeat the procedure for the sqd<sid> user.
If you use the Network Information Service (NIS), you can read how to change the passwords of operating system users in the NIS Guide.
Log on to the operating system as a user from the Administrators group.
Change the password of the operating system user <SID>ADM.