Deactivate the SYSTEM User:
As the most powerful database user, SYSTEM is not intended for use in production systems. Use it to create lesser privileged users for particular purposes and then deactivate it.
SYSTEM is the database superuser. It has irrevocable system privileges, such as the ability to create other database users, access system tables,etc. In addition, to ensure that the administration tool SAP HANA cockpit can be used immediately after database creation, SYSTEM is automatically granted several roles the first time the cockpit is opened with this user.Note SYSTEM does not automatically have access to objects created in the SAP HANA repository.
In a system with multitenant database containers, the SYSTEM user of the system database has additional privileges for managing tenant databases, for example, creating and dropping databases, changing configuration (*.ini) files of databases, and performing database-specific data backups.
Prerequisites:
You have the system privilege USER ADMIN.
The administrator can deactivate a user account with the following SQL command or SQL console of the SAP HANA studio:
ALTER USER DEACTIVATE USER NOW
Example:
Note: You can still use the SYSTEM user as an emergency user even if it has been deactivated. Any user with the system privilege USER ADMIN can reactivate SYSTEM with the statement
ALTER USER SYSTEM ACTIVATE USER NOW.
---This will list down the deactivated/locked users.
select * from "sys"."users" where user_deactivated='true';
---or---
select * from "public"."users" where user_deactivated='true';
select name, user_deactivated, invalid_connect_attempts from "sys"."p_principals_" where name ='username'
As the most powerful database user, SYSTEM is not intended for use in production systems. Use it to create lesser privileged users for particular purposes and then deactivate it.
SYSTEM is the database superuser. It has irrevocable system privileges, such as the ability to create other database users, access system tables,etc. In addition, to ensure that the administration tool SAP HANA cockpit can be used immediately after database creation, SYSTEM is automatically granted several roles the first time the cockpit is opened with this user.Note SYSTEM does not automatically have access to objects created in the SAP HANA repository.
In a system with multitenant database containers, the SYSTEM user of the system database has additional privileges for managing tenant databases, for example, creating and dropping databases, changing configuration (*.ini) files of databases, and performing database-specific data backups.
Prerequisites:
You have the system privilege USER ADMIN.
The administrator can deactivate a user account with the following SQL command or SQL console of the SAP HANA studio:
ALTER USER
Example:
ALTER USER SYSTEM DEACTIVATE USER NOW
After the user account is deactivated, the user cannot log on to the SAP HANA database until
the administrator resets the users password.---This will list down the deactivated/locked users.
select * from "sys"."users" where user_deactivated='true';
---or---
select * from "public"."users" where user_deactivated='true';
select name, user_deactivated, invalid_connect_attempts from "sys"."p_principals_" where name ='username'
No comments:
Post a Comment