Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
cancel
Showing results for 
Search instead for 
Did you mean: 
former_member182967
Active Contributor
57,733


Today, I face a problem regarding to invalid username and password for DB system user whereas the password was never changed or forgot (not sure if somebody has input a wrong password several times before).

Background Information: Our HANA version: SPS 10 Rev.102.02

As I check with SAP HANA Administration Guide of SPS 10, it mentions that the SYSTEM user will not be locked regardless of the number of failed logon attempts in Number of Allowed Failed Logon Attempts. However, the user information page shows a warning like that the system user with status: suspicious Too many invalid connect attempts.

At that time, I had no idea about how to fix this situation but to try ALTER USER SYSTEM RESET CONNECT ATTEMPTS. The warning information of system user disappears and I successfully logon the system with the known password of user SYSTEM :???: .

I take sometimes to search note regarding to the password of user SYSTEM, then get the following note  2251556 - SAP HANA SYSTEM user can now be locked for too many failed logon attempts and 2216869 - Security improvement of HANA authentication

Starting from SAP HANA Revision 102, the SYSTEM user can be locked if logon attempts fail for too many times, just like the other database users. :cry:

Solution:

1. ALTER USER SYSTEM RESET CONNECT ATTEMPTS (create a backup user with the "USER ADMIN" system privilege before)

2. Set parameter password_lock_for_system_user to false (Not recommended)



Hopes this blog will help to fix this kind of password problem.

Regards,

Ning Tong

7 Comments
Muthukumaran
Explorer
0 Kudos
Hi  Ning Tong,

Thanks for the nice blog.

I have another user which doesn't have user admin privilege.

My SYSTEM user is locked now, I didn't set the parameter to false.

Can you give any suggestions on this scenario?

Thanks & Regards,

Muthu.
former_member182967
Active Contributor

Please temporarily change parameter password_lock_for_system_user” value as “false” using another user with proper authorization.

Manigandan02
Explorer
0 Kudos
my senario is this is a tenant DB. i have access to master DB. is it possible to unlock system user of tenant db using the master db system user?
LuisBenavidesA
Participant
Dear Tong,

 

Many thanks for sharing your knowledge, was very helpful for me and save me time to solve it.

I very grateful 🙂

 

Luis Benavides Andrade
former_member182967
Active Contributor
0 Kudos

Two possible methods:

1. login to the TENANT database with other user ID which having the USER ADMIN privilege. Go to Security > Users > change the password.

2. Reset the SYSTEM User Password of a Tenant Database as per Note 2274157 – How to Reset System User Password for Tenant Database – SAP HANA

0 Kudos
Run the hdbenv.sh file and then execute the command hdbnameserver -resetUserSystem

 
yakoair1
Explorer
0 Kudos
Hello hope everyone is fine

 

after using
RESET CONNECT ATTEMPTS

the count never goes down nor change...


for example before running the reset the user has 1308 invalid attempts, after running the RESET CONNECT ATTEMPTS, it keeps with 1308

Kind Regards
Gabriela
Labels in this area