Wednesday, 11 January 2023

while performing a standard SAP HANA database system installation, which users will be created or validated during that installation?

This question may ask in interviews and listed question for HANA Certification. 

As per SAP HANA Server Installation and Update Guide 


The following users are automatically created during the installation:

1:  <sid>adm,

2:  sapadm, 

3: SYSTEM.


UserDescription
<sid>adm

The operating system administrator.

  • The user <sid>adm is the operating system user required for administrative tasks such as starting and stopping the system.

  • The user ID of the <sid>adm user is defined during the system installation. The user ID and group ID of this operating system user must be unique and identical on each host of a multiple-host system.

  • The password of the <sid>adm user is set during installation with the password parameter.

sapadmThe SAP Host Agent administrator.
  • If there is no SAP Host Agent available on the installation host, it is created during the installation along with the user sapadm.

  • If the SAP Host Agent is already available on the installation host, it is not modified by the installer. The sapadm user and password are also not modified.

  • The password of the sapadm user is set during installation with the sapadm_password parameter.

SYSTEM

The database superuser.

  • Initially, the SYSTEM user has all system permissions. Additional permissions can be granted and revoked again, however the initial permissions can never be revoked.

  • The password of the SYSTEM user is set during installation with the system_user_password parameter.


these are users I observed while doing the installation for which we provide passwords too. But as the SAP HANA Administration Guide for SAP HANA Platform, there is one more user that is  <SID>crypt

as

sid>crypt

The trusted local secure store (LSS) user.

  • The user <sid>crypt owns the storage of the encryption keys and other similarly sensitive data.
  • The user <sid>crypt is the only trusted user of the local secure store. Only processes called by a trusted user are accepted by the LSS right away.


Note: Do share if you have more details about this topic

Thanks 

Rupesh Chavan