As a user administrator, you create and configure database users, as well as authorize them to work with the SAP HANA database.
The recommended process for provisioning users is as follows:
- Define and create roles.
- Create users.
- Grant roles to users.
Further tasks related to user provisioning include for example:
- Deleting users when they leave the organization
- Reactivating users after too many failed logon attempts
- Deactivating users if a security violation has been detected
- Resetting user passwords
Provisioning User in SAP HANA Cockpit
You can use the SAP HANA cockpit to create database users and grant them roles.Provisioning User in SAP HANA Cockpit
Provisioning Users in sap HANA Studio
You can use the user and Role editors of the SAP HANA studio to perform user-provisioning tasks. Provisioning Users in sap HANA Studio
Authorizing User from an LDAP identity Management Server
The Lightweight Directory Access Protocol (LDAP) is an application protocol for accessing directory services. If you use an LDAP-compliant identity management server to manage users and their access to resources, you can leverage LDAP group membership to authorize SAP HANA users.
. View a database user
You can view database users on the User page of the SAP HANA cockpit.
. View a database role
You can view database roles on the Role page of the SAP HANA cockpit.
. Create a Catalog role
You can create a new role directly in runtime and grant it the privileges and roles necessary for the task or function that it represents on the Role page of the SAP HANA cockpit. Create a Catalog role
. Change a Role
You can change the roles and privileges assigned to a role on the Role page of the SAP HANA cockpit. Change a Role