on 11-30-2011 7:47 AM
We are trying to consult to one of our clients that using SAP/r3 with Oracle 10.2 DB.
The client has a team of 4 DBAs, and the entire team members are using the username <SAPSID>adm in order to login to the DB and conduct changes and other operations.
We believe this is the wrong way to handle the login authorizations, and we think that each DBA has to have his own user name in order to enable audit trail. The client's IT team manager claims they don't know how to create personal user names with the authorization level of the <SAPSID>adm, and they must use this user name for their needs and operations.
Does anyone know a way to replicate the <SAPSID>adm user authorizations to some other DB admin user name so they will enable audit trail for each team member?
As mentioned by above techies creating name based OS IDs for users and tracing them using the su- logs can help you.
We use newid concept to trace the logs and to justify their logins (We login with our name based IDs and then do newid to orasid and sidadm. Here every screen is recordable)
Regards,
Nick Loy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
like written above, uses <sidadm> and ora<sid> are unique and designed to work with sap/oracle even replicated users with same enviroment wouldn't work.
Usually security concept is to have personal users account and sudo mechanism to switch to sidadm or orasid.
Regards
Stanislav
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
You can create any number of users have authorizations similar to sidadm user but I don't think it will serve the purpose because of the way the things are designed to be maintained in SAP.
However, you can utilize an alternative. Create individual OS IDs for each person who has to log on to OS. Assign 'sudo' access to these individual IDs to logon to 'sidadm' and 'orasid'.
Thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
88 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.