The access to critical methods of the Web service is protected (currently by default: Start, Stop,
RestartInstance, Shutdown, StartSystem, StopSystem, J2EEControlProcess, SendSignal, OSExecute,
J2EEEnableDbgSession, J2EEDisableDbgSession, SetProcessParameter, EnqRemoveLocks). The list of
protected methods can be changed by using the start profile parameter “service/protectedwebmethods”
(blank separated list of method names). To use these methods one has to provide a valid OS user and
password via HTTP basic authentication encoded as UTF8 or must use a trusted connect. The service will
verify the given credentials, and grant permission only to valid users that additionally have execute
permission on the sapstartsrv executable file. Otherwise the request will fail with “Invalid Credentials" or
"Permission denied" fault string. Missing credentials when accessing a critical method will result in HTTP
error 401. Windows users may be given in format <domain>\<user> or <user>@<domain>. On Unix
sapstartsrv will ignore the domain user part. On Windows sapstartsrv will try any trusted domain if no domain
is given.
Question is, Permission to execure SAPSTARTSRV.
Do they mean at the OS Level? If my SapServiceSID is a local admin of the server, he must have those persmissions...or is it elsewhere they are talking>?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.