cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HANA user getting locked

Former Member

on ‎07-27-2015 4:37 PM

0 Kudos

Hi All,

We have a strange issue where one of the HANA user is getting locked. Is there way to trace as to from which IP address is it coming?

What would be our tracing options since database trace is not giving the expected results as desired.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

lucas_oliveira
Advisor
Advisor
‎07-27-2015 5:34 PM
0 Kudos

Hello,

If you have active auditing policies in your system check if it is capturing invalid connection attempts. If so and if CONNECT statements are being audited you can check on yourauditing trail for that sort of info. If not, an option is to audit that sort of scenario.

An output of syslog with that sort of policy would look like:



[...]


Jul 27 16:25:02 <connect_to_host> HDB[31612]: 2015-07-27 16:25:02;indexserver;<hana_host>;YPE;00;30003;;10.2.125.96;<source host>;12148;64643;configuration change;INFO;CONNECT;SYSTEM;;;;;;AA_USER;UNSUCCESSFUL;;;;;;invalid username or password at ptime/query/catalog/userinfo.cc:958;;401858;<application user>;


[...]

Check the auditing documentation for more info: Activate and Configure Auditing - SAP HANA Administration Guide - SAP Library

Not sure if this is the best option though.

Any other options community?

BRs,

Lucas de Oliveira

Show replies
Show replies
Former Member
‎07-27-2015 6:08 PM
0 Kudos

Hi Lucas,

Was following this note.

1855211 - Technical database user is repeatedly locked

lucas_oliveira
Advisor
Advisor
‎07-27-2015 6:12 PM
0 Kudos

Yep, that's pretty much what I suggested... only in a nice Note

Go for it

BRs,

Lucas de Olivera

Former Member
‎07-27-2015 6:23 PM
0 Kudos

Lucas,

We had it already . But its didnt show up the entries. Then we changed from sys log to table.

It was showing up but showing with wrong entries.

lucas_oliveira
Advisor
Advisor
‎07-27-2015 6:28 PM
0 Kudos

Be more specific when asking so we don't have to go through options you already went through.

What's 'wrong' in the trail entries? If invalid connect statements are being audited you should be able to see them in trail output (syslog, table).

BRs,

Lucas de Oliveira

Former Member
‎07-27-2015 11:51 PM
0 Kudos

Hi Lucas,

This is what was happening.

We had a user which was getting constantly locked.

We had audit enabled to go into a table.

AUDIT_LOG.

For the field USER_NAME it didnt populate with the user name which was getting locked.

So later when we did a order by desc on timestamp we had seen that cause was due to incorrect password from HANA studio, but we had ignored these entries becuase they belonged to a different user name. So audit entries are not that easy to identify as mentioned in the KBA.

lucas_oliveira
Advisor
Advisor
‎07-28-2015 1:06 PM
0 Kudos

Hi,

I'm not sure I understand what you're saying. You have auditing to table and the user name is not getting filled in the connect attempts? What's missing? Can you rephrase your explanation with examples from the table?

Brs,

Lucas

Former Member
‎08-07-2015 10:54 PM
0 Kudos

Hi Lucas,

I think its difficult to explain the same so closing the incident.

Ask a Question