cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ORA-01031: insufficient privileges

Former Member

on ‎04-27-2007 6:06 PM

0 Kudos

Hi,

I have installed a new ECC5 system on Oracle/Linux. Everything looks fine except that the startsap and stopsap scripts are not able to start or shutdown the database. It fails with ORA-01031: insufficient privileges.

The SAPR3 user has CONNECT, RESOURCE AND SELECT_CATALOG_ROLE ROLES. The system user has DBA,SAPDBA, and AQ_ADMINISTRATOR_ROLE..

To try out things, I have executed the sapconn_role.sql script to grant the sapconn ROLE aslo to SAPR3 user. But the same problem is there.

The oracle user environment and everything else seems to be fine as everything else is working.

What might be the problem here? What am i missing?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

Former Member
‎05-01-2007 2:36 AM
0 Kudos

Hi,

SIDadm does belong to the oper group.

sapdba role is also assigned. I have executed both sapdba and sapcon_role but didnt help.

I dont understand Junaid's answer that ops$sidadm needs admin role.

I still feel it is related to our OS NIS groups.Something might be setup wrong.

Any other ideas guys?

Show replies
Show replies
Former Member
‎05-02-2007 4:44 PM
0 Kudos

Hi Cyrus,

Check whether Userid and Groupid is correct, in the sense i had the same issue where For groupid, it was showing numbers in place of SAPSYS of DBA, and we passed it on to the Unix team to get the issue Resolved.

Regards,

Ershad Ahmed,

Former Member
‎04-30-2007 8:05 AM
0 Kudos

Hi Cyrus,

go to usr/sap/SID/SYS/exe and get into SQL and execute sapdba_role.sql it should grant the permissions.

Let me know if it worked.

Regards,

Ershad Ahmed.

Show replies
Show replies
Former Member
‎04-27-2007 8:15 PM
0 Kudos

Thanks for the info.

The OPS$<SID>ADM user already exists and it have dba,connect and resource roles.

Can this problem be related to OS user groups?

<SID>ADM user is part of dba group though.

Show replies
Show replies
Former Member
‎04-28-2007 3:18 AM
0 Kudos

OPS$<SID>ADM needs admin access too.

**Reward points accordingly

Junaid

Former Member
‎04-28-2007 9:14 AM
0 Kudos

Hi Cyrus,

yes, it could be related to the OS groups. Do you added the <sid>adm to the oper group in /etc/group? sidadm does not need to be member of the dba group afiak. Check how the database connect in the startscript is done. Probably by calling sqlplus "/ as sysoper" or with a file sqlplus /nolog @file with file content: connect / as sysoper.

Best regards

Ralph

former_member204746
Active Contributor
‎04-27-2007 6:57 PM
0 Kudos

check SAP Note 361641 - Creating OPS$ users on UNIX

SAP uses OPS$[SID]adm user to authenticate and connect to Oracle.

Show replies
Show replies
Ask a Question