Interview Questions

Users & Authorizations

Users can engage in various activities in the SAP HANA studio provided the respective access privileges. Based on the requirements of the business and configuration of SAP HANA system, different user activities are carried out by the user in the SAP HANA Studio. Some of the important activities include,

Create Users
Grant roles to users
Define and Create Roles
Deleting Users
Resetting user passwords
Reactivating users after too many failed login attempts
Deactivating users when it is required

How to create Users in the SAP HANA Studio?

The only user with administrator privilege (ROLE ADMIN) is capable of creating new users and assigning roles of that particular new user in the SAP HANA studio. In order to create users and roles in HANA studio, follow the below simple steps,

Go to HANA Administrator Console. You will see security tab in System view which can be expanded
On expanding the security tab, you can find the User and Roles option. Just right click on User and go to New User to create a new user. A new window will open where you define User and User parameters.

Enter Username (mandate) and in Authentication field enter the password. The password is applied while saving the password for a new user. You can also choose to create a restricted user.

The specified role name must not be identical to the name of an existing user or role. The password rules include a minimal password length and a definition of which character types (lower, upper, digit, special characters) have to be part of the password.

What are the different user privileges that can be assigned to new users?

Privileges Types	Description
System Privileges	It controls normal system activity. System Privileges are mainly used for – Creating and Deleting Schema in SAP HANA Database Managing user and role in SAP HANA Database Monitoring and tracking of SAP HANA database Performing data backups Managing license Managing version Managing Audit Importing and Exporting content Maintaining Delivery Units
Object Privileges	Object Privileges are SQL privileges that are used to give authorization to read and modify database objects. To access database objects user needs object privileges on database objects or on the schema in which database object exists. Object privileges can be granted to catalog objects (table, view, etc.) or non-catalog objects (development objects). Object Privileges are as below – CREATE ANY UPDATE, INSERT, SELECT, DELETE, DROP, ALTER, EXECUTE INDEX, TRIGGER, DEBUG, REFERENCES
Analytic Privileges	Analytic Privileges are used to allow read access to data of SAP HANA Information model (attribute view, Analytic View, calculation View). This privilege is evaluated during query processing. Analytic Privileges grants different user access on different part of data in the Same information views based on user role. Analytic Privileges are used in SAP HANA database to provide row level data Control for individual users to see the data is in the same view.
Package Privileges	Package Privileges are used to provide authorization for actions on individual packages in SAP HANA Repository.
Application Privileges	Application Privileges are required in In SAP HANA Extended Application Services (SAP HANA XS) for access application. Application privileges are granted and revoked through the proceduresGRANT_APPLICATION_PRIVILEGE and REVOKE_APPLICATION_PRIVILEGE procedure in the _SYS_REPO schema.
Privileges on User	It is an SQL Privileges, which can grant by the user on own user. ATTACH DEBUGGER is the only privilege that can be granted to a user.