IT-Conductor SAP HANA Authorizations Requirement
For each HANA database including the SYSTEMDB that will be monitored, create a monitoring user with the following SQL
create user <Monitoring user> <Monitoring User Password> no force_first_password_change;
alter user <Monitoring user> DISABLE PASSWORD LIFETIME;
grant MONITORING to <Monitoring user>
Note:
Option 'no force_first_password_change' - the password does not need to be changed on the first time login
Option 'DISABLE PASSWORD LIFETIME' - this is considered as a 'technical user', hence it is exempted from changing the password as specified in the parameter 'maximum_password_lifetime'.
'ALTER USER <user> DISABLE PASSWORD LIFETIME'
To verify it has lifetime password
'SELECT USER_NAME, PASSWORD_CHANGE_TIME FROM USERS WHERE USER_NAME = '<user>';
It should have a NULL (>)
MONITORING Role (extract from Security Guide)
Note that for MDC (multi-tenant), the user should be created in the SYSTEMDB and for each tenant database that will be registered in IT-Conductor.
To list (SQL) port number for SYSTEMDB and tenant DBs, that will be used in registering,
select * from sys_databases.m_services
where sql_port <> 0;
HANA System Creation Wizard
- Dashboard → Administrator
- Add HANA System
- Fill out and choose the attributes of the HANA system. Choose Role, Gateway, and if applicable Site. The port will default to 3<System Number>15, override it if different, such as in Multi-tenant Database Container
- Click to move to the next step and Add the Account information as previously set up in the Account Requirement section, and again to complete adding the system
- HANA System discovery will take minutes depending on the complexity of the landscape: scale-out, DT, etc. and will show up in the main Dashboard's Service Health Grid under HANA Systems
0 Comments