Skip to Content
0
Former Member
May 26, 2016 at 08:50 AM

Reactivating SYSTEM user in SPS11 without another admin user

832 Views

We have been using an SPS11 instance for testing which has been going well up to the point we discovered that the SYSTEM returns "authentication failed"

We assumed that someone had accidentally changed the SYSTEM password so set out to reset the SYSTEM user using this method here: SAP HANA Academy - SAP HANA Security: Reset SYSTEM Password [SPS 09] - YouTube there is no video for SPS11 so I assume this is still correct, it looks like it works:

my-host1:/usr/sap/SM1/HDB31> exe/hdbindexserver -resetUserSystem

starting interactive mode for resetting user SYSTEM...

service startup...

accepting requests at 127.0.0.1:33103; 127.0.0.2:33103

assigning to volume 3 ...

run as transaction master

resetting of user SYSTEM - new password:

Passw0rd123

new pw accepted.

(re)activating user SYSTEM...

done

prepare for shutting service down...

preparing to shutdown...

stopping dynamic range partitioning

stopping federation statistics collection

stopping extended storage heartbeat thread

stopping LOBGarbageCollectorThread ''

stopping EPM ''

stopping Embedded Catalyst Services ''

stopping PlanningEngine ''

stopping SQL session service...

stopping SQL Plan cache...

stopping QueueServer...

stopping planviz...

stopping TRexApiSystem...

stopping executor...

DebuggingBackend shutdown...

CalculationEngineManager shutdown...

TaskManager shutdown...

TaskStatisticsManager shutdown...

CacheMgr shutdown...

Sampling Session Monitor shutdown...

GraphEngineMgr shutdown...

Invalidator shutdown...

RClient shutdown...

SAMLFactory shutdown...

VSI shutdown...

unassign all...

udivmgr shutdown...

close trace files...

PersistenceLayer shutdown...

joinengine shutdown...

prepared to shutdown.

Disabling signal handler...

Stopping self watchdog...

Stopping request dispatcher...

Stopping responder...

Stopping channel waiter...

Shutting service down...

libxml shutdown...

QueryMediator cleanup...

Stopping threads...

Stopping communication...

Deleting self watchdog...

Deleting request dispatcher...

Deleting responder...

Deleting service...

Deleting threads...

Deleting pools...

Deleting configuration...

Removing pidfile...

shutdown is completed.

However, this did not allow us access to the user still. After some digging we found that SPS11 locks the SYSTEM user after too many invalid connection attempts (Quite possible in a sand boxed development environment) if force_first_password_change is set to true (the default value), since we had not changed it we're now locked out.

We have no user with any admin permissions what so ever so can not unlock this user via HANA Studio.

After a little bit more staring at the screen we did notice that in the output it claims to activate the SYSTEM user:

new pw accepted.

(re)activating user SYSTEM...

done

This lead us to assume there was an internal issue with HANA and decided to try restarting the instance to see if it was a temporary issue, sadly this did not fix our authentication problems.

So at this point we're stuck, any help would be greatly appreciated!

Thanks