HANA SYSTEM user can be locked for too many failed logon attempts (starting with Rev.102)
Today, I face a problem regarding to invalid username and password for DB system user whereas the password was never changed or forgot (not sure if somebody has input a wrong password several times before).
Background Information: Our HANA version: SPS 10 Rev.102.02
As I check with SAP HANA Administration Guide of SPS 10, it mentions that the SYSTEM user will not be locked regardless of the number of failed logon attempts in Number of Allowed Failed Logon Attempts. However, the user information page shows a warning like that the system user with status: suspicious Too many invalid connect attempts.
At that time, I had no idea about how to fix this situation but to try ALTER USER SYSTEM RESET CONNECT ATTEMPTS. The warning information of system user disappears and I successfully logon the system with the known password of user SYSTEM 😕 .
I take sometimes to search note regarding to the password of user SYSTEM, then get the following note 2251556 – SAP HANA SYSTEM user can now be locked for too many failed logon attempts and 2216869 – Security improvement of HANA authentication
Starting from SAP HANA Revision 102, the SYSTEM user can be locked if logon attempts fail for too many times, just like the other database users. 😥
1. ALTER USER SYSTEM RESET CONNECT ATTEMPTS (create a backup user with the “USER ADMIN” system privilege before)
2. Set parameter password_lock_for_system_user to false (Not recommended)
Hopes this blog will help to fix this kind of password problem.