Reset the SYSTEM User’s Password in HANA DB
Overview
If the SYSTEM user’s password is lost, you can reset it as the operating system administrator by starting the index server in emergency mode. If your HANA DB is Multitenant, this process will not work. My HANA DB revision was 102.04
Prerequisites
You have the credentials of the operating system administrator (<sid>adm).
Procedure
Step1: Log on to the server on which the master index server is running as the operating system user (that is, <sid>adm user).
Step2: Open a command line interface.
Step3: Shut down the instance by executing the following command:
/usr/sap/<SID>/HDB<instance>/exe/sapcontrol -nr <instance> -function StopSystem HDB
Step4: In a new session, start the name server by executing the following commands:
/usr/sap/<SID>/HDB<instance>/hdbenv.sh
/usr/sap/<SID>/HDB<instance>/exe/hdbnameserver
This will stay hanged state…
Step5: In a new session, start the compile server by executing the following commands:
/usr/sap/<SID>/HDB<instance>/hdbenv.sh
/usr/sap/<SID>/HDB<instance>/exe/hdbcompileserver
This will stay hanged state…
Step6: In a new session, start the index server by executing the following commands:
/usr/sap/<SID>/HDB<instance>/hdbenv.sh
/usr/sap/<SID>/HDB<instance>/exe/hdbindexserver -resetUserSystem
The following prompt appears: resetting of user SYSTEM – <<<new password>>>
Step7: Enter a new password for the SYSTEM user.
You must enter a password that complies with the password policy configured for the system.
The password for the SYSTEM user is reset and the index server stops.
Step8: In the terminals in which they are running, end the name server and compile server processes by pressing CTRL+C.
Step9: In a new session, start the instance by executing the following command:
/usr/sap/<SID>/HDB<instance>/exe/sapcontrol -nr <instance> -function StartSystem HDB
Note:
In a scale-out system, you only need to execute the commands on the master index server.
Results
The SYSTEM user’s password is reset. You do not have to change this new password the next time you log on with this user regardless of your password policy configuration.
Hi Pallab.
Thanks for sharing.
Let me just add something. SYSTEM user should not be used frequently in Prod Systems.
As the most powerful database user, SYSTEM is not intended for use in production systems. Use it to create lesser privileged users for particular purposes and then deactivate it.
It is highly recommended that you do not use SYSTEM for day-to-day activities in production systems. Instead, use it to create database users with the minimum privilege set required for their duties (for example, user administration, system administration). Then deactivate SYSTEM.
Source: SAP_HANA_SECURITY_GUIDE.
Regards.
Osvaldo Dias Ferreira
Thanks - You are absolutely correct!
HI Pallab,
Well explained. I have a scaleout env and i want to know where is mater index server running from OS level, How do i find it. Thanks.
This process no longer works
Is there a work around
Bob
Yes Bob, you are right the process is defined for single container hana box. Me too looking out for multi container box as I am facing the similar issue.
Hi All,
I have installed the SAP HANA 2.0, express edition Virtual Edition and my goal is to execute the command
so I can install the SAP HANA External Machine Learning Library.
I followed the steps above and the final command /exe/hdbindexserver -resetUserSystem
complains that
Does this only occur in the Express Edition ?
Thanks
Steve
I have reset the password as per above procedure. I was able to login only once but it now again says "invalid username or password" when trying to login using HANA Studio.
Hello
Did you update the password of SYSTEM user in Hana Studio after resetting it in Hana?
Emmanuel
Thanks the issue has been resolved. I have reset the password with above mentioned procedure and I was able to reinstall the server tools.
Thanks.