Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
dvankempen
Product and Topic Expert
Product and Topic Expert








LATEST UPDATE: December, 2020 =========================================

For the latest information, visit our blog post series about SAP HANA certification:

For the SAP Press Certification Success Guide, see

For the blog post, see



Introduction


This blog is part of a series to help you pass the SAP Certified Technology Associate - SAP HANA 2.0 certification exam, C_HANATEC_13.

For an overview of the exam, see

For the sample questions, see

Topic Areas


There are 10 topic areas and you can expect about 8 questions for each topic.

In this blog, I will discuss the Users and Authorization topic.

On the SAP Training website for C_HANATEC_13, the exam objective for this topic is stated:
Describe the SAP HANA authorization concept, 
the SAP HANA database repository,
understand the roles and privileges concept.
Set up authorization traces.

Study Material


The study material for this topic is the training



 

The Maintaining Users and Authorization chapter in the HA200 guide covers authorization, privileges, roles and administrative tasks (about 75 pages).

The training guide for HA240 covers this as well in some more detail plus the repository, tracing, and some miscellaneous topics (300 pages).

You can download the index of both guides from the SAP Training website (see links above) in case you want to note the objectives of each unit.

These topics are also addressed in the following SAP HANA guides:

What's New?


The focus will be on the new SAP HANA 2.0 features, so if you are new to this version you might be interested to view the What's New videos first:

Note that C_HANATEC_13 covers SAP HANA 2.0 SPS 00 only. C_HANATEC_14 will cover SPS 02.


Authorization


For this topic, you need to understand

  • the authorization framework: user, roles, and privileges and how they relate

  • what user management tasks there are, the tools you can use and how this works in a multi-tenant database

  • what user groups are

  • the different user types: how to convert a restricted user into a standard one

  • how to enable cross-tenant database access

  • the default SAP HANA users and roles created during installation and best practices for their usage

  • the different access channels (protocols) of SAP HANA clients


For the concepts, you can study the following chapters of the Security Guide

For the activities, you need to consult the Administration Guide or the relevant SAP HANA Developer Guide (there is one for SAP HANA studio and the SAP HANA Web-based Development Workbench for XS classic, and one for the SAP Web IDE for SAP HANA for XS Advanced)

It should not come as a surprise that MDC has made its way to this topic area. Make sure you are familiar with remote identities, for example

There are also a number of tutorial videos about these topics on the SAP HANA Academy

For the full playlist, see

 

https://youtu.be/w6VlgxDyp1E

SAP HANA Academy - Configure Cross-Tenant Database Access

https://youtu.be/Ke0hMp7tDDs?list=PLkzo92owKnVzSGq6vtFC_LWSxwLhZXIHS

SAP HANA Academy - Documentation: Security - Users in SAP HANA

https://youtu.be/cGTGeOyA9pA?list=PLkzo92owKnVzSGq6vtFC_LWSxwLhZXIHS

SAP HANA Academy - Documentation: Security - Database User Types

https://youtu.be/tipPI4ielVs?list=PLkzo92owKnVzSGq6vtFC_LWSxwLhZXIHS

SAP HANA Academy - Documentation: Security - Multitenant Database Containers

Privileges


One of the key components in the authorization concept are privileges. You are not expected the know all the system privileges by heart but knowing the most important ones, see



SAP HANA Academy - Documentation: Security - Analytic Privileges I

https://youtu.be/81Z8lIkfoT8?list=PLkzo92owKnVzSGq6vtFC_LWSxwLhZXIHS

SAP HANA Academy - Documentation: Security - Analytic Privileges II

Roles


The third pillar in the authorization concept, next to users and privileges, are roles.

You need to know the different types of roles (runtime, repository) and the default roles including SAP_INTERNAL_HANA_SUPPORT, see

As the SAP HANA repository has been deprecated for the SAP HANA 2.0 SPS 02 release, you might be surprised to get questions about repository roles (XS classic) and not about XS Advanced.

 

https://youtu.be/ah7AspicX8o?list=PLkzo92owKnVzSGq6vtFC_LWSxwLhZXIHS

SAP HANA Academy - Documentation: Security - SAP HANA Roles Explained I

https://youtu.be/_D27iPdVrvo?list=PLkzo92owKnVzSGq6vtFC_LWSxwLhZXIHS

SAP HANA Academy - Documentation: Security - SAP HANA Roles Explained II

https://youtu.be/Wv6YH3ft9XM

SAP HANA Academy - SAP HANA Security: Repository Role Editor

https://youtu.be/o9PIeDKPFbE

SAP HANA Academy - Monitoring SAP HANA: Monitoring Role

https://youtu.be/yQqTGkQFp7M

SAP HANA Academy - Security: SAP_INTERNAL_HANA_SUPPORT

Administration Tasks


Part of this topic is also the most common user management tasks, like deactivating users (for example SYSTEM) and the configuration of a password policy (and blacklist), how to find out what roles and privileges a user has, and how to work with the dependency viewer. For this see

You might also find the following blog of use

 

https://youtu.be/hZqi3KHYsTQ

SAP HANA Academy - SAP HANA Express: Security - Password Policy 

https://youtu.be/rdHld25zfu8?list=PLkzo92owKnVy6nOZMFZIZxcvBCoRdshsR

SAP HANA Academy - SAP HANA Express: Security - Reset SYSTEM user password

https://youtu.be/4ZMfLHgOJXU

SAP HANA Academy - Documentation: Security - Object Ownership in the SAP HANA database I

https://youtu.be/FZI84ggvT-A

SAP HANA Academy - Documentation: Security - Object Ownership in the SAP HANA database II

References


SAP HANA Academy Playlists



SAP HANA Community Blogs



SAP Help Portal (Documentation)



SAP Training



Thank you for watching


The SAP HANA Academy provides technical enablement, implementation and adoption support for customers and partners with 1000’s of free tutorial videos.

For the full library, see SAP HANA Academy Library - by the SAP HANA Academy

For the full list of blogs, see Blog Posts – by the SAP HANA Academy