Skip to Content
Technical Articles
Author's profile photo Michael Devine

Simplified Authorization Troubleshooting in SAP HANA

Are you getting authorization errors on an SAP HANA Database with version 2.00 SP04 or higher?

  • Yes? Then read on.
  • No? Then please use this guide to solve authorization issues.

Now there is a new, simplified way to analyze authorization errors. A new error message is presented when the user does not have the required permission to run the operation.

When performing an operation or querying a view without the necessary privilege you will receive the following error:


[258]: insufficient privilege: Detailed info for this error can be found with guid ‘<some GUID>’


SOLVE the error

1. Determine if the command is executed on the SYSTEM Database or a Tenant Database.

2. Log to the corresponding SYSTEM Database or Tenant Database with a user that has EXECUTE object privilege on procedure GET_INSUFFICIENT_PRIVILEGE_ERROR_DETAILS. (GRANT EXECUTE ON GET_INSUFFICIENT_PRIVILEGE_ERROR_DETAILS to <db_user>).

3. Execute this command:



For example, with GUID 6D5E848AF9C6E049BE2EEF2E134AE1E1 the command is:



4. The result will present the name of the missing privilege and the database user which is missing the privilege.

B7874469081CB649A35CB7D514105DFC;Mar 28, 2021 10:59:52.278 AM;348,254;DEVINEM;DEVINEM;SELECT;FALSE;FALSE;AB1;_SYS_REPO;EMPLOYEE_NAME;TABLE


I made it more readable below.

The output tells a story. Here user DEVINEM is missing the object privilege SELECT for table _SYS_REPO.EMPLOYEE_NAME.

Here is another example:



Again, made more readable looks like this:


User DEVINEM is missing the object privilege SELECT with option ‘grantable to others’ for table DATA_BANK.SECURITY_BASE.


5. Assign the missing privilege to the Database user. See GRANT Statement (Access Control).



  • The retention time might have expired. The information associated with the GUID is stored by default for 144 hours. If the retention time has expired then recreate the issue and obtain a new GUID.
indexserver.ini -> [authorization] -> insufficient_privilege_error_details_retain_duration = 144
  • You executed the command on the wrong database, SYSTEM Database instead of the Tenant or Tenant instead of SYSTEM Database etc.



At this point the correct privilege has been identified and assigned to the user. Now the user is free to proceed with their operation or preview.


MORE information: 


Assigned Tags

      1 Comment
      You must be Logged on to comment or reply to a post.
      Author's profile photo Axel Utz
      Axel Utz

      There is also a SAP Note showing an example about how to solve such an authorization issue:

      3038175 - Error: (dberror) [258]: insufficient privilege: Detailed info for this error can be found with guid