Scribd
Upload
213 views2 pages

Changing The Default Password For Sap

The SAP* user is automatically created during SAP installation with a default password of 07061992. If the SAP* user is deleted from the database, SAP will recreate it with a password of PASS. To prevent automatic recreation of the SAP* user, a profile parameter can be set to deactivate its use and close this security hole.

Uploaded by

pal.sign
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
213 views2 pages

Changing The Default Password For Sap

The SAP* user is automatically created during SAP installation with a default password of 07061992. If the SAP* user is deleted from the database, SAP will recreate it with a password of PASS. To prevent automatic recreation of the SAP* user, a profile parameter can be set to deactivate its use and close this security hole.

Uploaded by

pal.sign
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 2

Changing the default password for sap* user

You are trying to change the password for sap* user, however when you go into su01
and enter sap* as the user name, the following message is displayed, user sap* does
not exist.
You can delete the SAP* user using ABAP code :Delete from usr02 where bname = 'SAP*' and mandt = '***';
Where '***' means your client no.
Then login to your client using password SAP* and password PASS
However, if you delete it, then it will automatically created once again with password
PASS
The userid, SAP*, is delivered with SAP and is available in clients 000 and 001 after
the initial installation. In these 2 clients, the default password is 07061992 (which is,
by the way, the initial date when R/3 came into being...). It is given the SAP_ALL
user profile and is assigned to the Super user group. When I say it is "delivered" with
SAP, I mean that the userid resides in the SAP database; there are actually rows in the
user tables used to define userids.
If you delete the userid, SAP*, from the database, SAP has this userid defined in its
kernel (the SAP executable code that sits at the operating system level, i.e.,
disp+work). When this situation exists, the password defined in the SAP code for
SAP* is PASS. This is necessary when you are performing client copies for example,
as the user information is copied at the end of the process. You can sign into the client
you are creating while a client copy is processing using SAP* with password PASS
(but you should have a good reason to do this - don't change anything while it's
running).
Anyway, if the SAP* userid is missing, you can sign in to the client you want and
simply define it using transaction SU01 and, as I stated above, assign it to the SUPER
user group and give it the SAP_ALL profile. You define its initial password at this
point. If you've forgotten its password and don't have a userid with sufficient
authorization to create/change/delete userid,
then you can use the SQL statements to delete it from the database and then you can
use SAP* with PASS to sign back into the client you want to define it in and recreate
it.

There is also a profile parameter which can override the use of SAP* with PASS to
close this security hole in SAP (login/no_automatic_user_sapstar). When this
parameter is defined either in your DEFAULT.PFL profile or the instance-specific
profile and is set to a value of '1', then the automatic use of SAP* is deactivated. The
only way to reactivate the kernel-defined SAP* userid at this point would be to stop
SAP, change this parameter to a value of 0 (zero), and then
restart SAP.
The default password for SAP* is 06071992. (DDIC has 19920706)

You might also like