• USA : +1 973 910 5725
  • INDIA: +91 905 291 3388
  • info@tekslate.com
  • Login

Security in SAP HANA


In this we need to provide different activities for different users.

User management

Types of users

There are three types of uses:

Business users

view results of business modeling

use client tools


Define business models

use the information modeler of SAP HANA Studio


  • Manage SAP HANA Data base
  • Use the administration console of SAP HANA STUDIO


To liable to log on to the system, users have to be authenticated currently there are two authentication types:

Database – internal authentication with user name and password.

External authentication via a third – party authentication provider

Internal Authentication

Users are created is SAP HANA database only

Authentication is handled by SAP HANA database via username / Password combination

Using External User Repositions for Authentications:

SAP HANA database supports mapping of users created in SAP HANA database to external users via the Microsoft windows active directory or the MIT kerberos network authentication protocol

These core tutorials will help you to learn the Security in SAP HANA. For an in-depth understanding and practical 
experience, explore SAP HANA Training in Hyderabad.

AS the preconditions, you have installed the relevant kereberos clients software  form your operating system software package and SAPHANA database has been configured accordingly

The users stored in the Microsoft active directory or the MIT Kereberos key distribution center can then be mapped to database users in SAP HANA data box . For that purpose, specify the user principle Name (UPN) as the external ID when creating the database user


SAP HANA database provides its own authorization Service:

All authorizations on data all handled in SAP HANA data box

The user with which you log on to the system determines which database objects you on acumen and modify

Users can only perform operations for which they have been granted privileges


There are two default users created during installation, which have a fixed set of privileges each by default

User can have the following types of privileges

Privileges that were directly granted to them (“Direct privileges”.)

Privileges that were granted to notes that they belongs to ( inherited privileges)

User provisioning

Users and roles are defined in side SAP HANA DB Using HANA STUDIO

Read & Role Hierarchy

Users and their assignments to roles

Creating Roles

ROLE – ADMIN Privileges is required to create roles a newly created role is initially empt.,

The new rde name must be different from any other existing role or user name existing role or user name


  1. Select Authorization in the Navigator
  2. In the context menu select new  Role
  3. Create A “Role”

Role name:- Enter the role name


Define whether the role should be available internally o globally : enter the global ID, which specifies the external role name for the global user, it is possible to grant other roles (Granted roles or privileges (SQL. Privileges, Analytical Privileges, system privileges) to the role.

To allow the user of this to pass on privileges to their users mark the grant option

Choose deploy to create the role

Changing Roles

You can change the Role properties:


Select Authorization Role in the together

Select the role

In the context menu select open

Change the role

You can change the Global ID ( invisibility  is GLOBAL)

You can grant other roles (Granted Roles) or privileges (SQL – Privileges, analytical privileges, system privileges) to a role or other them.

You can change the grant option which allows the user to parts on his privileges to other user when set

Choose deploy to save the chooses

Creating users

We (You) can create users specify a user name, which is not identical to the name of an existing user or role


Select authorization in the navigator

In the context menu, select New User

Create the user

User name: Enter the user name

Authentication: Define whether the user authentication should be carried out intimation or externally for internal Authentication: Enter and conform a password.

External Authentication: Enter the external ID specified in active directory for the user.

You can grant roles (Granted Roles) and/or privileges (SQL privileges, analytical privileges, system privileges) to the user to allow the user to pass on his privileges to other users, mark the grant option

Choose Deploy to crate

Changing Users

We can change user properties of example password, roles and privilege


Select Authorization  users in the navigation

Select the User

In the context menu select open and expend the upper section using the arrow in the upper right corner

Change the user

Password: We can change the password if authentication in Internal , on the external ID if the authorization in External

Roles and privileges:

We can grant roles and Revoke and/or privileges

(SQL privileges, analytical privileges, system privileges) to the user

Grant Option: We can change the Grant option which allows the user to pass on his privileges to other user when set

Deleting Roles


Select Authorization                       Role in the Navigation

Select the role

In the context menu, select delete

Deleting Users


Select Authorization                      User in the navigator

Select the user

In the contest menu, select delete.

For an Indepth knowledge on SAP HANA, click on below

Review Date
Reviewed Item
Security in SAP HANA
Author Rating

“At TekSlate, we are trying to create high quality tutorials and articles, if you think any information is incorrect or want to add anything to the article, please feel free to get in touch with us at info@tekslate.com, we will update the article in 24 hours.”

0 Responses on Security in SAP HANA"

    Leave a Message

    Your email address will not be published. Required fields are marked *

    Site Disclaimer, Copyright © 2016 - All Rights Reserved.


    Please leave a message and we'll get back to you soon.

    I agree to be contacted via e-mail.