SAP ASE Login Accounts

Each SAP ASE user must have a login account that is established by a system security officer.

Login accounts have a login name, unique on that server, and a password. A login profile is applied to a set of login accounts. Login profiles define login characteristics, such as default roles or the login script associated with each login bound to the profile.

Use sp_displaylogin to view information about your own SAP ASE login account.

Use groups to grant and revoke permissions to more than one user at a time within a database. For example, if everyone who works in the Sales department needs access to certain tables, all of those users can be put into a group called “sales.” The database owner can grant specific access permissions to that group rather than granting permissions individually. See, Manage SAP ASE Logins and Database Users, in the Security Administration Guide.

System security officers can use roles as a convenient way to grant and revoke server-wide permissions to several users simultaneously. For example, clerical staff may need to insert and select from tables in several databases, but they may not need to update them. A system security officer can define a role called “clerical_user_role” and grant the role to everyone in the clerical staff. Database object owners can then grant the required privileges to “clerical_user_role.” See, Create a User-Defined Role, in the Security Administration Guide.

You can execute stored procedures on a remote SAP ASE server using remote procedure calls if you have been granted access to the remote server and an appropriate database on that server. See, Managing Remote Servers, in the System Administration Guide: Volume 1.