To increase the security of database connections, SAP Kernel 7.20 Patch Level 100, introduces a new method for the secure saving of the SAP database user or SAP database password. This method stores data for connection to the database in so-called SSFS (Secure Storage in FileSystem). For more information, see SAP Notes: 1622837, 1639578 and 1764043.
To activate SSFS please use the following steps:
Create the appropriate folder: /oracle/SID/security/rsecssfs/data and /oracle/SID/security/rsecssfs/key
Check or create the user brt$adm in the database:
SQL> create user brt$adm identified by <your password>
SQL> grant sapdba, sysdba, sysoper to brt$adm;
The initial password shall be changed to the actual password using brconnect…
In the following scenario, we’ll focus on changing the instance name (SID). The data of the SAP Java test instance will be replaced with data from the production system. The database refresh process itself will be the subject of a separate article.
At this moment, we will focus on the steps that should be taken after such a refresh of the database, on the server where we have the JAVA instance running. Let’s assume that:
test Java instance name is “TST”, host: test01, instance numbers: J47 and SCS46;
the name of the production JAVA instance is “PRD”, host: prod01, instance numbers J47 and SCS46;
before refreshing, the TST system was embedded on NetWeaver 7.4, while the production system was already in NetWeaver 7.5;
the TST instance has been overwritten with data from the PRD system.