SAP Knowledge Base Article - Preview

3353786 - User with system privilege ROLE ADMIN unable to revoke runtime role assigned by another user.


As per the guide page below, any user with ROLE ADMIN capable to revoke runtime roles granted by other users. 

Prerequisites for Granting and Revoking Privileges and Roles

A role created in runtime
  • To be the user who granted the role, or
  • The system privilege ROLE ADMIN

    With the exception of roles granted by technical user _SYS_REPO, a user with ROLE ADMIN cannot revoke roles granted by technical users SYS and _SYS*.



  • HANA platform edition 1.0 & 2.0 +
  • HANA Cloud 1.0


SAP HANA 1.0, platform edition ; SAP HANA Cloud 1.0 ; SAP HANA, platform edition 2.0


Revoke, runtime role, ROLE ADMIN, system privilege, repository role , KBA , HAN-DB-SEC , SAP HANA Security & User Management , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.