If there are several SAP systems on the server(s), it is possible to perform the administration tasks separately using different groups. Assign the access rights appropriately for the files in the directory \usr\sap (to include sub-directories). You can distinguish between the administrators and groups by using the system IDs of the SAP systems (for example, sapsys<SAPSID1>, and sapsys<SAPSID2>). All administrators should have access to the two directories at the \usr\sap top level.
If there are several SAP systems installed on a single server, then an additional area of shared memory exists. This memory is created by saposcol and is used jointly by the OS Collector and all SAP systems. Therefore, give full control access rights to the sapsys<SAPSIDx> groups for the executable file saposcol. To avoid access conflicts here, start saposcol before starting the first SAP system.