Administrators would then organize these by the Authentication Domain definition in SAS Management Console. The 'DefaultAuth' is the initial account used (unless otherwise specified in the metadata) and typically is setup for a network domain account (such as a user account in Active Directory). Other authentication domain that might be required? (These names can be changed for your use, just be consistent when applying to the component requiring this security.)
- 'OraAuth' for an Oracle Library Connection ~ which might use a UNIX account where Oracle is estabilished
- 'DataSrvAuth' for a test data machine ~ which might use host authentication
- 'SQLAuth' to access SQL ~ which could have specific SQL accounts
- SAS authenticates them to the metadata server with the account created for the 'DefaultAuth'
- SAS determines whether they have the 'readmetadata' authority on the Oracle Library
- SAS authenticates them into the Oracle Library using the 'OraAuth' authentication domain account
When a Library is PREASSIGNED in the SAS Metadata Server, this means that on start up of the SAS services (ie. Object Spawner), SAS uses a single account to connect to the library. This connection stays open for the duration and no authentication is being passed to the library. The authentication is only handled by the SAS Metadata Server.
Reference on Preassigning Libraries: http://support.sas.com/documentation/cdl/en/bisecag/61133/HTML/default/a003263450.htm
Posts
0 comments:
Post a Comment