PROC-X.com
An online (unofficial) SAS® journal – written by bloggers

Main menu

Skip to content
  • About
  • add your blog
  • Contact us
SAS

Self-Service Account/Login Management with the SAS Personal Login Manager

by Paul Homes • October 31, 2010 • Comments Off on Self-Service Account/Login Management with the SAS Personal Login Manager

This post was kindly contributed by platformadmin.com - go there to comment and to read the full post.

Recently I was talking to someone about how users can manage their own logins in metadata using the SAS Personal Login Manager client application. I wanted to show them what it looks like but, to my surprise, I couldn’t find any screenshots of it on the SAS support site, and I didn’t have an installation to hand.

If you are not familiar with it, the SAS Personal Login Manager provides a self-service facility for SAS platform users to manage any of their own accounts/logins (user id and password) stored in metadata. It is available for both SAS 9.1.3 and SAS 9.2. It’s particularly useful when users need to update any of their own passwords that have to be stored in metadata. Of course, as platform administrators we strive to limit the number of passwords stored in metadata, but sometimes it can’t be avoided and so, in those instances, we also need a way to allow users to manage them for themselves.

In most cases we can take advantage of cached credentials, SAS token authentication, and Integrated Windows Authentication (IWA) to help us provide transparent authentication for our users with no requirement for passwords to be stored in metadata. Unfortunately in some cases we need to have passwords in metadata though: providing transparent access to an Oracle database is one example. Of course, as soon as we have passwords stored in metadata they have to be maintained, and security policies often require those passwords to be changed on a regular basis.

As a platform administrator we can see the presence of saved credentials (except the password) for an individual by using the SAS Management Console User Manager Plug-in to review the user’s Accounts tab (in SAS 9.2) or Logins tab (in SAS 9.1.3). Here is a screenshot showing a demo user with his inbound (identifying) login and a few outbound logins used to provide access to other servers.

So for those passwords that have to be stored in metadata for individual users (as opposed to shared logins for groups), how do we go about allowing the users to update them when they need to be changed?

  • As administrators it is possible, but not recommended, for us to update the password on behalf of the user, but that would mean they would have to 1) tell us their password and 2) it would become a burden for us very quickly.
  • Alternatively we could allow users to manage their own logins by providing them with access to SAS Management Console. There are some downsides to this too. From a security perspective you might not want those users to have access to the SAS Management Console at all. With SAS 9.1.3 we rarely gave others access to SAS Management Console, but with the addition of roles and capabilities in SAS 9.2 we can now do so and limit their access (visibility) to the other plug-ins to make it more palatable. However, even with access to the SAS Management Console they will need to be able to navigate to the User Manager plug-in, find their own identity, bring up its properties dialog and find the appropriate tab. This sounds like a recipe for lots of support calls.
  • If your users have SAS Enterprise Guide available to them, it can also be used use to manage their accounts/logins stored in metadata.
  • If your users don’t or shouldn’t have access to SAS Management Console or SAS Enterprise Guide then this is where the SAS Personal Login Manager shines. It does one thing and one thing only – it lets people manage their own logins using a very simple interface. You might think of it as providing a user with direct access to the contents of their own Accounts tab (or Logins tab for SAS 9.1.3) from SAS Management Console.

Here is a screenshot of the initial view of the SAS Personal Login Manager application immediately after the demo user Nate has logged in. He sees all of his own accounts/logins and can add, remove and edit any of them. That’s it. Nice and simple.

The following is a screenshot of him changing the password for his Oracle login.

Whilst this application can be used for managing an individual users own accounts/logins it can’t be used for managing shared accounts/logins for groups. Those shared logins have to be managed from the SAS Management Console and so if you want to delegate the management of those accounts/logins to group administrators then they will need to have access to the SAS Management Console. In SAS 9.2 you can however limit access to the rest of SAS Management Console via roles and capabilities.

The SAS Personal Login Manager is a desktop application and so requires the client software to be installed on, or be accessible from, the individuals workstation. You might use something like Citrix, VMware ACE or automated software deployment to help manage this. I don’t know of any web based apps from SAS Institute that allow users to manage their own logins, but if you do then please let me know.

This post was kindly contributed by platformadmin.com - go there to comment and to read the full post.

Tags: Accounts/Logins Passwords SAS 9.1 SAS 9.2 SAS Management Console SAS Personal Login Manager SAS Software

Post navigation

← Of Cold Temperatures and Warm Hearts in Edmonton
NOTE: Enterprise Guide 4.1 Expires December 1st UNLESS… →

Popular Posts

  • SAS – Lowercase (lowcase) / Uppercase (upcase) / Proper Case (propcase)
  • How do I export from SAS to Excel files: Let me count the ways
  • How to Get Row Numbers in SAS Proc SQL (and DO NOT Use the Undocumented MONOTONIC Function)
  • How to convert the datetime character string to SAS datetime value? (ANYDTDTM and MDYAMPM formats)
  • Using SAS Enterprise Guide to run programs in batch
  • Clear the Results viewer in SAS 9.3

Welcome!

SAS-X.com offers news and tutorials about the various SAS® software packages, contributed by bloggers. You are welcome to subscribe to e-mail updates, or add your SAS-blog to the site.

Sponsors




Dear readers, proc-x is looking for sponsors who would be willing to support the site in exchange for banner ads in the right sidebar of the site. If you are interested, please e-mail me at: tal.galili@gmail.com

Contributors

  • AFHood Group Blog » SAS
  • Avocet Solutions
  • BI Notes
  • Blogging about all things SAS
  • BusinessKen
  • Computing from Out in Left Field
  • Data Steps
  • Enterprise Software Doesn’t Have to Suck
  • Gregor Gorjanc (gg)
  • Heuristic Andrew
  • Jared Prins’ Blog – SAS
  • Ken's SAS tricks
  • Michael @ Scorpio
  • Musings From an Outlier: The SAS Users Blog
  • NOTE: Development With SAS
  • Numbermonger » SAS
  • Peer Revue
  • Peter Flom blog (Statistical Analysis Consulting)
  • platformadmin.com
  • ProcRun;
  • SAS – BioStatMatt
  • SAS – Confounded by Confounding
  • SAS – From a Logical Point of View
  • SAS & Statistics
  • SAS | r4stats.com
  • SAS and R
  • SAS Learning Post
  • SAS Live!
  • Sas on Melinda Higgins, Ph.D
  • SAS Programming for Data Mining
  • SAS support site – SAS Users
  • SAS Users
  • SAS-BI Business Layers
  • SASopedia
  • SASTechies
  • Software & Service
  • Statistical Analysis Consulting
  • StudySAS Blog
  • The SAS Dummy

Recent Posts

  • Automatic cloning of SAS metadata user groups and roles
  • What is SAS Viya?
  • Understanding the _TYPE_ variable in output data sets
  • New certification alert: SAS® Certified Specialist: Administration of SAS® Viya®
  • SAS training: 5 free sessions technologists love
  • Creating a Microsoft Excel report using SAS, Python and SQL!
  • Decode your SAS® macro code with the MFILE and MPRINT options
  • ESM and S9CA: Useful Tools for Migration from SAS 9 to SAS Viya
  • CAS-Action! Advanced Frequency Tables – Part 4
  • CAS-Action! Grouping Frequency Tables – Part 3
  • Using SAS to score a test
  • CAS-Action! Saving Frequency Tables – Part 2
  • CAS-Action! Simple Frequency Tables – Part 1
  • CAS-Action! Rename Columns in a CAS Table
  • Details, details: Updates to The Little SAS Book

Copyright © 2023 PROC-X.com. All Rights Reserved. The Magazine Basic Theme by bavotasan.com.