I recently installed a local copy of SAS Viya 4 (2021.1.2) in our Kubernetes lab environment and was trying to configure it to work with a test AD server, Windows 2012 R2. The AD server had been configured to only allow TLS (LDAPS) connections and so a…
Tag: Active Directory
Metacoda Identity Sync and Microsoft Security Advisory ADV190023
Those of you who use Metacoda Identity Sync may have already heard about Microsoft Security Advisory ADV190023. You may have heard about it from Stuart Rogers’ post on SAS Communities: SAS Viya The Importance of LDAP Encryption. Stuart’s ar…
Auto Creation of Linux Home Directories for SAS Users
In a previous post I’ve described a method for configuring Active Directory Authentication for SAS® on Linux (with realmd). One of the packages that’s installed is oddjob-mkhomedir. This package normally handles any requirement for auto-creating home directories for those AD users on Linux. Unfortunately it doesn’t seem to get used by the SAS Object Spawner. … Continue reading “Auto Creation of Linux Home Directories for SAS Users”
Identity Sync: Finding Your Keys
Using the Metacoda Identity Sync Plug-in with a new SAS installation is easy. All of the defaults are based on common practices for synchronizing Active Directory users and groups with a SAS metadata server. Using the plug-in with an existing installation, where users and groups have already been synchronized using custom code, takes a little […]
Identity Sync: Multiple Active Directory Domains (Single Forest)
Recently I’ve been working on using the Metacoda Identity Sync Plug-in to synchronize SAS platform identities (users and groups) with their counterparts from multiple Microsoft Active Directory (AD) Domains contained within a single Forest. In a future post I’ll talk about extending this to multiple domains from multiple trusted forests. In the recent Metacoda Plug-ins […]
Active Directory Authentication for SAS on Linux (with realmd)
This is another post in the series about configuring a SAS platform on Linux to use Integrated Windows Authentication (IWA), in this post I’m going to jot down some notes on steps 1-7 – configuring the Linux server for Active Directory (AD) Authentication. Some time has passed since I wrote the original post, and a […]
Synchronizing SAS Platform Identities
I’ve been spending lots of time lately on SAS® platform identity synchronizations. I’m fairly confident that I’ve done more Microsoft Active Directory (AD) to SAS Metadata Server synchronizations in the past few weeks, than I’ve done in my entire career working with SAS software! The reason for this is that we’ve been doing lots of […]
Config Notes: SAS Mid-Tier (Linux) IWA with Fallback
Continuing on the theme of configuring a SAS 9.4 M2 platform on Linux to use Integrated Windows Authentication (IWA), in this post I’m going to jot down some notes on steps 12-15 – configuring the SAS mid-tier on a Linux server for IWA with fallback to form-based authentication (when IWA is not available). This includes […]