The system administration tasks that
can be performed using SAS Management Console affect the stability
of your servers, the integrity of your data and metadata, and the
performance of client applications. Therefore, it is important to
limit access to system administration tasks to only those users who:
-
have the necessary skills, background,
and knowledge
-
need to perform system administration
tasks in order to fulfill their job functions
The security model for
the SAS Intelligence Platform model enables you to control access
to system administration tasks by adding users to administrative roles,
adding users to groups, and granting permissions on metadata. If necessary,
you can change the capabilities that are assigned to a role. You can
also create new roles.
This chapter describes the group
memberships, role memberships, and other criteria that are required
for users to perform the system administration tasks that are documented
in this guide. Requirements are provided for two different approaches
to system administration:
centralized administration
means that a single
administrative user (or a small group of users) performs all administrative
functions for your SAS deployment, with no division of responsibility
delegated administration
means that various
types of administrative functions for your SAS deployment are divided
among different administrative users or groups of users
For some functions, the requirements are the same regardless
of whether you are using centralized or delegated administration.
The requirements in
this chapter reflect initial settings in a default installation. Role
definitions and group membership might be configured differently at
your site. For an in-depth description of the security model, or for
information about modifying the security structure, see the
SAS Intelligence Platform: Security Administration Guide.