Product	Release
SAS BI Server	4.2
SAS Metadata Server	9.2
SAS Data Integration Server	4.2
SAS Intelligence Storage
SAS Management Console	9.2
SAS Enterprise BI Server	4.2
SAS OLAP Server
SAS Enterprise Data Integration Server

Users, Groups, and Roles

Differences Between Roles and Groups

Roles and groups serve distinct purposes. You can't assign permissions to a role or capabilities to a group. Here are some additional distinctions:

The identity hierarchy is relevant for groups, but not for roles. If you are a member of a role, you have all of that role's capabilities, regardless of whether you are a direct member of that role and what your other memberships are.
You can deny a permission to a group, but you can't deny a capability to a role. Each role either provides or doesn't provide each capability. No role takes capabilities away from its members.
A group's permissions are not displayed as part of a group definition, but a role's capabilities are displayed as part of a role definition.
A group can be a member of another group, but a role cannot be a member of another role. Instead, one role can contribute its capabilities to another role.

	Role Definitions
	Main Administrative Roles
	How to Assign Capabilities to Roles

SAS(R) 9.2 Intelligence Platform: Security Administration Guide