|Users, Groups, and Roles|
To enable someone to alternately function as an administrator and as a nonadministrator, create two user definitions for that person as follows:
One definition is based on an internal account and is a member of the SAS Administrators group. See Add Administrators.
The other definition is based on an external account and is not a member of the SAS Administrators group. See Add Regular Users.
Dual users log on with their internal account when they need administrative privileges and with their external account the rest of the time.
Note: The only way to make someone a dual user is to give that person two user definitions, each based on a different account. You can't create a dual user by adding a login to a definition that already has an internal account or by adding two logins to one definition.
Note: Dual users should use a dedicated client-side connection profile for their internal account. In that profile, the user should leave the Authentication Domain field blank. This optimizes credential reuse.