Reviewing or Adjusting Repository-Level Controls

Which ACT is the Repository ACT?

If your site has multiple metadata repositories, you have multiple repository ACTs. Each repository has its own repository ACT, which is usually named Default ACT.
As an alternative to opening each ACT to determine which repository it belongs to, navigate to the ACT from within the Folders view.
  • ACTs for the foundation repository are located in the SAS Foldersthen selectSystemthen selectSecuritythen selectAccess Control Templates folder.
  • ACTs for a custom repository are located in the SAS Foldersthen selectcustom-repositorythen selectSystemthen selectSecuritythen selectAccess Control Templates folder.
Note: The repository ACT indictor is located at the bottom of the access-control-templatethen selectAuthorizationthen selectUsage tab.

Why Adjust the Repository-Level Controls?

CAUTION:
Altering the repository-level controls for service identities can prevent necessary access.
We recommend that you do not change these settings.
Here are some key points about working with repository-level controls for a foundation repository:
  • If you want some or all users to have default Read access to all data, grant the Read permission at the repository level.
  • If you want to experiment with changing repository-level access, we recommend that you create a new ACT and designate that ACT as the repository ACT (instead of modifying the original repository ACT).
  • All users need ReadMetadata and WriteMetadata access to the foundation repository. It is appropriate for the SASUSERS group to be granted these permissions in the pattern of the repository ACT.