SAS is able to provide
authentication of a user through the use of many authentication providers.
The AUTHPROVIDERDOMAIN= system option associates a domain suffix with
an authentication provider. This association enables the SAS server
to choose the authentication provider by the domain name that is presented.
When a domain suffix
is not specified or the domain suffix is unknown, authentication is
performed on the user ID and password by the host operating system.
Parenthesis are required
when you specify more than one set of
provider
: domain pairs.
The maximum length for
the AUTHPROVIDERDOMAIN option value is 1,024 characters.
To use the Microsoft
Active Directory or LDAP authentication providers, these environment
variables must be set in the server or spawner startup script:
-
Microsoft Active Directory Server:
-
AD_PORT=
Microsoft
Active Directory port number
-
AD_HOST=
Microsoft
Active Directory host name
-
-
LDAP_PORT=
LDAP
port number
-
LDAP_BASE=
base
distinguished name
-
-
LDAP Server for users connecting
with a user ID instead of a distinguished name (DN):
-
LDAP_PRIV_DN=
privileged DN that is allowed to search for users
-
LDAP_PRIV_PW=
LDAP_PRIV_DN password
Note: If the LDAP server allows
anonymous binds, then LDAP_PRIV_DN and LDAP_PRIV_PW are not required.
In addition to setting
these environment variables, you can set the LDAP_IDATTR environment
variable to the name of the person-entry LDAP attribute that stores
the user ID if the attribute does not contain the default value of
uid
.