Configure Users Authenticated by Kerberos for Publishing Models

To use Kerberos authentication, each SAS Model Manager user must have a valid Kerberos ticket to access SAS Model Manager. Users who are configured to use single sign-on web authentication by Kerberos for Teradata or Hadoop must also perform additional post-installation configuration steps so that they can publish models to a Teradata or a Hadoop Distributed File System (HDFS) from SAS Model Manager:
You must also configure your deployment to use single sign-on web authentication by Kerberos for Teradata or Hadoop.
  1. Edit the setenv file for your operating environment.
    Environment
    File
    Directory
    UNIX
    setenv.sh
    /SAS-configuration-directory/Levn/Web/WebAppServer/SASServer11_1/bin
    Windows
    setenv.bat
    \SAS-configuration-directory\Levn\Web\WebAppServer\SASServer11_1\bin
    Add the following options to the JVM_OPTS line: 
    -Dmm.kerberized.hadoop=on
-Dmm.kerberized.teradata=on
    Note: You can enable one or both options.
  2. In Windows environments, edit the wrapper.conf file in the \SAS-configuration-directory\Levn\Web\WebAppServer\SASServer11_1\conf directory.
    Add the following lines in the Java Additional Parameters section: 
    wrapper.java.additional.n=-Dmm.kerberized.hadoop=on
wrapper.java.additional.n=-Dmm.kerberized.teradata=on
    The number n is the next number in the sequence of the wrapper parameters.
    Note: You can enable one or both options.
  3. Restart SASServer11.
    Note: The option is needed only on SASServer11; it is not needed on SASServer7.
Copyright © SAS Institute Inc. All Rights Reserved.
Last updated: June 8, 2017