CAUTION:
Repairing
a metadata-bound library is an advanced task.
Make sure you have
a current backup (of both metadata and physical data) before you use
this statement.
The REPAIR statement
is a preproduction feature, which means it is a preliminary release
of software that has not completed full development and testing. Because
it has not been fully tested, preproduction software should be used
with care. After final testing is completed, preproduction software
is likely to be offered in a future release as a production-quality
component or product.
Use the REPAIR statement
to restore metadata-bound library security information or metadata
objects that are inadvertently deleted. The administrator can carefully
use the REPAIR statement to make some repairs to inconsistencies reported
by the REPORT statement. If there are a significant number of groupings
in the REPORT listing, it might be more advisable to do the following:
-
Create a new operating system directory and metadata-bound
library, and then use SAS Management Console to set appropriate default
library permissions for the new secured library object.
-
Access the current library with the AUTHADMIN=YES,
AUTHPW= or AUTHALTER=, AUTHWRITE=, and AUTHREAD= options in the LIBNAME
statement.
-
Use the SAS COPY procedure to copy the SAS data sets
to the new library. Use CONSTRAINT=YES if any data sets have referential
integrity constraints. Use SAS Management Console to set any permissions
on the secured table objects that differ from those inherited from
the secured library object. The following is an example of using the
COPY procedure.
Metadata-bound library
ABCDE also has data sets EMPLOYEES, EMPINFO, and PRODUCT. The REPORT
statement has shown some inconsistencies between the physical library
contents and the corresponding metadata objects. This is an example
of a way to resolve these differences.
libname klmno "c:\lib2";
proc authlib lib=klmno;
create securedfolder="Department XYZZY"
securedlibrary="KLMNOEmps"
pw=password;
run;
quit;
libname abcde "c:\mylib"
AUTHADMIN=yes
AUTHPW=password;
proc copy in=abcde out=klmno ;run;
Using PROC COPY to Resolve Differences
88 proc copy in=abcde out=klmno ;run;
NOTE: Copying ABCDE.EMPINFO to KLMNO.EMPINFO (memtype=DATA).
NOTE: Data set ABCDE.EMPINFO.DATA has secured table object location information, but the
secured library object location information that it contains:
SecuredFolder: /System/Secured Libraries/Department XYZZY
SecuredLibrary: ABCDEEmps
SecuredLibraryGUID: 38C24AF4-9CF5-458B-8389-52092307007E
is different from the registered location for the library ABCDE:
SecuredFolder:
SecuredLibrary:
SecuredLibraryGUID:
The data set might have been copied to this directory with a host copy utility.
NOTE: Permissions are obtained from the secured table and the secured library objects that are
referenced in the header of the metadata-bound table.
NOTE: Metadata-bound library permissions are used for KLMNO.EMPINFO.DATA.
NOTE: Successfully added new secured table object "EMPINFO.DATA" to the secured library object
at path "/System/Secured Libraries/Department XYZZY/KLMNOEmps" for data set
KLMNO.EMPINFO.DATA.
NOTE: There were 5 observations read from the data set ABCDE.EMPINFO.
NOTE: The data set KLMNO.EMPINFO has 5 observations and 6 variables.
NOTE: Copying ABCDE.EMPLOYEES to KLMNO.EMPLOYEES (memtype=DATA).
NOTE: Data set ABCDE.EMPLOYEES.DATA has secured table object location information, but the
secured library object location information that it contains:
SecuredFolder: /System/Secured Libraries/Department XYZZY
SecuredLibrary: ABCDEEmps
SecuredLibraryGUID: 38C24AF4-9CF5-458B-8389-52092307007E
is different from the registered location for the library ABCDE:
SecuredFolder:
SecuredLibrary:
SecuredLibraryGUID:
The data set might have been copied to this directory with a host copy utility.
NOTE: Permissions are obtained from the secured table and the secured library objects that are
referenced in the header of the metadata-bound table.
NOTE: Metadata-bound library permissions are used for KLMNO.EMPLOYEES.DATA.
NOTE: Successfully added new secured table object "EMPLOYEES.DATA" to the secured library
object at path "/System/Secured Libraries/Department XYZZY/KLMNOEmps" for data set
KLMNO.EMPLOYEES.DATA.
NOTE: There were 5 observations read from the data set ABCDE.EMPLOYEES.
NOTE: The data set KLMNO.EMPLOYEES has 5 observations and 6 variables.
NOTE: Copying ABCDE.PRODUCT to KLMNO.PRODUCT (memtype=DATA).
NOTE: Data set ABCDE.PRODUCT.DATA has secured table object location information, but the
secured library object location information that it contains:
SecuredFolder: /System/Secured Libraries/Department XYZZY
SecuredLibrary: ABCDEEmps
SecuredLibraryGUID: 38C24AF4-9CF5-458B-8389-52092307007E
is different from the registered location for the library ABCDE:
SecuredFolder:
SecuredLibrary:
SecuredLibraryGUID:
The data set might have been copied to this directory with a host copy utility.
NOTE: Permissions are obtained from the secured table and the secured library objects that are
referenced in the header of the metadata-bound table.
NOTE: Metadata-bound library permissions are used for KLMNO.PRODUCT.DATA.
NOTE: Successfully added new secured table object "PRODUCT.DATA" to the secured library object
at path "/System/Secured Libraries/Department XYZZY/KLMNOEmps" for data set
KLMNO.PRODUCT.DATA.
NOTE: There were 5 observations read from the data set ABCDE.PRODUCT.
NOTE: The data set KLMNO.PRODUCT has 5 observations and 2 variables.
NOTE: PROCEDURE COPY used (Total process time):
real time 0.14 seconds
cpu time 0.04 seconds
When using the REPAIR
statement, one of the ADD, UPDATE, or DELETE actions must be specified.
LOCATION, METADATA, or both are used to clarify if the action is to
apply to the metadata security information in the file system, to
the metadata objects in the SAS Metadata Server, or to both.
One or more TABLES statements
can follow the REPAIR statement to perform the same action on the
specified data sets. An implicit Tables _ALL_ is used if no TABLES
statement follows the REPAIR statement.
Inconsistencies between
the metadata security information stored in the operating system files
and the secured library object in the SAS Metadata Server that need
repair can prevent the assignment of a LIBNAME statement to the physical
library. The administrator that owns the physical library and knows
the metadata-bound library passwords can perform a library assignment
and repair the data by adding the AUTHADMIN=YES option to the LIBNAME
statement. Best practice is to use the AUTHADMIN=YES option when performing
any REPAIR actions.
CAUTION:
If you
lose the password (or passwords) for a metadata-bound library, you
cannot unbind the library or change its passwords.
Be sure to keep track
of passwords that you assign in the CREATE and MODIFY statements.