Modifies password and encryption key values for a metadata-bound library.
Requirement: | The AUTHLIB MODIFY statement requires a connection to the target metadata server. For more requirements, see Requirements for Using the AUTHLIB Statements. |
Tip: | Each password and encryption key option must be coded on a separate line to ensure that they are properly blotted in the log. |
modifies a single password for a metadata-bound library.
modifies one of a maximum of three password values for a metadata-bound library.
modifies one of a maximum of three password values for a metadata-bound library.
modifies one of a maximum of three password values for a metadata-bound library.
specifies the encryption type.
specifies the SAS Proprietary algorithm.
specifies no encryption.
specifies Advanced Encryption Standard (AES) encryption and to record the key in metadata.
Requirement | ENCRYPTKEY= option is required if the library has AES encryption. |
See | Encrypted Data Set Considerations |
specifies a key value for AES encryption.
Requirement | ENCRYPTKEY= option is required if the library or a data file has AES encryption. |
Note | The encryption key value for all the data sets in a library can be stored in a metadata-bound library so that an authorized user does not have to supply the encryption key value every time a data set is opened. See Considerations for Data File Encryption. |
Tip | The ENCRYPTKEY= value is a passphrase that can be up to 64 characters long from which the actual AES encryption key is later derived, but it is referred to as the encryption key in most SAS documentation. |
See | Encrypted Data Set Considerations |
ENCRYPTKEY= Data Set Option in SAS Data Set Options: Reference |
name of the physical library that is metadata-bound.
If the LIBRARY= option is not specified, then the physical library from the AUTHLIB procedure is used.
Alias | LIB=, DDNAME=, DD= |
Restriction | The physical library specified cannot be a concatenated library, temporary library, or accessed through a SAS/SHARE server and must be processed by an engine that supports metadata-bound libraries. |
removes all retained metadata-bound library credentials if all tables in the library are successfully modified to the newer credentials.
Default | YES |
does not remove replaced metadata-bound library credentials even if all tables in the library were successfully modified.
See | Retaining and Purging Metadata-Bound Library Credentials |
specifies that all data sets in a metadata-bound library are automatically encrypted.
specifies that data sets in a metadata-bound library are not automatically encrypted.
See | Requiring Encryption for Metadata-Bound Data Sets |
specifies whether the MODIFY statement action is applied at the library level or just to the tables. If TABLESONLY=NO, then the action is applied to the library and data sets. If TABLESONLY=YES, then the action is applied only to the data sets.
Default | NO |
Tip | If you specify TABLESONLY=YES and a new password or encryption key value in the CREATE, MODIFY, or REMOVE statement, then the new password value or encryption key value is ignored. The current password or encryption key value is still required if the library is metadata-bound. |
/
in the MODIFY statement. For an example, see Changing Metadata-Bound Library Passwords.
ERROR: The secured library object information for library library-name
could not be obtained from the metadata server or has invalid data.
ERROR: Association not found.
ERROR: Error in the LIBNAME statement.
For an example, see Resetting Credentials on Imported SecuredLibrary Objects.MODIFY <LIBRARY=library-name>
If you want to modify the passwords or encryption options for a secured library object that is no longer bound to a physical library, then specify LIBRARY=_NONE_ with the
SECUREDLIBRARY= and SECUREDFOLDER= options to locate the secured library object.MODIFY <LIBRARY=_NONE_ SECUREDLIBRARY=secured-library-name> <SECUREDFOLDER=secured-folder-name>