Password Manager

Overview of the Password Manager

If you open the Password Manager in the SAS Management Console window when no server connection exists, the display resembles the following:

View of the SAS Management Console with the SPD Server Password Manager Selected

There are two window tabs: Users and Groups. When no server connection exists, no data is displayed and the only permitted operation is connecting to an SPD Server .

Connecting to an SPD Server

Select Connect on the Users tab of the SAS Management Console window to open the Connect to SPD Server window:

Connect to SPD Server window to specify Server, Port, Domain, User, Password, Group, and ACL Special.

The Connect to SPD Server window contains input fields for the following components. The components follow the same usage as a LIBNAME statement to connect to an SPD Server host.

Server - the name of the SPD Server host

Port - the SPD Name Server listen port

Domain - the SPD domain

User - user name that has privilege to be ACL special

Password - password associated with the user name

Group - optional group name

ACL Special - select this box to enable ACL special privileges

Complete the required information, and then click Connect. After you connect to an SPD Server host, the remaining command buttons on the Users tab are enabled. The status bar at the bottom of the Users tab indicates that a connection exists.

Note: Do not confuse the SAS Management Console status indicator in the lower-right corner of the SAS Management Console window with the SPD Server connection status at the bottom of the Users tab.

Window View of the SPD Server Password Manager in SAS Management Console after connecting to the SPD Server host.

Users and Groups

Overview of Managing Users and Groups

Use the Users and Groups tabs in the SAS Management Console window to access either individual user or user group configuration information.

Groups Tab

On the Groups tab of the SAS Management Console window, click List to display the existing defined groups. When you first connect to the Password Manager or after you make changes to a group, the window lists existing defined groups by default.

Users Tab

On the Users tab of the SAS Management Console window, click List to display the defined users and groups.

The window contains the following components:

User Name - the name of the user. This field cannot be changed directly. To change a user name, delete the user and then add a new user.

Auth Level - the numeric authorization level, ranging from 0 to 7. To change the value, select the field and edit it.

Perf Level the Perf Level setting is not yet implemented in SPD Server . In the future, this field will be used to indicate to the server how to manage resources for the associated user.

IP Address - the IP address of the workstation that the individuals listed in the User Name column are using.

Def Group - the default group for a user. Use the drop-down list for the field to change the currently defined group.

Group 2 - Group 5 - shows the numbered groups 2 - 5 that are assigned to each user. Use the drop-down list to change the currently defined groups.

Expires - the number of days that are remaining until the current password expires. A zero value represents infinity.

PW Last Modified - the date and time of the last modification to a user's password.

Last Login - the date and time of the last user login.

Time-out - the number of idle days since the user's last login. When the number of days since a user's last login equals the Time-out value, the user's access is disabled. For example, if the Time-out value is 7, and if a given user does not log on at least every seven days, the user's access is disabled. A zero value in the Time-out field represents infinity, so a user account with a zero value in the Time-out field never times out.

Allowed Login Failures - the number of consecutive login failures that is allowed before the user's access is disabled. A zero value indicates that unlimited login failures are allowed.

Accrued Login Failures - the current number of consecutive failed login attempts by this user.

Adding a User

To add a user, click Add. Complete the values for User, Password, Auth Level, IP Address, PW Expire, Def Group, Login Timeout, and Failed Logins.

Add Password User window with fields for User, Password, Verify Password,

User, Password, Auth Level, Def Group, and Failed Loginsare required values. The IP Address, PW Expire, and Login Timeout are optional. If the optional settings are not specified, they default to "no limits".

Adding a Group

To add a group using the Groups tab of the SAS Management Console window, click Add. Enter a group name in the Add Group window and click Add. The group name is added and the list is updated.

Deleting a User

To delete a user using the Users tab of the SAS Management Console window, select the user from the list and click Delete. The user is deleted and the list is updated.

Deleting a Group

To delete a group using the Groups tab of the SAS Management Console window, select the group from the list and click Delete. The group is deleted and the list is updated.

Changing a Password

To change a user's password using the Users tab of the SAS Management Console window, select the user and click Chg Pass. Enter the user's old password and new password in the Change User Password dialog box, and click Change.

Change User Password window with fields for Old Password, New Password, and Verify Password.

Resetting a Password

To reset the password for a selected user using the Users tab of the SAS Management Console window, click Reset Pass. Specify the user's new password and click Change. Resetting the password does not require that you know the user's current password. The user will be required to subsequently change the password before he can connect to the server.

You use the Reset Pass command to reset a user's password after a user has been disabled. Users can be disabled for excessive login failures or a login timeout.