Security Overview |
During installation, several initial user accounts are created. Some of these accounts are created for all installations, some are optional, and some are created only if certain software components are installed. The required users include the following:
The SAS Administrator account and the SAS Trusted User Account. These users are generally set up as internal accounts, which exist in metadata but are not known to the host machine. The SAS Administrator account has access to all metadata, regardless of SAS permissions settings. The SAS Trusted User is a privileged service account that can act on behalf of other users when connecting to the metadata server.
The SAS Spawned Servers account and the SAS Installer account, which must be defined in the operating system of certain server machines. The SAS Spawned Servers account is the initially configured process owner for pooled workspace servers and stored process servers. The SAS Installer Account is used to install and configure SAS software. On UNIX and z/OS systems, this account is also the owner of configuration directories and their contents and is the process owner for items such as the metadata server, the OLAP server, and the object spawner.
Other initial users include the LSF Administrator and LSF User, which are required if Platform Suite for SAS is installed. In addition, the SAS Anonymous Web Service User is an optional account that is used to grant clients access to applicable SAS Web Infrastructure Platform components. Most installations set up this user as an internal account, which exists in metadata but is not known to the host machine.
Copyright © 2010 by SAS Institute Inc., Cary, NC, USA. All rights reserved.