 |
|
| Users, Groups, and Roles |
About User Administration
In order to make access distinctions and track user activity, a security system must know who is making each request. The primary purpose of user administration is to provide information that helps systems identify each connecting user. In the SAS Intelligence Platform, the primary user management task is to create SAS copies of external account IDs. For identification purposes, only the account IDs are needed. SAS doesn't maintain copies of external passwords for identification purposes. For each user, you must create a SAS copy of a unique account ID, with these exceptions:
-
For metadata administrators and some service identities, you can use a SAS internal account instead of a SAS copy of an external account ID.
-
For users who don't need an individual identity, you don't have to store an account ID. Such users share the generic PUBLIC identity.
SAS uses its copy of these IDs to establish a unique SAS identity for each connecting user. All of a user's group memberships, role memberships, and permission assignments are ultimately tied to the user's SAS identity. See How SAS Identity is Determined.
To access user administration features in SAS Management Console,
select the User Manager
![[icon]](images/usermanager.gif)
on the
Plug-ins tab. If you don't want to use SAS Management Console to interactively
create user definitions, you can write SAS programs that import and periodically
update account IDs from your authentication provider. See User Import Macros.
See Also
|
|
Copyright © 2011 by SAS Institute Inc., Cary, NC, USA. All rights reserved.