https://communities.sas.com/t5/Administration-and-Deployment/Update-internal-password-with-a-stored-process/m-p/931389#M28590 <P>I'm not an admin or a security guy, but this seems risky.&nbsp; If you write a stored process to hand-roll the process of updating passwords, you could easily end up with passwords ending up in clear text log files, etc.&nbsp;&nbsp;</P> <P>&nbsp;</P> <P>I assumed most servers were set up to integrate with an independent, dedicated account/password management system (e.g. active directory on Windows), where I would assume any processes for updating passwords would be secure by design.</P> <P>&nbsp;</P> <P>(Oh, I just googled.&nbsp; The definition of these internal accounts (@saspw) is that they exist only in metadata, not in an external authentication domain. So I can how if you've got a lot of these, you would want some automated way for users to be able to maintain them.&nbsp; yikes. Assuming these users only have read access to reports that aren't sensitive, maybe the benefits of having an automated stored process to allow users to manage their passwords are worth the security risks.)</P> Sat, 08 Jun 2024 14:32:53 GMT Quentin 2024-06-08T14:32:53Z https://communities.sas.com/t5/Administration-and-Deployment/Update-internal-password-with-a-stored-process/m-p/931380#M28589 <P>Hi,</P><P>I have a large set of users (internal users @saspw)&nbsp;and I'd like to give them the chance to change their internal password by themselves.</P><P>They have an access to the stored process web app, and only that application.</P><P>I am thinking of a Stored Process that they could use to change this password.</P><P>Has someone already created such stored process?</P><P>Thanks</P><P>Cédric</P> Sat, 08 Jun 2024 07:55:57 GMT https://communities.sas.com/t5/Administration-and-Deployment/Update-internal-password-with-a-stored-process/m-p/931380#M28589 Cedric_HANQUEZ 2024-06-08T07:55:57Z https://communities.sas.com/t5/Administration-and-Deployment/Update-internal-password-with-a-stored-process/m-p/931389#M28590 <P>I'm not an admin or a security guy, but this seems risky.&nbsp; If you write a stored process to hand-roll the process of updating passwords, you could easily end up with passwords ending up in clear text log files, etc.&nbsp;&nbsp;</P> <P>&nbsp;</P> <P>I assumed most servers were set up to integrate with an independent, dedicated account/password management system (e.g. active directory on Windows), where I would assume any processes for updating passwords would be secure by design.</P> <P>&nbsp;</P> <P>(Oh, I just googled.&nbsp; The definition of these internal accounts (@saspw) is that they exist only in metadata, not in an external authentication domain. So I can how if you've got a lot of these, you would want some automated way for users to be able to maintain them.&nbsp; yikes. Assuming these users only have read access to reports that aren't sensitive, maybe the benefits of having an automated stored process to allow users to manage their passwords are worth the security risks.)</P> Sat, 08 Jun 2024 14:32:53 GMT https://communities.sas.com/t5/Administration-and-Deployment/Update-internal-password-with-a-stored-process/m-p/931389#M28590 Quentin 2024-06-08T14:32:53Z https://communities.sas.com/t5/Administration-and-Deployment/Update-internal-password-with-a-stored-process/m-p/931486#M28592 <P>There's a large learning curve to doing this if you haven't played with SAS metadata before. You will need to become familiar with the <A href="https://documentation.sas.com/doc/en/pgmsascdc/9.4_3.5/lrmeta/part-5.htm" target="_blank" rel="noopener">DATA step metadata functions</A>. then learn how to navigate the metadata object model. I find it easiest to use the metadata browser (<A href="https://documentation.sas.com/doc/en/pgmsascdc/9.4_3.5/lrmeta/p1sx3unuqtoykbn141wrhpcj3n1t.htm" target="_blank" rel="noopener">METABROWSE</A>) that is available in the SAS Windowing Environment. Please note that writing to the SAS metadata repository is risky and can easily end up corrupting it. You could investigate the Active Directory metadata synching process to gain a better understanding of updating.</P> Mon, 10 Jun 2024 06:10:16 GMT https://communities.sas.com/t5/Administration-and-Deployment/Update-internal-password-with-a-stored-process/m-p/931486#M28592 SASKiwi 2024-06-10T06:10:16Z