https://communities.sas.com/t5/Administration-and-Deployment/How-to-enable-non-SAS-Admins-to-view-the-SAS-supplied-user/m-p/980633#M30507 Here is a Knowledge Base article that explains how to do this in Viya 3 and SAS Viya Platform. <BR /><BR /><A href="https://sas.service-now.com/csm/en/grant-non-administrator-access-to-user-activity-reports-in-sas-viya?id=kb_article_view&amp;sysparm_article=KB0043828" target="_blank">https://sas.service-now.com/csm/en/grant-non-administrator-access-to-user-activity-reports-in-sas-viya?id=kb_article_view&amp;sysparm_article=KB0043828</A> Thu, 11 Dec 2025 13:55:05 GMT ronf_sas 2025-12-11T13:55:05Z https://communities.sas.com/t5/Administration-and-Deployment/How-to-enable-non-SAS-Admins-to-view-the-SAS-supplied-user/m-p/907467#M27686 <P>Hi experts,</P> <P>&nbsp;</P> <P>For SAS Viya 3.5 there is a SAS Environment Management supplied report named User Activity which shows audit info for users accessing VA reports. We have a need to open access to this report (and the underlying CAS data) for some group of users who are <EM>not</EM> members of the SAS Administrators group. Are there instructions for accomplishing this?</P> <P>&nbsp;</P> <P>Thanks</P> Tue, 12 Dec 2023 05:17:19 GMT https://communities.sas.com/t5/Administration-and-Deployment/How-to-enable-non-SAS-Admins-to-view-the-SAS-supplied-user/m-p/907467#M27686 EyalGonen 2023-12-12T05:17:19Z https://communities.sas.com/t5/Administration-and-Deployment/How-to-enable-non-SAS-Admins-to-view-the-SAS-supplied-user/m-p/907543#M27688 <P>Hi,</P> <P><SPAN>The User Activity report is in the /Products/SASEnvironmentManager/Dashboard Items path in SAS Content, which has a rule conditionally prohibiting Authenticated Users from seeing it. You will need to modify the condition of this rule to include a group this user is a member of, or call them out specifically. For instance by replacing this:</SPAN><BR /><SPAN>&nbsp;</SPAN><BR /><SPAN>!groupsForCurrentUser().contains('SASAdministrators') &amp;&amp; !groupsForCurrentUser().contains('sasapp')</SPAN><BR /><SPAN>&nbsp;</SPAN><BR /><SPAN>with this:</SPAN><BR /><SPAN>&nbsp;</SPAN><BR /><SPAN>!groupsForCurrentUser().contains('SASAdministrators') &amp;&amp; !groupsForCurrentUser().contains('sasapp') &amp;&amp; !groupsForCurrentUser().contains('NewGroup')</SPAN><BR /><SPAN>&nbsp;</SPAN><BR /><SPAN>or:</SPAN><BR /><SPAN>&nbsp;</SPAN><BR /><SPAN>!groupsForCurrentUser().contains('SASAdministrators') &amp;&amp; !groupsForCurrentUser().contains('sasapp') &amp;&amp; !currentUser() == 'userid'</SPAN><BR /><SPAN>&nbsp;</SPAN><BR /><SPAN>General Authorization: How To (Rules page)</SPAN><BR /><A href="https://go.documentation.sas.com/doc/en/calcdc/3.5/calauthzgen/p1bh4gj8c2xv1nn1fx011prusmii.htm" target="new">https://go.documentation.sas.com/doc/en/calcdc/3.5/calauthzgen/p1bh4gj8c2xv1nn1fx011prusmii.htm</A><BR /><SPAN>&nbsp;</SPAN><BR /><SPAN>The User Activity report uses the SystemData.Audit CAS table which Authenticated Users by default does not have permission to see, so the user/group will need to be granted permission on the SystemData caslib as well.</SPAN><BR /><SPAN>&nbsp;</SPAN><BR /><SPAN>CAS Authorization: How To (Authorization Window)</SPAN><BR /><A href="https://go.documentation.sas.com/doc/en/calcdc/3.5/calauthzcas/n10ey3zz0qwxrsn0z6l25qo310q7.htm" target="new">https://go.documentation.sas.com/doc/en/calcdc/3.5/calauthzcas/n10ey3zz0qwxrsn0z6l25qo310q7.htm</A></P> Tue, 12 Dec 2023 14:05:44 GMT https://communities.sas.com/t5/Administration-and-Deployment/How-to-enable-non-SAS-Admins-to-view-the-SAS-supplied-user/m-p/907543#M27688 ronf_sas 2023-12-12T14:05:44Z https://communities.sas.com/t5/Administration-and-Deployment/How-to-enable-non-SAS-Admins-to-view-the-SAS-supplied-user/m-p/907548#M27690 <P>Hi&nbsp;<a href="https://communities.sas.com/t5/user/viewprofilepage/user-id/4637">@ronf_sas</a>&nbsp;</P> <P>&nbsp;</P> <P>Thanks for replying. Two questions:</P> <P>&nbsp;</P> <P>1. Is there no issue/pitfall with opening the permissions for the folder and caslib to non SAS Admins?</P> <P>2. I want to open access only to this specific report and only to the specific CASLIB table and not to open access to the entire VA report folder and to the entire SystemData CASLIB. Is there an easy way to accomplish this?</P> Tue, 12 Dec 2023 14:12:39 GMT https://communities.sas.com/t5/Administration-and-Deployment/How-to-enable-non-SAS-Admins-to-view-the-SAS-supplied-user/m-p/907548#M27690 EyalGonen 2023-12-12T14:12:39Z https://communities.sas.com/t5/Administration-and-Deployment/How-to-enable-non-SAS-Admins-to-view-the-SAS-supplied-user/m-p/907574#M27692 1. Generally speaking the permissions are set such that non-administrators only have access to their own information. The User Activity report and SystemData.Audit CASLIB contain data on all users, so this is not granted by default. <BR />2. Yes, you can set authorizations on specific objects and tables, so you can achieve this, you would just need to add additional permission configurations.<BR /><BR />By default the rule against the Dashboard folder is a conditional prohibit on Authenticated Users to /folders/folders/folder_id/**, so Authenticated Users have permission to see the folder, but permission is revoked to see any objects inside the folder (convey permission). As you want to grant access to a single object within the folder, you would not be able to use this rule, so you'd need to disable it which would grant users Read permission conveyed to all the objects within it. You'd then need to edit the permissions for each report in the folder and conditionally prohibit permission, with the same condition as the prohibit you disabled (prohibit Authenticated Users unless they are a member of the SAS Administrators or sasapp group)<BR /><BR />Similarly for the SystemData CASLIB, Authenticated Users by default do not have ReadInfo permission on the library. This would need to be granted at the library level and then removed at the table level for all tables but AUDIT, which would need ReadInfo and Select granted. Tue, 12 Dec 2023 15:26:23 GMT https://communities.sas.com/t5/Administration-and-Deployment/How-to-enable-non-SAS-Admins-to-view-the-SAS-supplied-user/m-p/907574#M27692 gwootton 2023-12-12T15:26:23Z https://communities.sas.com/t5/Administration-and-Deployment/How-to-enable-non-SAS-Admins-to-view-the-SAS-supplied-user/m-p/980633#M30507 Here is a Knowledge Base article that explains how to do this in Viya 3 and SAS Viya Platform. <BR /><BR /><A href="https://sas.service-now.com/csm/en/grant-non-administrator-access-to-user-activity-reports-in-sas-viya?id=kb_article_view&amp;sysparm_article=KB0043828" target="_blank">https://sas.service-now.com/csm/en/grant-non-administrator-access-to-user-activity-reports-in-sas-viya?id=kb_article_view&amp;sysparm_article=KB0043828</A> Thu, 11 Dec 2025 13:55:05 GMT https://communities.sas.com/t5/Administration-and-Deployment/How-to-enable-non-SAS-Admins-to-view-the-SAS-supplied-user/m-p/980633#M30507 ronf_sas 2025-12-11T13:55:05Z