cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
🔒 This topic is solved and locked. Need further help from the community? Please sign in and ask a new question.
naveenraj
Quartz | Level 8 naveenraj
Quartz | Level 8
Go to Solution

Can SAS authentication be done against IBM Tivoli Directory Server

Posted 08-17-2016 07:48 AM (1611 views)

Hi, 

 

Can you please let me know if SAS will support using the LDAP v3 compliant IBM Security Directory Server to authenticate against instead of using Active Directory for this. What should be the changes that should be implemented for this.

0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions
anja
SAS Employee anja
SAS Employee

Re: Can SAS authentication be done against IBM Tivoli Directory Server

Posted 08-17-2016 08:44 AM (2019 views)  |   In reply to naveenraj

Hi,

 

yes, SAS can authenticate against IBM Tivoli Dir Server. The LDAP server should be RFC 2307 compatible, which it is.

(LDAP v2 / v3 compliant).

 

Not knowing which SAS version you are running, the following is for SAS 9.4.

Please see http://support.sas.com/documentation/cdl/en/itechdsref/64885/HTML/default/viewer.htm#italdap.htm

 

Everything about SAS Integration Technologies:

http://support.sas.com/software/products/inttech/index.html#s1=1

 

Hope this helps.

Best

Anja

View solution in original post

0 Likes
4 REPLIES 4
anja
SAS Employee anja
SAS Employee

Re: Can SAS authentication be done against IBM Tivoli Directory Server

Posted 08-17-2016 08:44 AM (2020 views)  |   In reply to naveenraj

Hi,

 

yes, SAS can authenticate against IBM Tivoli Dir Server. The LDAP server should be RFC 2307 compatible, which it is.

(LDAP v2 / v3 compliant).

 

Not knowing which SAS version you are running, the following is for SAS 9.4.

Please see http://support.sas.com/documentation/cdl/en/itechdsref/64885/HTML/default/viewer.htm#italdap.htm

 

Everything about SAS Integration Technologies:

http://support.sas.com/software/products/inttech/index.html#s1=1

 

Hope this helps.

Best

Anja

0 Likes
naveenraj
Quartz | Level 8 naveenraj
Quartz | Level 8

Re: Can SAS authentication be done against IBM Tivoli Directory Server

Posted 08-17-2016 08:55 AM (1599 views)  |   In reply to anja

Hi @anja

 

Thank you for your response. I was going throught the same documents. I have one more doubt. 

Suppose we have configured SAS using Active Directory server. Like below.

 

Active Directory
/* Environment variables that describe your Active Directory server  */
-set AD_HOST myhost
/* Define authentication provider  */
-authpd ADIR:mycomapny.com
-primpd mycompany.com
But not all the users are present within this AD and we need to introduce another LDAP IBM Tivoli Directory Server. Is this possible by just changing the properties in sasv9_usermods.cfg of metadataserver folder like below along with AD settings mentioned above such that it will check both the AD and LDAP server and provide authentication.  My question is, is it possible to check both the LDAP and AD servers at the same time and provide authentication if user(even if domain name is differant) is present in either of the server
 
LDAP
/* Environment variables that describe your LDAP server  */
-set LDAP_HOST myhost
-set LDAP_BASE "ou=emp, o=us"
/* Define authentication provider */
-authpd LDAP:mycompany.com
-primpd aus.mycompany.com
0 Likes
anja
SAS Employee anja
SAS Employee

Re: Can SAS authentication be done against IBM Tivoli Directory Server

Posted 08-17-2016 09:23 AM (1594 views)  |   In reply to naveenraj

Hi,

 

in SAS 9.3, only one was recognized. In SAS 9.4, take a look at the following:

http://support.sas.com/documentation/cdl/en/bisecag/67045/HTML/default/viewer.htm#n0w8oa3erw568vn192...

 

Is this what you are looking for?

 

Thanks

Anja

0 Likes
Saikrishna979
Obsidian | Level 7 Saikrishna979
Obsidian | Level 7

Re: Can SAS authentication be done against IBM Tivoli Directory Server

Posted 08-18-2016 05:41 AM (1574 views)  |   In reply to anja

 Hi @anja,

 

i have similar case in my requirement.

 

currently we are using AD for authentication for a group of people(Eg: UK users). Another group(Eg: US users) of users also need authentication, they are not present in current AD that we are using. But US users are present in a LDAP server. So, is this possible to implement both the authentication processes in sasv9_usermods.cfg (both AD and LDAP)?

As like.

/*-----------------Active Directory Authentication---------------------- */
/* Environment variables that describe your Active Directory server  */
-set AD_HOST myhost
/* Define authentication provider  */
-authpd ADIR:mycomapny.com
-primpd mycompany.com
 
/*------------------------LDAP Authentication--------------------------- */
/* Environment variables that describe your LDAP server */
-set LDAP_HOST myhost
-set LDAP_BASE "ou=emp, o=us"
/* Define authentication provider */
-authpd LDAP:mycompany.com
-primpd aus.mycompany.com

 

not able to get proper solution in the link that you shared: http://support.sas.com/documentation/cdl/en/bisecag/67045/HTML/default/viewer.htm#n0w8oa3erw568vn192... , whether both AD and LDAP can be implement together for authenticate the users.

 

or is there any other way to achieve this? please suggest.

 

 

Thanks in advance

0 Likes

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Watch Get Started with SAS Information Catalog in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 4 replies
  • ‎08-17-2016 07:48 AM
  • 1612 views
  • 0 likes
  • 3 in conversation