Could you share more on why you want to do this? Since you can use SMC to make change to users group and role memberships, what is that you are trying to achieve by export/import?

@AnandVyas , I'm trying to skip use of SMC because it require GUI and im using SAS on Linux without desktop - just console

If the goal is to add groups to a user outside of SAS Management Console, this can be done with PROC METADATA or Metadata DATA Step Functions.

For example, you could use datalines to create a data set of group names and then use the metadata_setassn function to add each to the sasadm@saspw user in a data step.

/* Create a list of groups */
data groups;
    length name $ 255;
    call missing (of _character_);
    input name;
    datalines;
group1
group2
groupn
    ;;
run;

/* Add each one to sasadm user */
data _null_;
    set groups;
    user_obj="omsobj:Person?@Name='sasadm'";
	group_obj="omsobj:IdentityGroup?@Name='"||name||"'";
	rc=metadata_setassn(user_obj,"IdentityGroups","APPEND",group_obj);
run;

With spaces in the group name (not displayname) you might want to do something like this.

data groups;
length name $ 255;
call missing (of _character_);
input;
name=_infile_;
datalines;
IRM: Access All entities
Metadata Server: Unrestricted
;;
run;

@gwootton, I've tried changed code, but nothing happen - sasadm has same groups, nothing more has been added. There is no errors in log file too.... any clue ?

Hi @Hacko 

I also tried the code shared by @gwootton . I have noticed that it will works with "Group Name" and NOT with "Group Display Name". While for most of the groups both are same, I could see for some groups it was not. 

Did you try with name or display name?

Also as @SASKiwi mentioned, it's good to take metadata backup before making any changes using code.

@gwootton - Thank you very much for your code

@AnandVyas  - thank you to, you are right. I figure out that "Metadata Server: User Administration" actually is "META: User and Group Administrators Role"

Already search  in internet about list of all groups but didnt find something useful. Question is - is there a fast way to extract all groups by name and display name (with code or console, not via GUI) ?

This would do it:

data groups;
keep group_name group_dn;
length type id uri $ 50 group_name group_dn $ 255;
call missing (of _character_);
obj="omsobj:IdentityGroup?@PublicType='UserGroup'";
group_count=metadata_resolve(obj,type,id);
if group_count > 0 then do i=1 to group_count;
rc=metadata_getnobj(obj,i,uri);
rc=metadata_getattr(uri,"Name",group_name);
rc=metadata_getattr(uri,"DisplayName",group_dn);
put group_name= group_dn=;
output;
end;
run;

@gwootton Thank you again about provided code. I executed it - there is nothing to display, but found this one in log file:

NOTE: The data set WORK.GROUPS has 0 observations and 2 variables.
NOTE: DATA statement used (Total process time):
      real time           0.00 seconds
      cpu time            0.00 seconds

Actually I'm executing those macros directly in linux console with "<SAS_HOME>/SASFoundation/9.4/sas -nodms -nonews <file_with_macro>" if this matter ....

If you are running from the SASFoundation/9.4 directory there is no automatic sourcing of the Metadata connection information. You might want to add -metaprofile <sas-config>/Levn/metadataConfig.xml to your command line.

@gwootton thank you again. I've tried <SASHome>/SASFoundation/9.4/sas -nodms -metaprofile <sasconfig>/Lev1/metadataConfig.xml but im afraid the result is the same 😞

NOTE: The data set WORK.GROUPS has 0 observations and 2 variables.
NOTE: DATA statement used (Total process time):
      real time           0.12 seconds
2                                                          The SAS System                            05:50 Tuesday, October 13, 2020

      cpu time            0.02 seconds

Any clue ?

Are you running the SAS executable as a user who exists in Metadata? If not, it would authenticate you as PUBLIC and not give you permission to list the resources.

Another option would be to add the metadata connection options to the program. For example:

%include "<sas-config>/Lev1/SASMeta/MetadataServer/metaparms.sas";

or

options metaserver='meta.demo.sas.com'
metaport=8561
metaprotocol='bridge'
metauser='sasadm@saspw'
metapass='password'
metarepository='Foundation'
metaconnect='NONE'
;

@gwootton - finally! Greg, you save my day! 🙂 appreciate your time and willing to help me!