Hi ,
We have an issue with SAS Studio environment , where there are some files(html, SGPanel.png, temporary excel files And .file) created in the config folder location. Which is not allowed & while investigating we came to know that no one is creating intentionally any of these files in the config location. So this is effecting on both the App Servers (SASApp1-u8 & SASApp2-en).
And when we try to change the security permissions – it’s impacting user access.
Config Path: D:\SAS\Config\Lev1\SASApp1-u8
D:\SAS\Config\Lev1\SASApp2-en
So we request if anyone help us on identifying which process is creating these files and how to prevent this. Any resolution on this.
Current version: 9.04.01M7
Operating System: WX64
Thanks & Regards,
Siddhartha
I suspect that is the folder that is the current working directory when your SAS sessions are started.
You can confirm by starting a new SAS session and running something like this to see where you are.
filename here '.';
%put %sysfunc(pathname(here));
There should be no need for normal users to have write access to that folder (or any part of the SAS system files). That should not prevent them from running SAS. It might well cause the code that is currently writing those file to produce an ERROR, which would mean you could find the problem code and fix it.
Judging by the files in your screenshot these are created by different users not including a path when writing external files. As already stated by @Tom setting your D drive permissions to read-only for normal SAS users should fix the problem.
@siddhu1 wrote:
Thanks for the reply.
I have checked that the Users has read-only permissions in the D drive config folder.
Any help on, how to go further on this.
Thanks & Regards,
Siddhartha
If the USERS don't have write permissions perhaps the ADMIN, or someone with permissions, has run some code that did this?
@siddhu1 - Check the properties of those files in Windows Explorer. In the Details tab you will find the owner. That will tell you which OS account created them.
I've been seeing this too, and it looked like users only had Read and Execute permissions. However, on a bit of deeper delving, I discovered that there's a special access set for users. You may see this if you go into the advanced security settings. Under this, users have Append and Create permissions. Actually, the best way I found to see this was with the Powershell get-acl cmdlet:
PS E:\SAS\config\Lev1\SASApp> Get-Acl E:\SAS\config\Lev1\SASApp |Select-Object -ExpandProperty access |ft -property IdentityReference,AccessControlType,FileSystemRights -AutoSize IdentityReference AccessControlType FileSystemRights ----------------- ----------------- ---------------- BUILTIN\Administrators Allow FullControl ********\sassrv Allow ReadAndExecute, Synchronize BUILTIN\Administrators Allow FullControl NT AUTHORITY\SYSTEM Allow FullControl CREATOR OWNER Allow 268435456 BUILTIN\Users Allow ReadAndExecute, Synchronize BUILTIN\Users Allow AppendData BUILTIN\Users Allow CreateFiles
So I'm guessing that removing this Special access would resolve the problem.
It appears this question is a corollary of your other question Unwanted file in the Config folder - SAS Support Communities. As I have suggested in that question apparently a macro is being used to create path or a component of path that may not be existing.
Suggestion by @Nigel_Pain may help in prevent the process of files being written to the folder, but underlying cause needs to be addressed.
The SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment.
SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.
Find more tutorials on the SAS Users YouTube channel.