BookmarkSubscribeRSS Feed
ASHISH2525
Quartz | Level 8

Hi All,

 

We have two AD servers XYZ.COM & ABC.COM.
WE have configured LDAP configuration in SASV9_USERMODE.CFG in metadata.

if we attempt to use one at a time it works but when we try to use both at same time. we are only able to login through second one.

 

-set AD_HOST XYZ.COM
-set AD_PORT 389
-authpd ADIR:XYZ.COM
-primpd XYZ.COM

-set AD_HOST ABC.COM
-set AD_PORT 389
-authpd ADIR:ABC.COM
-primpd ABC.COM


/sasconf/Lev1/SASMeta/MEATADAServer

Sasv9_usermod.cfg

 

Regards,

Ashish

3 REPLIES 3
Anand_V
Ammonite | Level 13

Hi @ASHISH2525 ,

 

Did you try the format provided in the admin guide?

 

https://documentation.sas.com/?docsetId=bisecag&docsetTarget=n0w8oa3erw568vn192xwf0872npk.htm&docset...

 

Multiple LDAP Servers

SAS can recognize multiple LDAP servers as authentication providers, regardless of whether there are trust relationships among those servers.
For example, to cause the metadata server to search three Active Directory servers (AD1, AD2, and AD3) when authenticating users, set the AUTHPROVIDERDOMAIN system option as follows:
-authpd (ADIR:AD1, ADIR:AD2, ADIR:AD3)
To enable SAS to locate all three LDAP servers, supply information about each server through associated environment variables. To indicate which LDAP server each variable describes, append the server's name to the variable name. For example, with the preceding AUTHPD syntax, you might set server-specific variables as follows:
set AD_HOST_AD1=machine1.company1.com
set AD_HOST_AD2=machine1.company2.com
set AD_HOST_AD3=machine1.company3.com

AUTHPROVIDERDOMAIN=(provider:domain-name)

specifies an alternative authentication provider. When the AUTHPROVIDERDOMAIN parameter is omitted from the metadata server start command, the metadata server uses host authentication to authenticate users. AUTHPD is an alias for AUTHPROVIDERDOMAIN. For usage information, see Direct LDAP Authentication in SAS Intelligence Platform: Security Administration Guide.

Note: In UNIX operating environments, you must insert an escape character before each parenthesis. For example:-authproviderdomain = \(ADIR:MyDomain\)

Thanks!

ASHISH2525
Quartz | Level 8

@Anand_V 

 

Hi,

 

Thanks for your quick response. Right now we are doing this.

 

-set AD_HOST_ABC ABC.in
-set AD_HOST_XYZ xyz.XX.XX.in
-authpd (ADIR:ABC, ADIR:XYZ)
-set AD_PORT 389

 

Can you recommend the changes we should do in above. we are on Linux Os.

 

 

Regards,

Ashish

Anand_V
Ammonite | Level 13
Can try this?

-authpd \(ADIR:ABC, ADIR:XYZ\)
-set AD_HOST_ABC ABC.in
-set AD_HOST_XYZ XYZ.xx.xx.in
-set AD_PORT 389

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 3 replies
  • 1129 views
  • 1 like
  • 2 in conversation