Hi All,
I have set up SAS 9.4 M7 and SAS Access to Impala connection. Impala DBA shared Service accounts and added all SAS user log in accounts into Impala DB AD groups to have read access. I have done connection set up configuration part and able to access Impala data using metadata Library/libname statement/pass through code using Impala DB service account.
Impala DBA can see the SAS code gets executing from using Impala DB service account.
We wanted to capture actual SAS user Login ID in Impala whoever connects EG and run query against to Impala DB.
Example: if user 'SAS121' connect to EG and run query against to Impala DB, then DBA should see the Impala service account and 'SAS121' details.
for this, we have done following:
- Enabled the Impala Service account Delegation permissions capability.
- Impala DBA updated the configuration in Impala DB to capture service account and actual user account.
- Impala DBA asked me to add 'DelegationUID=' to Impala DSN settings in odbc.ini file .
- When I hardcode value for "DelegationUID=Lion" then Impala DBA can see 'Lion' ID, or add 'DelegationUID=test' then Impala DBA can see Impala Service account and 'test'.
- Wanted to add parameter to capture actual SAS Login account details along with Impala Service account.
- Have to add "DelegationUID= <value>" to pass the user login ID to Impala DB.
- Tried with "DelegationUID=&sysuserid", but getting error as "&sysuserid not authorized to access Impala DB".
what would be the right variable to capture the SAS EG session logged on user account to pass to Impala DB?
has anyone worked on and got the solution for this? please share your recommendation or suggestions?
Thanks
