cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
jakarman
Barite | Level 11 jakarman
Barite | Level 11

Is authentication to metadata needed wiht a batchserver or connect server. Any documentational references?

Posted 03-17-2015 02:56 AM (1053 views)

When you use a batch-server or connect-server with a SAS EIP installation we noticed that there is no authentication (password validation to metadata server) done.

It uses the OS user-id as the identified user and proceeds with that one as the metadata context.

There is no IWA configured. It is Unix environment.

The WS is setup as host-authentication. With that one, you have to specify the OS user twice. Once for the metadata connection and another following after that for the OS SAS session.

The last one gets cached (stored possible to be breached) in the SAS metadata.  This is different as the batch/connect server. A strange difference between those two

Anyone found some information this is how it is designed and that it should work that way. Underpinning compliancy reasons.

---->-- ja karman --<-----
0 Likes
Reply
1 REPLY 1
SASKiwi
PROC Star SASKiwi
PROC Star

Re: Is authentication to metadata needed wiht a batchserver or connect server. Any documentational references?

Posted 03-21-2015 09:04 PM (859 views)  |   In reply to jakarman

I too have wondered why when you schedule a batch job in SAS Management Console that you have to enter your username/password again (both SAS 9.3 and 9.4). Your explanation makes perfect sense.

Our environment is Windows and our SMC connection uses IWA. It would be much better if batch scheduling could use those delegated credentials.

However the annoyances go further. If you change your password then you have to go and reschedule all of your batch jobs otherwise they wont run (we use LSF as our batch scheduler). Fortunately we only have a few batch jobs so it is not too big a deal. If you have a lot them though I imagine it would be a major inconvenience.

0 Likes
Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

CLI in SAS Viya

Learn how to install the SAS Viya CLI and a few commands you may find useful in this video by SAS’ Darrell Barton.

Watch CLI in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 1 reply
  • ‎03-17-2015 02:56 AM
  • 1054 views
  • 0 likes
  • 2 in conversation