cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
🔒 This topic is solved and locked. Need further help from the community? Please sign in and ask a new question.
Lenvdb
Quartz | Level 8 Lenvdb
Quartz | Level 8
Go to Solution.

SASAppCustom for a custom metadata group

Posted 04-10-2017 06:13 AM (764 views)

Hi all

 

I am stuck and need a magic wand today.

We are working with highly restricted data, for which we had to set up a seperate ringfenced work area, storage etc.

I was advised by SAS Tech Support to create a new custom Workspace Server for them, and then set up separate Metadata User profiles. 

 

Requirements:

Separate Workspace Server

Separate Windows dataset folder located on separate file server

Separate Windows AD User Groups x 2 (LibraAdmins + LibraUsers)

Separate /SASWork folder defined in config file

 

Implementation:

Restrict access to all other SAS Users / SAS Groups  in Metadata to this location and allow only the 2 Groups listed above access to the new Workspace Server SASAppLibra.

 

I have now set up SASAppLibra.

How do I proceed from here to grant access to the 2 User Groups to this SASApp, and restrict all other Groups from seeing / accessing SASAppLibra?

 

Is there some documentation available anywhere on this?

1 ACCEPTED SOLUTION

Accepted Solutions
MichelleHomes
Meteorite | Level 14 MichelleHomes
Meteorite | Level 14

Re: SASAppCustom for a custom metadata group

Posted 04-10-2017 06:57 AM (945 views)  |   In reply to Lenvdb

Hi There,

 

I'd spend some time on setting up your access using ACTs. Have a read through the SAS documentation to understand how this can be achieved http://support.sas.com/documentation/cdl/en/mcsecug/64770/HTML/default/viewer.htm#about.htm

 

You may also like to read @CecilyHoffritz's 2011 SAS Global Forum paper, Best Practice Implementation of SAS® Metadata Security at Customer Sites in Denmark: http://support.sas.com/resources/papers/proceedings11/376-2011.pdf

 

Furthermore @angieh presented at SAS Global Forum last week a paper that you may find helpful, Getting Started with Designing and Implementing a SAS 9.4 Metadata and File System Security Design: https://communities.sas.com/t5/SAS-Global-Forum-2017/If-you-are-interested-in-SAS-Metadata-Security-...

 

Deny broadly, grant selectively... as suggested at http://support.sas.com/documentation/cdl/en/mcsecug/64770/HTML/default/viewer.htm#p12rsiojalls90n17o...

 

Kind Regards,

Michelle

//Contact me to learn how Metacoda software can help keep your SAS platform secure - https://www.metacoda.com

View solution in original post

3 REPLIES 3
MichelleHomes
Meteorite | Level 14 MichelleHomes
Meteorite | Level 14

Re: SASAppCustom for a custom metadata group

Posted 04-10-2017 06:57 AM (946 views)  |   In reply to Lenvdb

Hi There,

 

I'd spend some time on setting up your access using ACTs. Have a read through the SAS documentation to understand how this can be achieved http://support.sas.com/documentation/cdl/en/mcsecug/64770/HTML/default/viewer.htm#about.htm

 

You may also like to read @CecilyHoffritz's 2011 SAS Global Forum paper, Best Practice Implementation of SAS® Metadata Security at Customer Sites in Denmark: http://support.sas.com/resources/papers/proceedings11/376-2011.pdf

 

Furthermore @angieh presented at SAS Global Forum last week a paper that you may find helpful, Getting Started with Designing and Implementing a SAS 9.4 Metadata and File System Security Design: https://communities.sas.com/t5/SAS-Global-Forum-2017/If-you-are-interested-in-SAS-Metadata-Security-...

 

Deny broadly, grant selectively... as suggested at http://support.sas.com/documentation/cdl/en/mcsecug/64770/HTML/default/viewer.htm#p12rsiojalls90n17o...

 

Kind Regards,

Michelle

//Contact me to learn how Metacoda software can help keep your SAS platform secure - https://www.metacoda.com
Lenvdb
Quartz | Level 8 Lenvdb
Quartz | Level 8

Re: SASAppCustom for a custom metadata group

Posted 04-10-2017 08:11 AM (740 views)  |   In reply to MichelleHomes

Hi Michelle

 

Yes - it seems ACT's will be the solution here, and I agree with the policy of Deny broadly and grant selectively.

Thanks for your help.

Smiley Happy

0 Likes
MichelleHomes
Meteorite | Level 14 MichelleHomes
Meteorite | Level 14

Re: SASAppCustom for a custom metadata group

Posted 04-10-2017 08:30 AM (735 views)  |   In reply to Lenvdb

My pleasure. Please mark the question as solved so that it may help others in future too.

 

Kind Regards,

Michelle

//Contact me to learn how Metacoda software can help keep your SAS platform secure - https://www.metacoda.com
0 Likes

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

CLI in SAS Viya

Learn how to install the SAS Viya CLI and a few commands you may find useful in this video by SAS’ Darrell Barton.

Watch CLI in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 3 replies
  • ‎04-10-2017 06:13 AM
  • 765 views
  • 4 likes
  • 2 in conversation