cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
Cedric_HANQUEZ
Calcite | Level 5 Cedric_HANQUEZ
Calcite | Level 5

Update internal password with a stored process

Posted 06-08-2024 03:55 AM (578 views)

Hi,

I have a large set of users (internal users @saspw) and I'd like to give them the chance to change their internal password by themselves.

They have an access to the stored process web app, and only that application.

I am thinking of a Stored Process that they could use to change this password.

Has someone already created such stored process?

Thanks

Cédric

Reply
2 REPLIES 2
Quentin
Super User Quentin
Super User

Re: Update internal password with a stored process

Posted 06-08-2024 10:23 AM (531 views)  |   In reply to Cedric_HANQUEZ

I'm not an admin or a security guy, but this seems risky.  If you write a stored process to hand-roll the process of updating passwords, you could easily end up with passwords ending up in clear text log files, etc.  

 

I assumed most servers were set up to integrate with an independent, dedicated account/password management system (e.g. active directory on Windows), where I would assume any processes for updating passwords would be secure by design.

 

(Oh, I just googled.  The definition of these internal accounts (@saspw) is that they exist only in metadata, not in an external authentication domain. So I can how if you've got a lot of these, you would want some automated way for users to be able to maintain them.  yikes. Assuming these users only have read access to reports that aren't sensitive, maybe the benefits of having an automated stored process to allow users to manage their passwords are worth the security risks.)

The Boston Area SAS Users Group is hosting free webinars!
Next up: Rick Wicklin presents Ten Tips for Effective Statistical Graphics (with SAS code) on Wednesday March 26.
Register now at https://www.basug.org/events.
0 Likes
Reply
SASKiwi
PROC Star SASKiwi
PROC Star

Re: Update internal password with a stored process

Posted 06-10-2024 02:10 AM (466 views)  |   In reply to Cedric_HANQUEZ

There's a large learning curve to doing this if you haven't played with SAS metadata before. You will need to become familiar with the DATA step metadata functions. then learn how to navigate the metadata object model. I find it easiest to use the metadata browser (METABROWSE) that is available in the SAS Windowing Environment. Please note that writing to the SAS metadata repository is risky and can easily end up corrupting it. You could investigate the Active Directory metadata synching process to gain a better understanding of updating.

0 Likes
Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Watch Get Started with SAS Information Catalog in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 2 replies
  • ‎06-08-2024 03:55 AM
  • 579 views
  • 1 like
  • 3 in conversation