Recently I have created the new custom Role with new capabilities and assigned it to user and roles.
View Risk Assessment> we could not find it on the system.
Regulatory Reports – Edit> we could not find it on the system.
Regulatory Reports – View> we could not find it on the system.
I am using the SAS9.3 , if any one has faced this kind of issue ,Please help me in this.
Many thanks in advance.
here is what I would do/try:
- check if your maintenance level is SAS 9.3 TS2M3, or not. If it is not the last maintenance, chances are high that several questions would be solved by patching SAS.
- check for the avialable hotfixes, and when you get the list, check if any of them addresses any of your questions.
- check if a migration to 9.4 is an option.
- check with SAS Technical Support, it seems as an appropiate question for them.
Those AML applications (and capabilities) shown in the SAS Management Console User Manager role Capabilities tab look possibly site-specific, given the suffixes (BU_JO, BU_PSE etc). I don't have AML so cannot investigate this myself. Does AML create those for you or have you created them for yourself (using ApplicationMetadataUtility)?
The capability that has a grey dot in front of its name, and has a grey background to the checkbox, indicates a capability that has been granted through a contributing role. If you look at the Contributing Roles tab, one of the roles in that tab will have had that capability ticked/granted in its own Capabilities tab. Contributed capability grants cannot be un-granted in a role where they have been contributed - they can either be explicitly re-granted in the role where they have been contributed (to always be granted regardless of what happens in the contributing role), or be un-granted in the source contributing role itself. For more info on roles and capabilities I would recommend reading Kathy Wisniewski's SAS Global Forum 2010 Paper (324-2010) Be All That You Can Be: Best Practices in Using Roles to Control Functionality in SAS® 9.2 It's several years/versions old now but most of it still applies today and is a quick and easy read. Also tracing capability access can be tricky and time consuming so if you are interested in a commercial tool that can help with that, there's a Capability Reviewer in Metacoda Security Plug-ins that can show who has a capability and how they get it (included which contributing roles provide might be providing it). I wrote a blog post about it a few years ago that has some examples.
Those changes has been activated after that i have run the sync users script aml_omr_sync_users.sas and changes are reflecting in the AML screen also But still i am not able to find the below capabilities in SAS management console and same are available in SAS AML System Administrator Screen URL.
if any one has faced this issue please let me know the solution for the same.
Do you know if the program aml_omr_sync_users.sas is custom written for your organisation or part of the SAS AML Solution? The name of the program suggests AML Open Metadata Repository sync users - i.e. sync users (from AD?) into metadata for AML. Perhaps it manipulates role (IdentityGroup) and capability (ApplicationAction) metadata too but without seeing the code itself it is impossible to tell.
I think you may get the best response by following this up with SAS AML specialists in SAS Technical Support, or whoever installed and configured the SAS AML Solution for you - perhaps SAS Professional Services or a SAS Partner?
I got the response from the SAS technical team also and This is script come the part of the SAS AML solution .
Basically I have one question about the capabilities as i am not able to find the below capabilities in SAS management console and same are available in SAS AML System Administrator Screen URL.
Many Thanks for your valuable help.
If that script is part of the SAS AML solution then it is probably best for you to work with SAS Tech Support to resolve this. I don't have access to that software to investigate any further myself. If I did I would probably search for the ApplicationAction objects in metadata to see if they have been able to be associated with the AML applications to show up in SAS MC. Also review the script and its logs to see where and how it might go wrong.
Unless other community members have experience with this aspect of SAS AML then SAS tech support will be your best option (as always).
If you do get a resolution please report back on this thread so it might be useful to others in future.
The SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment.
Learn how to install the SAS Viya CLI and a few commands you may find useful in this video by SAS’ Darrell Barton.
Find more tutorials on the SAS Users YouTube channel.