Architecting, installing and maintaining your SAS environment

unable to login to SASStudio

Reply
Frequent Contributor
Posts: 96

unable to login to SASStudio

Hi,

 

 

We have created users using LDAP and able to login to environment Manager. While logging in to sasstudio, Only few of them are able to login. But, few of them are not able to login to SASStudio and its saying Access Denied and  For few others its saying password expired. Is there any thing going wrong while logging in. We had set the same password for all the users. I dont see any limitations in the validity of paswords though.

 

Can anyone help on this . Many Thanks!!

Trusted Advisor
Posts: 1,737

Re: unable to login to SASStudio

[ Edited ]

Hello @AmitSri,

 

are you talking about SASStudio on Viya or on 9.4?

 

For Viya, the tip is that the authentication works on a slightly different way: the users will authenticate against the web (and web to LDAP, as your selected option), but it has to double-authenticate as well against the host servers where CAS is running. Meaning: either you have your users registered in the host itself, maintaining same passwords, or you have your linux server joined to the LDAP realm, hence the users can log, with the LDAP credentials, to the CAS servers and the home folders should be automatically generated  (you can give a look into PAM options).

https://communities.sas.com/t5/SAS-Communities-Library/SAS-Viya-3-2-Authentication-Options/ta-p/3720...

 

For 9.4, I think we would need to know additional details: the specific errors in SAS metadata, SAS Studio logs and SAS Logon is a good starting point.

 

Kind regards,

Juan

Frequent Contributor
Posts: 96

Re: unable to login to SASStudio

Posted in reply to JuanS_OCS
hi Jaun,

Thanks for that!!

I am asking about viya. We use to login using our LDAP credentials to all products like Environment manager, SASHome, CAS monitor and SASStudio. But, suddenly, we found that few users are facing this issues. However my id and few sasdemo ids which we created for a general purpose are working fine.
Trusted Advisor
Posts: 1,737

Re: unable to login to SASStudio

Hello @AmitSri,

 

the web applications (Environment Manager, VA, etc) all work with the authentication as set as web authentication: LDAP, SAML, etc. in your case, it is connected to LDAP/AD.

 

However, CAS sessions connect through web (SASStudio), but also it starts a process (the actual CAS one) in the host itself. That is why you need host authentication as well. And the users and passwords should match.

 

PAM is your friend here, and you can delegate authentications to it. So you can create users locally, and maintain the users and passwords, or you just join the machine/s to LDAP realm to allow users to log locally to the server (through SAS Studio) and the server should create the linux home folder for the user as well. 

Ask a Question
Discussion stats
  • 3 replies
  • 165 views
  • 3 likes
  • 2 in conversation