BookmarkSubscribeRSS Feed
Eva
Quartz | Level 8 Eva
Quartz | Level 8

Dear all,

 

I have an STP (SAS 9.4, Linux Server, Windows 7 Client) which uses a technical user "techuser".

 

Now this technical user "techuser" doesn't have the right to read the files in a directory that I want to acces. i.e. I want to open the directory and get the information which files are stored there and then surf through the text of all these files.

 

What I would like to do now is to change the user. I.e. tell the STP not to use the standard technical user "techuser", but another user "myuser" from which I have the encoded password. And "myuser" has the correct rights to acces the directory and read the files.

 

Does anybody know how to do this?

 

Best regards

Eva

2 REPLIES 2
Haikuo
Onyx | Level 15

Many technical details are missing, but from where I can guess, here are some general comments:

When a STP executes, there are 2 possible identities that it can use, you can control them by  right click >> modify >> Execution Options.

 

If you choose 'Workspace server only', then the STP will be executed under individual user identities verified by metadata server, if you choose "stored process server only", it will match your status quo, it executed under a service accunt 'SAS Trust User' if out of box, but it can be renamed to anything, such as 'techuser' in your case. If you choose 'Default server', then client app will be put in charge on selecting which server/identity to use, such as, the web app most likely to use 'SAS trust user', while EG may choose to use user's own identity.

Last but not least, make sure you actually have permission to modify this STP, depending on where it stored, you may or may not have 'write access' to its metadata.

 stp.PNG

Eva
Quartz | Level 8 Eva
Quartz | Level 8

Sorry for missing out the details.

 

Here's how I use it:

The STP is created in one project and the technical user belongs to that project.

The project operates on the linux directory /projects/myproject/

Then the STP is executed in the SAS portal by some user.

 

What the STP does:

it analyzes macros on the linux server.

I.e. the STP provides parameters for the SAS portal user: &p_startdirectory , &p_startmacro , &p_username , &p_userpwd (via https).

&p_startdirectory usually is something like /projects/someotherproject/src/macros/

Now the STP looks up the startdirectory and the code of the startmacro and tells the user something about it (not relevant for the question).

To do this I use dopen() and mopen() to get to the macro code of startmacro.

This only works if the technical user of the STP has acces to the startdirectory.

 

Problem:

Cases where the technical user of the STP has not acces rights to the startdirectory.

That's what the STP parameters &p_username , &p_userpwd are for: the user of the sas portal knows user and password that has access to the startdirectory and supplies this information via the STP parameters in the SAS portal.

So to which user I have to change is dynamically and depends on the value the sas portal user provides.

I have to take this information and run the STP code - analyze the startmacro.

 

So unfortunately I cannot use the dialogue of the STP Manager.

sas-innovate-2024.png

Join us for SAS Innovate April 16-19 at the Aria in Las Vegas. Bring the team and save big with our group pricing for a limited time only.

Pre-conference courses and tutorials are filling up fast and are always a sellout. Register today to reserve your seat.

 

Register now!

How to Concatenate Values

Learn how use the CAT functions in SAS to join values from multiple variables into a single value.

Find more tutorials on the SAS Users YouTube channel.

Click image to register for webinarClick image to register for webinar

Classroom Training Available!

Select SAS Training centers are offering in-person courses. View upcoming courses for:

View all other training opportunities.

Discussion stats
  • 2 replies
  • 1079 views
  • 0 likes
  • 2 in conversation