SAS Office Analytics, SAS Add-In for Microsoft Office, and other integrations

Authentication Best Practices for the SAS Add-in for MS Office

Reply
Contributor
Posts: 62

Authentication Best Practices for the SAS Add-in for MS Office

Wanted to poll other system administrators on what form of authentication that they use for the SAS Add-in for MS Office in SAS 9.2: Host Authentication, Integrated Windows Authentication, or SAS Token Authentication.

My user base is expanding and I am trying to navigate the sticky issue of properly securing my server and mitigating risk versus having to deal with users who cannot access an application because they have to reset their passwords via their connection profile which happens to be buried three clicks away in the add-ins ribbon bar.

Anyone have any perspective on this subject?
New Contributor
Posts: 3

Re: Authentication Best Practices for the SAS Add-in for MS Office

I agree this is a very sticky issue.

Since we are planning our migration to SAS 9.2, we have also have the same question but will mostly likely leverage IWA if is available for us.

The reason for this is that many of our users end up locked their accounts before realizing they must reset their passwords.

This does not just impact just the SAS activity since this will also lock them out of their accounts on the their PCs, impact Outlook and network access.

The security is still in place and this will minimize impact on the users.

We have 500 current users and will expanding to 900 after our upgrade and migration - SAS EBI migration.

Which security method did you end up using ?
Contributor
Posts: 71

Re: Authentication Best Practices for the SAS Add-in for MS Office

Yes we are in the same situation.

With V9.1.3 EBI, we had a limited roll-out of Add-In for MS Office. These users needed to host-authenticate to LINUX via PAM / POSIX to LDAP before being able to use the product in Excel.

Our network people have now automated the creation of POSIX attributes, we are still nervous about rolling this software out to 500-1000 desktops.

With V9.2, there are different authentication methods. We haven't looked at AMO for V9.2 yet, but will soon.
Contributor
Posts: 71

Re: Authentication Best Practices for the SAS Add-in for MS Office

Just an update.

SAS V9.2, AMO V4.22 and the implementation of automated POSIX attribute values on eDirectory user profiles (using the LUM driver) means that AMO users can authenticate to SAS metadata repository just by using the normal PC LAN user ID and password.

-B-
Ask a Question
Discussion stats
  • 3 replies
  • 272 views
  • 0 likes
  • 3 in conversation