09-22-2014 02:45 AM
I already did this configuration but I cannot find how to do it again.
I would like to restrict the file navigation from enterprise guide to the server tab from the opening dialog box.
At this moment I have : Desktop, My Documents, My Computer, My network places, Servers and Sas Folder.
I would like to have only Server and Sas Folder.
I know this is a command in the sasv9.config file but I looked on the forum, via the web I cannot find the exact command.
I already configure the workspace server to restrict the file navigation from the server tab.
Thanks for your help
I'm running SAS on windows, Enterprise guide version 4.3, sas version 9.2 and Enterprise guide is running as a client server mode
09-22-2014 06:48 AM
Why would you try to limit in menu's and options? The best thing you can achieve is building up ivory towers and a negative segregation to your users.
As you are showing MS techie behavior see figure 1 in Chapter 8: Data Layer Guidelines security should be seen as overall concept not something as nice to do.
I don not know whether you want to fight internet intranet html-access, that action I have seen done many years ago in a similar way.
Some SAS client menu-s can be tailored for user groups to make them more customized for their usage. It was wrongly named "role based access" as it not RBAC but only menu tailoring.
SAS(R) 9.4 Intelligence Platform: Desktop Application Administration Guide, Third Edition . It is not implementing and additional security as it just hiding menu options.
If you have a security question, solve the security question in that level.
09-22-2014 07:55 AM
From a security point of view I should agree with you and you are right. But I don't want to do that to change the actual security.
We want to put that in place from an organization point of view. (Just a hint, this has no sense as security because what you can't do from the menu, you can do it via the sas code).
The idea is the following : we want to centralize the code in a common place, but we don't want (can't) restrict the rights of the user where they can write. We don't want to try to find where the users are storing their sas code all the time, so the idea was to restrict the access to the metadata server in the open program/project dialog box.
09-22-2014 08:28 AM
Than your question is not data management related, but is about the coding and managing the important business code.
The whole "MY PC"and "MY Spreadsheet" is also about that failing IT business alignment. There are user that want to code some thing by theirself. Selfservice BI (SAS VA) is heading more into that direction.
What I feel is you are needing and looking for is a release management process (DTAP) and some version control for developing "approved code".
By the way the link I gave you is mentioning what you can do as technical guy limiting (possible frustrating) your users.
You can think in not trying by limiting some access, but offering some help and support for effective code management.
You can force them to store everything in SAS-metadata, but there must be some structure in that.
With that you can get into an other question. How do you support backup/restore questions (give me my version of last week)? On the OS level you can redirect to OS-level support.
With a SAS only technical implementation you have to work on that make service agreements and describe those.