Hi all,
I have SAS Viya 3.4 deployed in Linux. It contains SAS Studio (v 4.4) and SAS StudioV ( v. 5.1)
I restricted access to SAS StudioV using prohibit Rule (/SAS StudioV/** ) in SAS Viya Environment Manager.
Does anybody know how to restrict access to SAS Studio 4.4?
The rule / SAS Studio/** doesn't work and I believe it shouldn't work cause SAS Studio 4.4 is not controlled by Viya.
@BeNur ,
How high is that module is in the stack? The module should be before pam_unix or any other modules you are using for the authentication. Also, the following command will help you debug it:
sudo grep sasauth /var/log/secure
If you see no pam_succeed_if in the output, that means you have to place that module higher in the stack.
Hi @alexal,
thanks for your response. I tried to add :
auth required pam_succeed_if.so gid=1001,500001129
(where1001,500001129 my ldap groups that should be allowed to ) into the /etc/pam.d/sasauth-spre file but it didn't work
Maybe you can provide me an example of your sasauth-spre file
I want to deny access for the group with the id 222 and allow access to the group with id = 1001,500001129
@BeNur ,
How high is that module is in the stack? The module should be before pam_unix or any other modules you are using for the authentication. Also, the following command will help you debug it:
sudo grep sasauth /var/log/secure
If you see no pam_succeed_if in the output, that means you have to place that module higher in the stack.
Join us for SAS Innovate 2025, our biggest and most exciting global event of the year, in Orlando, FL, from May 6-9. Sign up by March 14 for just $795.