We're currently trying to set up SAS Studio Basic 3.71 in AWS to authenticate against our Active Directory setup. Looking at the documentation in <SASHome>/SASFoundation/9.4/utilities/bin/sasauth.conf, there are three ways to authenticate a user (BIND, MATCH, or QUERY). We decided to go with the MATCH or QUERY methods for authentication. However, we've run into a few errors with both methods. With MATCH, it seems that the user is found, but SAS runs into an issue with getting the encrypted password. With BIND, we're getting an operations error. It looks like our DN query failed, but I'm not getting any other information from the debug logs. I had the following questions: With MATCH and Active Directory, has anyone had any success with retrieving an encrypted password? I've used the password attribute unicodePwd, which is what our other applications use when authenticating against LDAP. Is there a way to see the exact DN query that the QUERY method uses to find the user's DN? I'm thinking that this is our best bet with authenticating against LDAP Is there an additional setup that we have to do on the SAS EC2 instance to create users? As of now, we only have the sas user which is used to install and run SAS Studio Basic. Does each user in LDAP also need a corresponding Unix system user? If anyone has successfully set up SAS Studio basic to authenticate against Active Directory (either using ldap or a combination of PAM and LDAP), could you please share an overview of your working configuration? I can provide more details and logs, but I think my last post was marked at spam from being too long. Thanks again!
... View more