2 thoughts on “Identity Hierarchy”

  1. Hi,

    Thanks for explaining such difficult concepts at length. They deserve it rightfully. The identity hierarchy could be explained sometimes in terms of “distance” instead of “precedence” : the 1st level group of any given user is the closest one, etc. Matter of taste.
    It might be also worth mentioning an issue about the security enforcement of shared pages in the 9.1 portal when using cyclical group membership (of the 1st level) : see the note http://support.sas.com/kb/36/874.html.

    All The Best,
    Ronan

  2. Hi Ronan,

    I definitely agree with your suggestion that distance can be a good way to explain identity hierarchy precedence. Now that you mention it, when teaching, I usually find myself using distance-based terms, saying things like “The European Region group is further away from Bob than the Sales group.” or “Sales is closer to Bob than European Region”. A distance-based explanation is a concept well understood by most people. Thanks for the thoughtful comment.

    I also appreciate your tip about the usage note. I hadn’t seen that note before, and I have been looking for other examples of reasons to avoid groups with circular references (or as the usage note puts it much more succinctly “cyclical membership”).

    Cheers
    Paul

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.