When testing Integrated Windows Authentication (IWA) based client connections to SAS® platform servers, it is well worth checking the SAS logs to verify the connections are being made the way you expect. SAS has a variety of methods up it’s sleeve to get you authenticated, including cached credentials, retrieving stored credentials from metadata, SAS token authentication etc. Looking in the SAS server logs will help you identify the connection/authentication events and methods used. In the past I’ve thought I was using IWA+Kerberos but when I looked in the log it was obvious I wasn’t! I think it’s essential when testing/troubleshooting a new IWA configuration to review the SAS server logs for both failed and successful connections.
In a previous post “SAS and IWA: Two Hops” I mentioned how sometimes it’s necessary to force the use of Kerberos with IWA to be able to make IWA delegated connections to secondary servers. So here’s some examples of what we might see in SAS server logs Continue reading “SAS & IWA: Check the Logs”
Quick note from Paul: I’m really excited that platformadmin.com’s very first guest post is from the well known blogger and author Tricia Aanderud. I suspect you already know Tricia, but just in case you don’t …
Tricia Aanderud, president of And Data, Inc., provides SAS® consulting services to corporations who need assistance understanding how to transform their data into meaningful charts, reports, and dashboards. Tricia has been an enthusiastic SAS user since 2002 and has presented papers at the SAS Global Forum and other industry conferences. She is the co-author of two SAS BI books, “Building Business Intelligence with SAS: Content Development Examples” and “The 50 Keys to Learning SAS Stored Processes”.
Now over to Tricia …
I frequently find myself querying the metadata to assist with understanding a new customer system or trying to navigate one of my demo systems. As a result, I find I have many utilities that I want to share with customers. However, since these connect to the metadata with an active password, I don’t want to share my password. Using the SAS PWENCODE procedure, I can encode my password in a SAS program and voilà! a way to share the code and shield the password.
Encoding the Password
The PWENCODE procedure allows you to encode passwords that are used in place of plaintext passwords in SAS programs.
The following figure shows the PWENCODE procedure in a simple way. My example password, Pa55w0rd!, is placed in quotes. You can use different encoding methods, which you can read more about in the SAS PWENCODE procedure documentation.
The encoded password appears in the Continue reading “Password Encoding with SAS”