When I apply a new SAS license (setinit) each year, sometime I forget to also update it in metadata. I might not even remember until I get an email from the SAS platform itself:
From: SAS Platform
Subject: SAS Product Expiration Notification
Your license for SAS product name on sas.example.com has expired. Please contact your on-site SAS support personnel to obtain your updated setinit information.
“on-site SAS support personnel” … hey that’s me! I feel embarrassed that I forgot … again!
So, what if you want to be a bit more proactive and double-check whether you have an up to date SAS setinit in metadata? Continue reading “Checking a SAS Setinit/License in Metadata”
Sometimes I forget whether I’ve added our internal site root and intermediate CA certificates to the Trusted CA Bundle that SAS® Software applications use. Sometimes I also forget the command I can use to find out whether I did! 😉 As is often the case with my blog posts, by jotting things down here, I can find them again either by searching this blog, or more likely, by remembering I wrote it when I see it turn up in Google search results!
If you use site-signed certificates from your own internal CA in your SAS platform installations then you’re probably already familiar with adding them to the Trusted CA Bundle using the SAS Deployment Manager (see the Manage Certificates in the Trusted CA Bundle Using the SAS Deployment Manager section in the Encryption in SAS® 9.4 book for more info).
If you want to find out what CA certificates are already in that bundle you can use the Java keytool command like so:
/opt/sas94m5/sashome/SASPrivateJavaRuntimeEnvironment/9.4/jre/bin/keytool -list -keystore /opt/sas94m5/sashome/SASSecurityCertificateFramework/1.1/cacerts/trustedcerts.jks -storepass changeit
It generates a long list of CA certs, so I pipe it through grep to look for the ones I want:
/opt/sas94m5/sashome/SASPrivateJavaRuntimeEnvironment/9.4/jre/bin/keytool -list -keystore /opt/sas94m5/sashome/SASSecurityCertificateFramework/1.1/cacerts/trustedcerts.jks -storepass changeit | grep -i metacoda
If you want more details on the certificates you can Continue reading “Did I add that CA Certificate to the SAS Trusted CA Bundle?”
A few days ago I installed SAS Management Console 9.4 M4 and Metacoda Plug-ins 6.0 R4 on a Microsoft Surface Pro running Windows 10. After launching SAS Management Console, and logging in, it looked very odd. All of the icons and text were very close together and the text was hard to read. Here’s a screenshot (the images on this page are automatically resized to fit in the column, but I have kept them at their original resolution so you can click on them if you want to see them full size for comparison) …
This Surface Pro machine has a HiDPI display with a resolution of 2736×1824 and is scaled by default in Windows 10 at 200%. I assumed that Continue reading “SAS Management Console on HiDPI Windows 10”
As someone who specialises in SAS® metadata security, I spend a lot of time using the Authorization tab in SAS Management Console. I also use Linux a great deal. When I run SAS Management Console on Linux, I’ve noticed that the check box background colours on the Authorization tab don’t render correctly (for me at least). I only ever see white background check boxes when I expect to also see green and gray ones: green indicating an ACT; white indicating an ACE; and gray indicating indirect. These colours are important indicators for the source of access controls so not being able to see them is a problem!
It occurred to me that I might be able to resolve this by specifying a Java System Property in the sasmc.ini file to change the Java Look & Feel.
I first tried changing the default look & feel (using ‑Dswing.defaultlaf) but that didn’t work. What did work is changing the default system look & feel (with ‑Dswing.systemlaf). Continue reading “Java Look & Feel with SAS Management Console on Linux”
In a previous post I’ve described a method for configuring Active Directory Authentication for SAS® on Linux (with realmd). One of the packages that’s installed is oddjob-mkhomedir. This package normally handles any requirement for auto-creating home directories for those AD users on Linux. Unfortunately it doesn’t seem to get used by the SAS Object Spawner. I ran into this issue again today when logging into SAS Studio 4.2 as an AD user on the SAS Viya™ 3.2 platform. I wasn’t able to login because the AD user’s Linux home directory didn’t exist and hadn’t been auto created. After manually creating the home directory the login succeeded. I would rather get auto-creation working so I wouldn’t need to manually create home directories for each SAS user that was likely to use SAS Studio. Thankfully I was able to find a solution that I’ll describe in this post. Continue reading “Auto Creation of Linux Home Directories for SAS Users”