Tag: SAS 9.4

Java Look & Feel with SAS Management Console on Linux

As someone who specialises in SAS® metadata security, I spend a lot of time using the Authorization tab in SAS Management Console. I also use Linux a great deal. When I run SAS Management Console on Linux, I’ve noticed that the check box background colours on the Authorization tab don’t render correctly (for me at least). I only ever see white background check boxes when I expect to also see green and gray ones: green indicating an ACT; white indicating an ACE; and gray indicating indirect. These colours are important indicators for the source of access controls so not being able to see them is a problem!

It occurred to me that I might be able to resolve this by specifying a Java System Property in the sasmc.ini file to change the Java Look & Feel.

I first tried changing the default look & feel (using ‑Dswing.defaultlaf) but that didn’t work. What did work is changing the default system look & feel (with ‑Dswing.systemlaf). Continue reading “Java Look & Feel with SAS Management Console on Linux”

Following SAS GEL Security Rules with Metacoda Security Tests

If you’re responsible for managing SAS® platform security, and you haven’t seen them yet, then I’d definitely recommend reading Five papers on Recommended SAS 9.4 Security Model Design (part 1 & part 2) as published by David Stern, Principal Technical Architect from the SAS Global Enablement and Learning (GEL) team.

These papers are an excellent resource for SAS customers and partners to use when designing security for their SAS platform implementations. Having resources like these gives new administrators the opportunity to get it right early on and not have to learn from their own mistakes. I remember the early days of SAS 9.1 when the platform was new and best practices had yet to be discovered. At that time we were learning what practices worked and what didn’t through trial and error. Now, of course, we have the benefit of SAS documentation and published papers to learn from the prior experience of others. The first of these was the Danish Golden Rules as found in the SAS Global Forum 2011 Paper 376-2011 Best Practice Implementation of SAS Metadata Security at Customer Sites in Denmark by Cecily Hoffritz & Johannes Jørgensen. There’s also Angie Hedberg’s SAS Global Forum 2017 paper: Getting Started with Designing and Implementing a SAS 9.4 Metadata and File System Security Design. With the addition of the new GEL recommended practices, the pool of SAS security best practice information has been expanded further with a content rich guide that provides lots of detail, examples, explanations of the rules, and much more. It was also lovely to see Metacoda software get a mention in the GEL papers too. :)

I was fortunate to be able to meet with David at SAS when I was in the UK last week and we spoke about the GEL recommended practices and how the Metacoda Security Testing Framework could be used to help SAS customers and partners follow these practices.

It seemed like to a good time to provide a follow up to an older 2015 blog post I wrote on Testing Recommended Practices with SAS Metadata Security. That post was focused on the Danish Golden Rules, so in this post I’ll show our Metacoda Security Testing Framework can be used to help people follow the GEL rules. Continue reading “Following SAS GEL Security Rules with Metacoda Security Tests”

Auto Creation of Linux Home Directories for SAS Users

In a previous post I’ve described a method for configuring Active Directory Authentication for SAS® on Linux (with realmd). One of the packages that’s installed is oddjob-mkhomedir. This package normally handles any requirement for auto-creating home directories for those AD users on Linux. Unfortunately it doesn’t seem to get used by the SAS Object Spawner. I ran into this issue again today when logging into SAS Studio 4.2 as an AD user on the SAS Viya™ 3.2 platform. I wasn’t able to login because the AD user’s Linux home directory didn’t exist and hadn’t been auto created. After manually creating the home directory the login succeeded. I would rather get auto-creation working so I wouldn’t need to manually create home directories for each SAS user that was likely to use SAS Studio. Thankfully I was able to find a solution that I’ll describe in this post. Continue reading “Auto Creation of Linux Home Directories for SAS Users”

Finding SAS Visual Analytics Reports that use a Table

“How do I list all of the SAS® Visual Analytics reports that use a particular SAS table?”

I was asked this question today and thought of at least 2 ways to answer it. The first is to build a query to use in the Metacoda Metadata Explorer Plug-in and the second is to use the SAS 9.4 Relationship Reporting tools. In this post I’ll show example for both techniques. Continue reading “Finding SAS Visual Analytics Reports that use a Table”

Finding Private User Folders for Deleted SAS Platform Users

“How do I find all the private user folders for SAS users that have been deleted so I know which folders can be removed?”

I was asked this question recently and thought that I should be able to build up a single line XMLSELECT style SAS® metadata query to answer it. I could then paste this query in our free Metacoda Metadata Explorer Plug-in and export the results as a CSV file.

If you’re reading this post because that’s something you need to do, and you want the answer quickly, then here is the query:

{{{ Tree[@PublicType='Folder'][not(AssociatedIdentity/Person)][ParentTree/Tree[@Name='User Folders']/SoftwareComponents/SoftwareComponent[@PublicType='RootFolder']] }}}

The 3 curly brackets at the beginning and end are only needed if you are using the Metacoda Metadata Explorer Plug-in as it’s a signal that it is not a simple text search but an advanced XMLSELECT style query. If you are plugging this into some SAS PROC METADATA code then strip off the curly brackets.

If you want to know how that query works Continue reading “Finding Private User Folders for Deleted SAS Platform Users”