Chapter Contents

Previous

Next

SAS/SHARE

Client Tasks

System Administrator, Applications Programmer, and User

To prepare for accessing a SAS/SHARE server, perform the following tasks:

1. Set security for connecting clients.

2. Specify the DECnet access method.

3. Specify a server name.

Setting Security for Connecting Clients

Requiring connecting clients to supply a valid userid and password enforces server security. At the client, set the preferred security method for specifying a userid and password that are valid on the server host. For details, see Setting Security for SAS/CONNECT and SAS/SHARE.

Specifying the DECnet Communications Access Method

You must specify the DECnet communications access method at the client before you access a server.

Use the following syntax to specify the DECnet access method at each connecting client:

OPTIONS COMAMID=access-method-id;

where COMAMID is an acronym for Communications Access Method Identification. access-method-id is an abbreviation for the method used by the client to communicate with the server. DECnet (an acronym for Digital Equipment Corporation's Networking architecture) is an example of an access-method-id.

Example:

options comamid=decnet;

The server is accessed using the DECnet access method.

You may specify the COMAMID option in an OPTIONS statement, at a SAS invocation, or in a SAS configuration file.

Additionally you may use the COMAUX1 and COMAUX2 options to designate auxiliary communications access methods. See SAS/CONNECT and SAS/SHARE: Supported Access Methods According to Host Release for the supported access methods by host. If the first method fails to access a server, the second method will be attempted, and so on. You can specify up to two auxiliary access methods, depending on the number of methods that are supported between client and server hosts.

COMAUX options can be specified only in an OPTIONS statement. The syntax for the COMAUX option follows:

OPTIONS COMAUX1=alternate-method;

An example of the OPTIONS statements for an OpenVMS client that is connecting to a server follows:

options comamid=decnet;
options comaux1=tcp;

If the server cannot be reached with the DECNET method, a second attempt is made with the TCP/IP access method.

Specifying a Server Name

If the client and server sessions are running on different network nodes, you must include the DECnet node in the server identifier in the PROC SERVER command or in the LIBNAME and PROC OPERATE statements as follows:

SERVER=node.server-id

This representation is known as a two-level server name.

node must be a valid DECnet node name. If the server and the client sessions are running on the same node, you may omit the node name.

If the DECnet node name is not a valid SAS name (for example, it contains a digit or its length exceeds eight characters such as when you assign ACI to the node name) you have several options for validating the node name:

• Assign the name of the server's node to a SAS macro variable, then use the name of the macro variable for node in the two-level server name.

• Assign the name of the server's node to an OpenVMS logical name, then use the name of that OpenVMS logical name for node in the two-level server name.

• Assign the name of the server's node to a DCL symbol, then use the DCL symbol for node in the two-level server name.

The access method evaluates the node name, in this order of precedence:

• acceptable node name

• OpenVMS logical name

• SAS macro variable

• DCL symbol.

Examples:

• OpenVMS logical name format:

  $ define alias "node"["userid password""]

Example of OpenVMS logical name format:

$ define fred "4sonar""bass time2go""

• SAS macro variable format:

  1? %let alias=node ["username password"];

Example of SAS macro variable format:

1? %let fred=4sonar"bass time2go";

Note:   Do not use an ampersand (&) in a two-level name. An ampersand causes the macro variable to be resolved by the SAS parser prior to syntactic evaluation of the SERVER= option. The access method evaluates the node name in a two-level server name.  

See SAS Language Reference: Dictionary for details about SAS naming rules. See SAS/SHARE User's Guide for details about the PROC SERVER, PROC OPERATE, and LIBNAME statements.

• DCL symbol format:

  $ alias:="node"["username password""]

Example of DCL symbol:

$ fred:="4sonar""bass time2go""

• USER= and PASSWORD= options to applicable SAS/CONNECT statement:

  statement USER=username PASSWORD=password;

Example of USER= and PASSWORD= options to SIGNON:

signon user=bass password=time2go;

In the preceding examples, the alias is FRED, the node is 4SONAR, the username is BASS, and the password is TIME2GO.

For details about starting a SAS/SHARE server, see SAS/SHARE User's Guide.

Client Example

The following example illustrates the statements that you specify in an OpenVMS client SAS session to access a server with the DECnet access method:

options comamid=decnet;
libname sasdata [edc.prog2.sasdata] user=_prompt_ server=rmthost.share1;

The DECnet access method is declared. The LIBNAME statement specifies the data library that is accessed through the server, which is specified by the two-level server name RMTNODE.SHARE1 by means of a prompt for a username and a password that are valid on the server

Server Tasks

Server Administrator

To set up a secure server and to make it accessible to a client, perform the following tasks:

• Assign a privileged account to the server.

• Set DECNET access method security.

• Specify the communications access method.

• Specify the server name.

Assigning a Privileged Account to the Server

Ask your system administrator to verify that the account in which the secured server runs has one of these privileges: GRPPRV, SYSPRV, or BYPASS.

Note:   If the server has GRPPRV privilege, only users in the same UIC group as the server will be able to have access to files validated by the server. Users that are not in the same UIC group as the server will not be able to use the server.  

Setting DECnet Access Method Security

Before you can create a secure SAS/SHARE server, you must make the access method secure by setting the SASSECUR macro or environment variable to _SECURE_. See SAS/SHARE SASSECUR Variable for information about setting the SASSECUR variable.

Specifying the DECnet Communications Access Method

You must specify the DECnet communications access method at the server before you create a SAS/SHARE server.

Use the following syntax to specify the DECnet access method at the server:

OPTIONS COMAMID=access-method-id;

where COMAMID is an acronym for Communications Access Method Identification. access-method-id is an abbreviation for the method used by the server to communicate with the client. DECnet (an acronym for Digital Equipment Corporation's Networking architecture) is an example of an access-method-id.

For a server that is running on a host on which only one communications access method is available, use only the COMAMID option.

Example:

options comamid=decnet;

The server will be available only to SAS/SHARE sessions that use the DECnet access method.

You may specify the COMAMID option in an OPTIONS statement, at a SAS invocation, or in a SAS configuration file.

If, however, the host on which a server runs supports multiple access methods, you may specify up to two auxiliary access methods by which clients may access the server using the COMAUX1 and COMAUX2 options. See SAS/CONNECT and SAS/SHARE: Supported Access Methods According to Host Release for the supported access methods by host.

All of the access methods initialize when the server initializes. The activation of multiple access methods makes a server available to several groups of clients, each using a different communications access method simultaneously.

COMAUX options can be specified in an OPTIONS statement only. The syntax for the COMAUX option follows:

OPTIONS COMAUX1=alternate-method;

An example of the OPTIONS statements for a server that is running on an OpenVMS host follows.

options comamid=decnet;
options comaux1=tcp;

When the server starts, all of the communications access methods are initialized. The server is simultaneously available to client sessions that use the DECnet access method as well as to clients that use the TCP/IP access method.

Specifying a Server Name

If the client and server sessions are running on different network nodes, you must include the DECnet node in the server identifier in the PROC SERVER command. See Specifying a Server Name for server-naming rules.

Server Example

The following example illustrates the statements that you specify in a SAS session on the OpenVMS host at which you start a server:

%let sassecur=_secure_;
options comamid=decnet;
proc server id=share1 authenticate=req;
run;

The SASSECUR variable requires clients to submit a userid and a password that are valid on the server. The DECnet access method is declared and a server with the server-id SHARE1 is started on the OpenVMS host. The additional options in the PROC SERVER statement allow only validated clients to access the server.

Chapter Contents

Previous

Next

Top of Page

Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.