Chapter Contents
Previous
Next
|
Chapter Contents |
Previous |
Next |
| Communications Access Methods for SAS/CONNECT and SAS/SHARE Software |
You will perform tasks at both the DOMAIN server and the SAS/CONNECT local host or the SAS/SHARE client when you connect to a SAS/CONNECT remote host or a SAS/SHARE server.
| Tasks to Perform at the DOMAIN Server |
To connect two SAS sessions using the protocol gateway of the DOMAIN server, perform the following tasks at the DOMAIN Server:
Verify that the DOMAIN server identifier is specified in the SERVICES file at the DOMAIN server.
Example:
domsrv 5010/tcp #DOMAIN server
See Configuring the SERVICES File for
details about customizing the SERVICES file.
You must start the DOMAIN server before a SAS/CONNECT local host or a SAS/SHARE client can use it.
To start the DOMAIN server, use the following syntax:
PROC DOMAIN PROTOCOL SERVERID=domain-server-id;
where PROC DOMAIN is a procedure to create a DOMAIN service. PROTOCOL is always specified for the DOMAIN gateway service. SERVERID=domain-server-id specifies the access method network name.
Example:
proc domain protocol serverid=domsrv;
This statement declares DOMSRV as the DOMAIN server.
At the DOMAIN server, specify the communications access method that will redirect the inbound message that was received from the SAS/CONNECT local host or the SAS/SHARE client. Use the following syntax:
OPTIONS COMAMID=access-method-id;
where COMAMID is an acronym for Communications Access Method Identification. access-method-id identifies the method that is used by the remote host to communicate with the SAS/CONNECT local host or the SAS/SHARE client by means of the domain server.
You may specify the COMAMID option in an OPTIONS statement, at a SAS invocation, or in a SAS configuration file. An example of an OPTIONS statement follows:
options comamid=tcp;
The DOMAIN server attempts to locate the destination partner with the TCP/IP access method.
You must specify at least one auxiliary method for the DOMAIN server. Specifying a second auxiliary method is optional. Auxiliary methods are specified by using the COMAUX options.
COMAUX1=alternate-method COMAUX2=alternate-method
COMAUX options can be specified only at a SAS invocation or in a SAS configuration file. An example of specifying COMAMID, COMAUX1, and COMAUX2 options in a SAS configuration file follows:
-comamid tcp -comaux1 appc -comaux2 netbios
To minimize the number of failure-retry operations required to establish a connection to the remote host, specify the most heavily used outbound access methods, in descending order.
For example, if NetBIOS is specified as the inbound access method at
the local host, the NetBIOS domain is searched first for the named service.
If the service is not found, the search is redirected to the DOMAIN server,
which attempts to locate the named service using the access methods specified
in the COMAMID and COMAUX options; in this example, TCP/IP, APPC, and NetBIOS.
The DOMAIN server provides script support for outbound access methods that require a script file to establish a SAS/CONNECT connection to a remote host.
You may store scripts in either of the following locations:
For example, suppose the DOMAIN server node contained the following scripts:
!SASROOT\DOMAIN\SCRIPT\DEFAULT.SCR
SDCMVS.SCR
and
!SASROOT\DOMAIN\SCRIPT\user\DEFAULT.SCR
SDCMVS.SCR
If the TCPSEC macro variable is set to userid.password, one of the script files in !SASROOT\DOMAIN\SCRIPT\user is used. Otherwise, the default script is used.
Prompt windows cannot be passed from the DOMAIN server to the local system. Therefore, INPUT and NOTIFY statements should not be used in the script files. The userid and password values normally obtained by an INPUT statement are managed through the two global macro variables SYSGWID and SYSGWPW. These macro variables are initialized with the value that is obtained from the appropriate security variable (the TCPSEC or VQSECURE macro variable or the APPC_SECURE environment variable). The global macro variables are referenced in the script file in TYPE statements as follows:
waitfor 'login'; type "&SYSGWID" LF; waitfor 'Password'; type "&SYSGWPW" LF;
See Setting SAS Macro Variables for details about the SYSGWID and SYSGWPW macro variables.
| Tasks to Perform at the SAS/CONNECT Local Host and at the SAS/SHARE Client |
Perform these tasks at the SAS/CONNECT local host and at the SAS/SHARE client:
You must set macro variables at the SAS/CONNECT local host or at the SAS/SHARE client to identify the DOMAIN server node name and server identifier and to provide DOMAIN server security for connecting local hosts or clients. The macro variables that are set depend on the inbound access method that is used.
Macro variables are provided for the following inbound access methods:
| APPC | |
| NetBIOS | |
| SPX | |
| TCP/IP. |
The macro variables for the TCP/IP access method are
%LET GWHOST=domain-server-nodename;
Example:
%let gwhost=star.abc.xyz;
Macro variable GWHOST stores the fully qualified TCP/IP node name of the DOMAIN server STAR.ABC.XYZ.
%LET TCPGW=GWHOST.domain-server-id;
Example:
%let tcpgw=gwhost.domsrv;
DOMSRV is the server identifier of the DOMAIN server. If the DOMAIN server node has been defined as STAR in the system's HOSTS file, you omit the GWHOST macro variable and assign the macro variable as follows:
%let tcpgw=star.domsrv;
%LET TCPSEC=_NONE |
_PROMPT_|
|
Select the appropriate value for TCPSEC according to the measure of security that you want. For no security, either do not set the TCPSEC variable or set it to _NONE_. The default is _NONE_
If you set the TCPSEC variable to _PROMPT_, you will be prompted for a userid and a password.
Example:
%let tcpsec=_prompt_;
If you choose to assign the userid and the password directly to the TCPSEC variable at the SAS/CONNECT local host or at the SAS/SHARE client, you inadvertently may publicize this information and compromise the security of the DOMAIN server. Hard-coding the value to the variable in a file allows anyone to read it.
Example:
%let tcpsec=bass.time2go;
In this example, BASS is the userid and TIME2GO is the password on the server or on the remote host.
The macro variables for the NetBIOS and SPX access methods are
%LET VQPROTGW=domain-server-id;
Example:
%let vqprotgw=domsvr;
DOMSVR is the access method's network name.
| %LET VQSECURE=_NONE_| _PROMPT_| userid.password; |
Select the appropriate value for VQSECURE according to the measure of security that you want. The default is no security. For no security, either do not set the VQSECURE variable or set it to _NONE_.
If you set the VQSECURE variable to _PROMPT_, you will be prompted for a userid and a password.
Example:
%let vqsecure=_prompt_;
If you choose to assign the userid and the password directly to the VQSECURE variable at the SAS/CONNECT local host or at the SAS/SHARE client, you inadvertently may publicize this information and compromise the security of the remote host. Hard-coding the value to the variable in a file allows anyone to read it.
Example:
%let vqsecure=bass.time2go;
In this example, BASS is the userid and TIME2GO is the password on the server or on the remote host.
The variables for the APPC access method are
SET=APPC_GATEWAY domain-server-id;
Example:
set=appc_gateway domsvr;
DOMSVR is the access method's network name.
| SET=APPC_SECURE _NONE_| _PROMPT_| userid.password; |
Select the appropriate value for APPC_SECURE according to the measure of security that you want. For no security, either do not set the APPC_SECURE variable or set it to _NONE_. The default is _NONE_.
If you set the APPC_SECURE variable to _PROMPT_, you will be prompted for the userid and the password.
Example:
set=appc_secure _prompt_;
If you choose to assign the userid and the password directly to the APPC_SECURE variable at the SAS/CONNECT local host or at the SAS/SHARE client, you inadvertently may publicize this information and compromise the security of the remote host. Hard-coding the value to the variable in a file allows anyone to read it.
Example:
set=appc_secure bass.time2go;
In this example, BASS is the userid and TIME2GO is the password on the server or on the remote host.
You must specify the communications access method to be used by the local host. Use the following syntax:
OPTIONS COMAMID=access-method-id;
where COMAMID is an acronym for Communications Access Method Identification and access-method-id identifies the communications access method that is used.
For example, if you configure a NetBIOS inbound access method at the local host, then the DOMAIN server may redirect the connection request through the TCP/IP or APPC outbound communications access methods, which are active in the same logical domain.
options comamid=netbios;
The DOMAIN server will switch an inbound NetBIOS request for connection to a remote host to some other outbound access method that is contained in the same logical domain.
You may specify this OPTIONS statement at a SAS invocation or in a SAS
configuration file.
You may use the TCPSEC, VQSECURE, or APPC_SECURE variable, if applicable, to specify the userid and the password that are required by the target host (see Setting SAS Macro Variables). The DOMAIN server supplies the specified value to the outbound access method, which negotiates security with the target host.
If you are using SAS/CONNECT and your outbound access method is TCP/IP, the DOMAIN server attempts to provide a userid and a password through a script. If your SAS/CONNECT script contains a hard-coded userid and password, the DOMAIN server does not alter these values.
Otherwise, security is handled by the DOMAIN server.
| Tasks to Perform at the SAS/CONNECT Local Host Only |
Perform these tasks at the SAS/CONNECT local host only:
If using SAS/CONNECT to make a connection from a local host to a remote host, use the following syntax:
OPTIONS REMOTE=remote-session-id;
where remote-session-id specifies the remote host that you are connecting to.
Note: The remote host is not the host that is
running the DOMAIN server. ![[cautionend]](../common/images/cautend.gif)
The value that you specify will depend on the platforms that are to be connected. See the appropriate part and chapter in this book for the connection that you want. For example, to connect a Windows NT local host to an OS/390 remote host through an inbound TCP/IP access method, specify the OS/390 node name. See SAS/CONNECT: Valid Access Methods Between Hosts and SAS/SHARE: Valid Access Methods Between Hostsfor information about access methods between all remote host and local host pairs.
Example:
options remote=rmtnode;
You may specify this OPTIONS statement at SAS invocation or in a SAS
configuration file.
Supplying a sign-on script depends on the requirement of the remote host that you are connecting to. If you use sign-on scripts, put them in the following location on the DOMAIN server:
!sasroot\domain\script
See Storing SAS/CONNECT Outbound Sign-on Scripts on the DOMAIN Server
for details about locating scripts at the DOMAIN server.
To complete your sign on to the remote host, enter the SIGNON statement. An example follows:
options set=tcpsec _prompt_; options comamid=tcp remote=rmtnode; signon;
To allow a connection to the remote host, the TCPSEC variable specifies that the remote host will prompt for a username and a password. The TCP/IP access method is declared with a remote connection to a remote host identified as RMTNODE, which is the remote-session-id. The remote session identifier that you use is determined by the type of remote host that you are connecting to.
Note: The remote host is not the host that is running
the DOMAIN server.
The SIGNON statement performs the sign-on process.
Note: Sign-on
script files are not needed on an OS/2 local host that uses the APPC access
method because APPC has the ability to communicate directly with the remote
host.
Although no errors are produced if you specify a script file, you do waste processing time. If you defined the RLINK fileref before establishing a connection, when you sign on, SAS/CONNECT processes and loads the script file identified by the fileref, but the APPC access method will ignore the script.
If you do not want to omit the RLINK fileref but you want to avoid wasting processing time, use the NOSCRIPT option in the SIGNON and SIGNOFF statements, shown as follows:
signon noscript; . . . signoff noscript;
| Specifying a Server Name at the SAS/SHARE Client Only |
The server name that you specify in the PROC SERVER, the PROC OPERATE, and the LIBNAME statements must be defined as the SAS/SHARE server-id.
The server name must meet the criteria for a valid SAS name. See SAS Language Reference: Dictionary for details about SAS naming rules.
An example of specifying the server name follows:
options comamid=appc; libname demo 'C:/\' server=remote-server-id;
In this example, at the client, the server name is specified as a remote-server-id.
For details about creating LIBNAME, PROC OPERATE, and PROC SERVER statements, see SAS/SHARE User's Guide.
The access method that you specified at the SAS/SHARE client first attempts to locate the remote session or the SAS server within its domain. If the search for that named server fails and a gateway has been configured through an environment variable, the access method forwards a setup request to the DOMAIN server node. The protocol gateway service of the DOMAIN server attempts to locate the named server in one of its connected domains through the access methods specified by the COMAMID, COMAUX1, and COMAUX2 statements. Server names must be unique throughout the multi-domain network. All subsequent messages for that access method and server are routed through the DOMAIN server and redirected to the appropriate destination.
| Examples |
Example 1:
The following statements illustrate a NetBIOS inbound access method and an APPC outbound access method to an OS/390 system.
| Local SAS session: |
OPTIONS COMAMID=NETBIOS
REMOTE=LUname-of-APPC/MVS-scheduler;
%LET VQPROTGW=DOMSRV;
%LET VQSECURE=_PROMPT_;
SIGNON NOSCRIPT;
| DOMAIN server configuration file: |
-COMAMID APPC -COMAUX1 NETBIOS
| DOMAIN server syntax: |
PROC DOMAIN PROTOCOL SERVER=DOMSRV; RUN;
Note: DOMSRV is the NetBIOS resource name.
Example 2:
The following statements illustrate a NetBIOS inbound access method and a TCP/IP outbound access method.
| Local SAS session: |
OPTIONS COMAMID=NETBIOS
REMOTE=tcp-name-of-remote-host;
%LET VQPROTGW=DOMSRV;
%LET VQSECURE=_PROMPT_;
SIGNON NOSCRIPT;
| DOMAIN server Configuration file: |
-COMAMID NETBIOS -COMAUX1 TCP
| DOMAIN server syntax: |
PROC DOMAIN PROTOCOL SERVER=DOMSRV; RUN;
Note: DOMSRV is the TCP/IP resource name. The server-id DOMSRV must be defined in the SERVICES file on the server host.
Example 3:
The following statements illustrate a TCP/IP inbound access method and an APPC outbound access method.
| Local SAS session: |
OPTIONS COMAMID=TCP REMOTE=LUname-of-APPC/MVS-scheduler; %LET GWHOST=Internet-address of DOMAIN server machine; %LET TCPGW=GWHOST.DOMSRV; %LET TCPSEC=_PROMPT_; SIGNON NOSCRIPT;
| DOMAIN server configuration file: |
-COMAMID APPC -COMAUX1 TCP
| DOMAIN server syntax: |
PROC DOMAIN PROTOCOL SERVER=DOMSRV; RUN;
Note: The server-id DOMSRV
must be defined in the SERVICES file on the server host and on the local host.
|
Chapter Contents |
Previous |
Next |
 Top of Page |
Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.