| SAS/EIS Software: Administrator's Guide |
You activate access control for EIS applications by completing
the following steps:
- Make sure that you have write access to the SASHELP.AC and SASHELP.MB
catalogs.
- Select an access control key, which is a password used to protect
and encrypt your access control files and to protect access to the Access
Control Setup window.
- Select a location for your access control files.
- Your access control files contain information about users and
groups and hold the access control lists that define access to data, applications,
and functions for each group of users.
- The access control files should be stored in a location that is
available to all users of your applications at all times. Users who do not
have access to the access control files will not be allowed to start any
EIS application.
- You can store your access control files on any network location
that can be locally mapped from your users' workstations-for example,
a directory on a Novell network drive for PC users or an NFS-mounted volume
for UNIX users. You can also choose any location that is accessible through
a SAS/CONNECT server or a SAS/SHARE server
that supports Remote Library Services (RLS).
The following steps describe how to
set up the access control
environment in your SAS/EIS session:
- Invoke SAS/EIS software
by selecting from the menu bar in a SAS window
| Solutions |
![[arrow]](../common/images/arrow.gif) |
EIS/OLAP Application Builder |
- Open the Access Control
Setup window by selecting Setup from the EIS Main Menu and Access Control from the Setup window's Multidimensional Applications group.
![[IMAGE]](./images/01309496.gif)
- In the Access Control Setup window, select [Access Control
Key]. When the Access Control Key window appears, type the default
access control key, SASADMIN, in the New Key field
and in the Verify New Key field. Select [OK].
![[IMAGE]](./images/01309497.gif)
You can choose not to use any
key on your access control files by selecting
Use no key in the Access Control Key window.
Note: The access control key is stored in the SASHELP.MB catalog. Make
sure that this catalog or a copy of this catalog is used for all applications
that use SAS/EIS access control. ![[cautionend]](../common/images/cautend.gif)
- Now, exit your SAS/EIS session
so that the appropriate catalogs can be updated with this information.
- Start SAS/EIS software
again. Open the Access Control Setup window by selecting Setup from the EIS Main Menu and Access Control
from the Setup window's Multidimensional Applications group. When prompted
by the Access Control Key window, type the access control key that you selected
previously and select [OK].
- In the Access Control Setup window, the Environment
Settings region is now active. Type the path and, optionally,
the name of a server in the ACL Root Path and the Host fields, and press
the Enter key.
![[IMAGE]](./images/01309498.gif)
- Select the Access Control Enabled
check
box.
- Select [Save]. The system verifies that the ACL
Root Path and Host values are valid and creates the access control files
in the directory that you specified. The userid, ADMIN, is created automatically,
with ADMIN as the initial password.
- Now, exit your SAS/EIS session
and all active SAS/EIS applications.
The next time that you start a SAS/EIS session,
you will be prompted to specify a valid userid and password in the Login window.
In the Userid field, type ADMIN; in the Password
field, type ADMIN.
![[IMAGE]](./images/01309499.gif)
- Open the Access Control Setup
window, and select [User/Group
Management] and then [User Management] to open the
User Administration window.
![[IMAGE]](./images/01309500.gif)
- Notice that ADMIN
is the only user
at this point and that it is pre-selected. Select [Edit], and
type a password. Select [OK] and [Close] to
return to the Access Control Setup window. The next time you log on, use the
new password.
Note: The access control setup information is physically stored in
the SASHELP.AC catalog. For all applications that use SAS/EIS access
control, make sure that this catalog, or a copy of it, is being used.
|
| Setting Up Users And Groups |
Access control
definitions
always define access to data, applications, or functions for groups of users.
In other words, an access control group is a collection of users with identical
access rights.
Before you begin
- Compile a list of the users of your application. You might use
IDs from software access control systems or security systems that already
exist in your organization. Also, determine the groups of users with different
access rights.
- Activate access control.
Then, follow these steps:
- Open the Access Control Setup window by
selecting Setup from the EIS Main Menu and Access Control from the Setup window's Multidimensional Applications group.
In the Enter Key window, type the access control key and select
[OK].
![[IMAGE]](./images/01309501.gif)
- Select User/Group Management
and Group Management to open the Group Administration window.
Note that the SYSTEM and USERS
groups have been created for you already. To create additional groups, select
[Add] to open the Group Administration (2) window, type
in the name and description of a group, and select [OK] to
return to the User Administration window. The name of the group you added
appears in the list.
![[IMAGE]](./images/01309502.gif)
Note: You do not need to add users to your groups now. You can
assign
a group to a user as you define the user's ID.
- After you have defined the groups that you need, close the Group
Administration window.
Note: You can now define IDs for the users of your application or you
can do this at a later time.
- To define user IDs, select User/Group Management and then User Management to open
the User Administration window, which displays a list of users. To add a user,
select [Add] to open the User Administration (2) window. Next,
type an ID and a password, and select one or more groups for the user. Optionally,
you can add a full name for the user. Follow these steps for each user you
add. When you have completed all additions, select [OK] and [Close] to return to the Access Control Setup window.
Note: For additional information, see
Assigning Multiple Groups to a User.
![[IMAGE]](./images/01309503.gif)
You
have now defined your initial User/Group structure. You can repeat
these steps at any time to change descriptions, to add or remove users or
groups, to change group assignments, or to reset passwords.
Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.
