Did you change your LinkedIn password yesterday? (If you didn’t, you should!) But did it happen to be the same as your corporate password? First, tisk tisk. Second, change your corporate password NOW!
Ok, now that this is done ~ don’t let your saved connection profile for SAS applications lock your corporate account out later today. (The SAS connection profile is used in thick client applications including SAS Information Map Studio, SAS OLAP Cube Studio and SAS Management Console.) Before clicking the OK button to start a SAS connection, select Edit... and enter your new corporate password.
Now SAS Administrators are probably going to be interested in ensuring that passwords are never saved in this system (especially after the LinkedIn fiasco). If this functionality was not disabled during the initial SAS configuration, administrators can go back and make that modification. Modify the XML property SASSEC_LOCAL_PW_SAVE from "T" to "1" to SASSEC_LOCAL_PW_SAVE "F" or "0" within the omaconfig.xml file located in the SAS Metadata Server configuration (Lev1/SASMeta/MetadataServer) and then restart the SAS services. Now the button 'Save user ID and password in this profile' (as seen in the 2nd screenshot above) will not be available for your SAS users and they will be forced to enter their password each time they initiate a connection.
5 Comments
It is interesting to note that if the omaconfig.xml has the settings of SASSEC_LOCAL_PW_SAVE from "T" to "1" and these sequence of events occur:
1) end user saves their password in the connection profile
2) a change is made to: SASSEC_LOCAL_PW_SAVE "F" or "0"
3) metadata server restarted
The users is still able to login without being prompted for credentials. This is due to the user making their change prior to the change to the metadata server's configuration. So those users that got in early to save their password will not be prompted for a while.
It is very interesting to this option brought up.
Clarifying... so setting the parameters keeps the from being stored on the user's local machine, right? If we have users using the SAS Personal Login Manager, does that save it to the metadata server or to the local machine?
Hey Jen, great to hear from you! The administration setting disallows passwords from being saved on the user's local machine. The SAS Personal Login Manager allows users to update their passwords that are stored in the server's metadata. There is more information from Metacoda.com on how the SAS Personal Login Manager works in their blog post.
Angela, please confirm that this (the metadata configuration setting) controls the window's clients (SAS Enterprise Guide and SAS Add-In for Microsoft Office) as well as the java client's connection profile shown above. Thanks
Thanks Rick for the question! Yes, this setting in the metadata configuration controls both client connection profile types (windows clients such as Add-in to MS Office as well as java clients like Management Console).