Chapter Contents |
Previous |
Next |
Communications Access Methods for SAS/CONNECT and SAS/SHARE Software |
Local Host Tasks |
Remote Host Connection Considerations |
If you are connecting to a Windows 95, Windows 98, or Windows NT remote host, you must connect by means of a spawner program that is already running on the remote host. If you are connecting to an OS/2, a UNIX, or an OS/390 remote host, you optionally may connect by means of a spawner program that also is already running on the remote host. A spawner program allows the encryption of userids and passwords when passed through the network. Without a spawner, readable userids and passwords are passed through the network, which may present a security risk. See Spawner Programs for information about starting the spawner on the remote host.
You may also sign on to the remote host with a script file. If you do not sign on with a script file, as a security measure, set the USER= and PASSWORD= options in the SIGNON statement, which is passed to the remote host, allowing a local host connection.
Note: Setting the Version 7 TCPSEC option at
the local host also works.
If the -NOSCRIPT option is set at the spawner invocation, sign on with a script is prohibited. Ask your network administrator whether the -NOSCRIPT option is set at the spawner invocation.
If you sign on to a host that is not a Windows NT, a Windows 95, a Windows 98, an OS/2, a UNIX, or an OS/390 host, you will sign on with a script.
Configuring the Spawner in the SERVICES File |
Before connecting to a UNIX remote host or an OS/390 remote host with the spawner program, configure the spawner service in the SERVICES file on the local host. See Starting the OS/390 Spawner for information about configuring the SERVICES file.
Setting Security for Local Hosts |
If you are not using a script file to sign on to the remote host, set security at the local host using either of the methods explained in Setting Security for SAS/CONNECT and SAS/SHARE. For Version 8 security behavior, specify the USER= and PASSWORD= options to the SIGNON statement. For details, see Providing Client Identification in a Version 8 Session.
For Version 7 security behavior, if you set the TCPSEC option at the local host, either specify a userid and a password that are valid on the remote host or specify PROMPT to supply the userid and password when connecting to a remote host. For information about setting the TCPSEC option, see Providing Client Identification in a pre-Version 8 Session.
Specifying the TCP/IP Access Method |
You must specify the TCP/IP communications access method to make a remote host connection. Use the following syntax:
OPTIONS COMAMID=access-method-id;
where COMAMID is an acronym for Communications Access Method Identification. access-method-id identifies the method used by the local host to communicate with the remote host. TCP (short for TCP/IP, which is an abbreviation for Transmission Control Protocol/Internet Protocol) is an example of access-method-id.
Alternatively, you may set this option at a SAS invocation or in the SAS configuration file.
Example:
options comamid=tcp;
Specifying the Remote Node Name |
To make a connection from an OS/390 local host to a remote host, use the following syntax:
OPTIONS REMOTE=node-name<.service-name>;
The value of node-name is based on the type of remote host that you are connecting to.
See Spawner Programs for information about the spawner program. See Starting the UNIX Spawner Program for information about configuring the spawner service in the SERVICES file.
The value of the REMOTE= option must be a valid SAS name. See SAS Language Reference: Dictionary for details about SAS naming rules.
Example:
OPTIONS REMOTE=node-name;
If you use an Internet address (or some other invalid SAS name), you must assign the address to a macro variable and specify the macro variable for the value of the REMOTE= option. Here is an example:
%let node=Internet-address; options remote=node;
Do not choose a macro name that is also a valid host name on your network. SAS first attempts to reach a network host with the value of the REMOTE= option (in this example, MYNODE).
%let mynode=149.999.228.6; options remote=mynode;
Identifying a Script File for Signing On and Signing Off |
To use one of the sample script files that is supplied with SAS/CONNECT for signing on and signing off, assign the RLINK fileref to the appropriate script file, based on the remote host that you are connecting to. The sample script files are installed in your prefix.CTMISC data set. You must customize the sample scripts to accurately reflect the logon processes at your site. Failure to do so will produce errors.
The fileref format follows:
FILENAME RLINK '&prefix.CTMISC(script-name)';
where script-name identifies the script that corresponds to the remote host that you want to connect to.
The following table lists the scripts that are supplied by SAS Institute:
Remote Host | Script Name |
---|---|
CMS | TCPCMS |
CMS (using full-screen 3270 TELNET protocol) | TCPCMS32 |
OS/390 (with TSO) | TCPTSO |
OS/390 (without TSO) | TCPMVS |
OS/390 (using full-screen 3270 TELNET protocol) | TCPTSO32 |
OpenVMS | TCPVMS |
OS/2 | TCPOS2 |
UNIX | TCPUNIX |
Windows NT, Windows 95 , and Windows 98 | TCPWIN |
filename rlink '&prefix.CTMISC.(tcpunix)';
Signing On to the Remote Host |
To complete your sign on to the remote host, enter the SIGNON statement, as follows:
signon user=_prompt_;
To set security at the remote host, specify valid values for the USER= and PASSWORD= options in the SIGNON statement. For details, see Providing Client Identification in a Version 8 Session.
Local Host Example |
The following example illustrates the statements that you specify in an OS/390 local host SAS session to connect to a remote host with the TCP/IP access method.
filename rlink 'sas.ctmisc.tcpvms'; options comamid=tcp remote=rmthost; signon user=_prompt_;
The first line identifies the script file that you use to sign on to the OpenVMS remote host. The script file contains a prompt for a userid and a password that are valid on the remote host. The TCP/IP communications access method is declared with a connection to the remote host RMTHOST. The USER= option in the SIGNON statement specifies that the connecting local host be prompted for a userid and a password that are valid on the remote host.
Remote Host Tasks |
To allow a connection from a local host to an OS/390 remote host without running a TSO terminal monitor program, install the logon procedure on the remote OS/390 host.
If you are signing on to an OS/30 remote host with TSO, there are no remote host tasks.
Installing the Logon Procedure on the Remote Host |
For OS/390 remote host connections, you can eliminate the need for TSO by replacing the terminal monitor program (also called logon procedure) with a procedure that invokes SAS with the options that you want. The benefits of this method are that signing on and signing off an OS/390 remote host is much faster than running with TSO, and you eliminate the overhead consumed by running TSO. However, a disadvantage of running without TSO is that you cannot execute any X commands or TSO commands.
In the following example, the logon procedure invokes SAS with the DMR and the COMAMID=TCP options. When you log on to the OS/390 remote host, this procedure is immediately run so that the current OS/390 account is limited to running SAS each time that the current OS/390 account user logs on.
//JOBDL PROC ENTRY=SASHOST, // OPTIONS=, // WORK='500,200' //JOBDL EXEC PGM=&ENTRY, // PARM='&OPTIONS DMR COMAMID=TCP',REGION=4096K //STEPLIB DD DISP=SHR,DSN=&prefix.TS450.LIBRARY //CONFIG DD DISP=SHR,DSN=&prefix.TS450.CNTL(TSOXA) //SASAUTOS DD DISP=SHR,DSN=&prefix.TS450.AUTOLIB //SASHELP DD DISP=SHR,DSN=&prefix.TS450.SASHELP //SASMSG DD DISP=SHR,DSN=&prefix.TS450.SASMSG //WORK DD UNIT=SYSDA,SPACE=(6144,(&WORK),,,ROUND), // DCB=(RECFM=FS,DSORG=PS,LRECL=6144,BLKSIZE=6144) //SASPARM DD UNIT=SYSDA,SPACE=(400,(100,300)), DCB=(RECFM=FB,LRECL=80,BLKSIZE=400,BUFNO=1)
A script file is still required at the local host for sign on. However, a SAS invocation is not included in the script file because the logon procedure already performs SAS invocation.
See TCPMVS.SCR Script for the content of the script file.
Remote Host Example |
You may set the following variables to restrict port access in the AUTOEXEC file:
options tcpportfirst=5020; options tcpportlast=5050;
These statements restrict access to ports 5020 through 5050.
Chapter Contents |
Previous |
Next |
Top of Page |
Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.