Chapter Contents |
Previous |
Next |
Communications Access Methods for SAS/CONNECT and SAS/SHARE Software |
System and Software Requirements for SAS/CONNECT and SAS/SHARE |
Ensure that the following conditions have been met:
The APPC access method gives you access to an SNA network. SAS/CONNECT and SAS/SHARE software use the Microsoft Windows Open Services Architecture (WOSA) standard (WinAPPC). Therefore, you should be able to use software from any vendor that supports this standard. The following package has been verified by SAS Institute:
Sample configuration files for Windows NT, Windows 95, Windows 98, and Windows 32s are included on the install media in !SASROOT\CONNECT\SASMISC and !SASROOT\SHARE\SASMISC.
Configuring a Microsoft Server Environment |
Note: The following applies to configuring the Microsoft SNA Server
only. If you are using another communications product, refer to that product's
configuration instructions.
An IBM Systems Network Architecture (SNA) network enables a Windows host to provide client and server functionality for both SAS/CONNECT and SAS/SHARE using the APPC communications access method. Before you can use SAS/CONNECT and SAS/SHARE along with the APPC access method, you must install and configure the Microsoft SNA Server.
Optionally, for Windows NT only, you may want to configure Windows NT Host Security Integration features that simplify the login procedure and manage multiple passwords that you may need for accessing Windows NT and host security domains.
See Installing and Configuring a Microsoft Server Environment for information about configuring Windows NT Host Security Integration features and installing an SNA server and SNA clients.
Familiarity with these terms will help you when you talk to your network administrator about selection options.
For more information about this terminology, see the Microsoft SNA Server Administration Guide.
Setting SAS Options |
You may need to set specific options in SAS to establish the connections that you want with SAS/CONNECT and SAS/SHARE when using the APPC communications access method.
Consult with your network administrator to determine what options must be set and what values to assign to them.
You may specify an option in any of several forms, as follows:
OPTIONS SET=variable-name value;
Example:
options set=appc_secure _none_;
-SET variable-name value
Example:
-set appc_secure _none_
SET variable-name=value
Example:
set appc_secure=_none_
Values for these options can contain up to eight characters, consisting of alphanumeric characters, the percent sign (%), the dollar sign ($), the pound sign (#), the at sign (@), and the underscore (_).
If you set multiple forms of the same option, here is the order of precedence that is followed:
OPTIONS statement | |
AUTOEXEC file | |
SAS invocation | |
SAS configuration file | |
DOS environment variable. |
Setting Security for SAS/CONNECT and SAS/SHARE |
For SAS/CONNECT, you must
supply identifying information to sign on
without a script to a remote host running a spawner program. A SAS/SHARE server,
running secured, requires identification from each connecting client. The
next several sections outline the alternatives for specifying security information
for SAS/CONNECT and SAS/SHARE.
Note: In the Windows environment, SAS/SHARE server security is supported
on the Windows NT platform only.
In Version 8, you provide client identification to a SAS/CONNECT remote host or a SAS/SHARE server using the USER= and PASSWORD= options. These options are valid in the following statements:
SIGNON |
RSUBMIT |
LIBNAME |
PROC
SQL
Connect to Remote |
PROC OPERATE
|
Specifying client identification in the APPC_SECURE= option is still accepted but is not recommended in Version 8. The USER= and PASSWORD= options take precedence over the client APPC_SECURE= option when both are specified. For example, a SAS/SHARE client's execution of a LIBNAME statement with values assigned to the USER= and PASSWORD= options would override an APPC_SECURE= option setting in the same client SAS session.
Here is the syntax and definitions for these options:
USER | USERNAME | USERID | UID=username | _PROMPT_ |
PASSWORD | PASSWD | PASS | PWD | PW=password | _PROMPT_ |
Specifying these options allows a user on the local host whose username and password have been verified to access the remote host.
Note: The values provided
when prompted must NOT be quoted.
Specifying USER=_PROMPT_ and omitting the PASSWORD= specification will cause SAS to prompt you for both userid and password.
This is especially useful for allowing the SAS statements containing the USER= and PASSWORD= options to be copied and otherwise effectively reused by others.
For SAS/SHARE, the values supplied for the USER= and PASSWORD= options are valid for the duration of the remote host connection. Additional accesses of the remote host while the connection to that host is still in effect do not require re-supplying of the USER= and PASSWORD= options. For example, while the first connecting library assign to a SAS/SHARE server may require specification of the options, subsequent assigns to the same server will not need specification of these options as long as the original connection is in effect. A subsequent re-connect to the same server or connect to a different server would require re-supplying of the USER= and PASSWORD= options.
Here is a Version 8 example for SAS/SHARE:
libname test 'prog2 a' user=joeblue password="2muchfun" server=share1;
For SAS/CONNECT, these values are valid until SIGNOFF.
Here is a Version 8 example for SAS/CONNECT:
signon rmthost user=joeblack password=born2run;
As a security precaution, PASSWORD= field entries echoed in the log
are replaced with Xs. If _PROMPT_ was specified for entering the password,
the entry would not be displayed on the screen as it is typed.
For SAS/CONNECT and SAS/SHARE, you must set the APPC_SECURE variable in order to pass a remote host userid and a password to a remote SAS/CONNECT host or to a SAS/SHARE server for verification. After the userid and the password have been verified, the connection to the remote SAS/CONNECT host or the SAS/SHARE server can proceed.
APPC_SECURE _NONE_ | _PROMPT_ | userid.password | _SAME_ |
Setting _NONE_ does not establish secure sessions for connecting SAS/CONNECT local hosts or SAS/SHARE clients.
_PROMPT_ specifies that SAS prompt the user for userid and password information. When prompted for a password, the input field is not displayed. Choosing to prompt for userid and password provides more security than assigning the userid and password to the variable.
This option specifies both the userid and password. Assigning the userid and the password directly to the APPC_SECURE variable at the SAS/CONNECT local host or the SAS/SHARE client may inadvertently publicize this information and compromise the security of the SAS/CONNECT remote host or the SAS/SHARE server. Assigning the value to the variable in a file allows anyone to read it.
If the userid or the password contains numeric or special characters, enclose the entire userid.password in quotation marks.
This option must be set at the SAS/CONNECT local host or the SAS/SHARE client.
_SAME_ offers the convenience of not having to specify a userid and password to APPC_SECURE. Setting _SAME_ automatically obtains the appropriate host userid and password from the NT Host Security Integration system. In order to take advantage of this feature, you must have installed and configured the NT Host Security Integration feature in your Windows NT environment. For details about installing and configuring this feature, see Configuring Windows NT Host Security Integration Features.
Examples:
options set=appc_secure _none_; options set=appc_secure _prompt_; options set=appc_secure bass.timego; options set=appc_secure "apex\bass.timego"; options set=appc_secure bass.time2go; options set=appc_secure _same_;
See Setting SAS Options for examples of the forms that you can use to specify APPC_SECURE.
SAS/CONNECT and SAS/SHARE Options |
Ask your network administrator for the name of the local LU that you can use to assign to APPC_LUNAME or for the default local LU value.
The default mode name is SASAPPC. Whether you assign a mode name to the option or you accept the default SASAPPC, you must define the mode and use the same mode name value in both the local session and the remote environments (either on the remote host in a SAS/CONNECT session or on a SAS/SHARE server, as necessary).
SAS/CONNECT Only Options |
Note: This option applies only when connecting to an OS/390 remote host.
Ask your network administrator for the name of the remote LU for the OS/390 host that you can use to assign to APPC_SURROGATE_LUNAME .
In order for APPC_DEPLU to work properly, when specifying the connection name during Microsoft SNA Server configuration, you must configure the remote LU as a dependent host connection. See Configuring the Server for the context for this requirement.
SAS/SHARE Only Option |
Note: Must be set at the SAS/SHARE
client.
Chapter Contents |
Previous |
Next |
Top of Page |
Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.