Active Directory User Synchronisation with SAS Metadata

By Ambica Palamittam - Analyst/Programmer


Many companies manage their users, computer networks, and access of resources via either by identity management systems that control LDAP, or directly in LDAP itself. LDAP stands for “Lightweight Directory Access Protocol”. A well-known example of such a system using LDAP is Microsoft Active Directory. This is a centralised system for the authentication and authorisation via user and group management.

This article focuses on efficient administration of your company’s SAS Application users/groups by using the LDAP information and synchronising that to the SAS Metadata.

SAS’ application security is mainly controlled by the SAS metadata, which is the heart of the SAS system. The SAS metadata is the central repository for storing and managing which SAS applications and resources can be accessed by whom. While using any SAS application, you will be authorised and authenticated through the SAS metadata. For the SAS metadata server, SAS includes the SAS management console which enables you to administer the configuration of information using a graphical user interface very easily through a manual process.

How SAS integration to Lightweight Directory Access Protocol (LDAP) helps in easy administration  

SAS integration to LDAP allows you to retrieve information from the enterprise LDAP environment. With this you can let the SAS metadata users and groups reflect users and groups as they are maintained in the companies’ LDAP system using that as a single point of truth. This provides you with an automated, faster and efficient process, thus solving the issues incurred from a manual intervention for SAS metadata management. This functionality has been around for years, but we still come across clients that are not aware of this functionality.

How we helped our clients to achieve easy metadata administration.

SAS provides ready to use programs that can synchronise the information present in LDAP with SAS Metadata. We have helped our clients to customise these scripts to incorporate their specific requirements. Some examples are: Which user information needs to be synchronized; specific groups, specific memberships, logging changes, error checking and notification.

What can OCS SAS Consulting offer you? 

Having customised these scripts for a wide range of clients, we have a toolbox of functionalities which we can utilise and a list of functionalities that we can propose to clients.