Chapter Contents


SAS/EIS Software: Administrator's Guide

Maintaining Access Control Lists

Removing Obsolete Records from An Access Control List

As you make changes to your access control environment, you might delete users or groups, data registrations might be removed, data values become obsolete, and so on. If your Access Control list has entries for any of these deleted items, these entries are obsolete. Although they do not have any serious adverse effects, they increase the size of the Access Control list unnecessarily and can eventually negatively affect performance. We recommend that you regularly clean up your Access Control list by running the synchronization tool that is provided by the SAS/EIS access control facility by using the steps described below.

  1. Start Access Control synchronization by clicking on [Synchronize ACL] in the Access Control Setup window. This starts a process that can take several minutes, depending on the size of your Access Control list. Every record in the list is cross-checked against your current environment, and any records referring to entities that are not found are flagged for deletion.

  2. When the cross-checking task is complete, the Obsolete ACL Records window is displayed.


    All the obsolete records that were found during the process are displayed in the window, grouped by the following categories:
    Groups lists records for groups that do not exist in the current access control environment.
    Application Databases lists records with application databases or applications in application databases that do not currently exist.
    Applications lists records with applications that do not currently exist.
    Table Registrations lists records with metabase table registrations that do not currently exist.
    Hierarchies lists records with the HIERARCHY table attribute contents that do not currently exist for the given table.
    Hierarchy Levels lists records with HIERARCHY table attribute levels that do not currently exist for the given hierarchy.
    Analysis Columns lists records with ANALYSIS or COMPUTED columns that do not currently exist in the given table.
    Statistics lists records with statistics that are not currently available for a given analysis column.
    Category Columns lists records with CATEGORY columns that do not currently exist in the given table.
    Category Levels list records with data values that do not currently exist in the given table.
    Macro Variables lists all macro variables referenced in the Access Control list. Note that macro variable references are always listed. Use this facility to delete macro variables from your Access Control list.

Note:   The lists in this window enable you to check and mark for permanent deletion each record that was found obsolete. To start permanent deletion of all selected records, close the window.  [cautionend]

Note:   For additional information on the synchronization process, refer to the _checkACL method Help information for SASHELP.MB.ACLADMIN.CLASS.  [cautionend]

Chapter Contents



Top of Page

Copyright 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.