Here’s what 72 SAS admins told us…

At Metacoda we like to know as much as possible about how SAS admins work, so that we can better plan our business and products to best meet your needs.

And what better way to find out than by simply asking?

So in October we ran a SAS® Administrator Survey on Metadata Security.

A huge THANKS to everyone who filled in the survey, giving us a really useful set of information and comments.

In total we had 72 responses, with an average completion rate of 92%, and a typical fill-in time of about 2 minutes and 20 seconds.

The survey was conducted using SurveyMonkey where they’ve analyzed the results and produced the following charts. <side note>Naturally, there was a temptation to do the analysis in SAS and to create a SAS Visual Analytics dashboard.</side note>

As promised, here’s a snapshot of the results (anonymous, of course).

Survey results

Access control/permission changes


  • 100% of respondents use the SAS Management Console (0% use SAS Environment Manager) to make access control/permission changes.
  • 35% rarely make changes.
  • 64% spend 0-30 minutes testing the access control/permission changes.
  • 64% feel they’re allocated enough time to thoroughly test the impact of access control/permissions changes.
  • 88% use Access Control Templates (ACTs), which is great. With SAS Global Enablement and Learning (GEL) Rule #1 being to use ACTs instead of ACEs, we see some further work is needed to spread the word on using ACTs. For a refresher on the GEL Rules, or to learn what they are, please look at the blog post, SAS® Security Model Design Golden Rules, Validation, and Monitoring with Metacoda.
Q2 Metacoda Survey:  Access Control Permissions Frequency
Q2 Metacoda Survey:  Access Control Permissions Testing Time

Group changes


  • 100% of respondents use SAS Management Console (0% use SAS Environment Manager) to make group changes.
  • 39% rarely make changes.
  • 66% spend 0-30 minutes testing the group changes.
Q7 Metacoda Survey: Group Changes Frequency
Q8 Metacoda Survey: Group Changes Testing TIme

External synchronization


  • 31% of respondents don’t automate the synchronization of external users and groups with SAS.
  • 63% use AD and 6% use another LDAP provider. NOTE: Currently the Metacoda Identity Sync Plug-in only syncs with AD and we were curious to know whether there is a demand to provide other LDAP provider support. If you didn’t get a chance to complete the survey and would like to share your experiences in this area, please comment below or contact us using your preferred method.
  • 21% use Metacoda Identity Sync for their synchronisation, which was pleasing for us.
  • Similar numbers use the SAS sample code with minor (43%) and extensive (36%) modifications.
  • 58% create custom roles and assign capabilities. It’s great to see that SAS administrators are taking advantage of their AD environments to configure their SAS roles.
Q9 Metacoda Survey: Automate Sync Users & Groups

Your thoughts?

What are your thoughts on these results? Do they reflect what you or your SAS administrator does with SAS metadata security?

If you did the survey, how does your individual survey response compare with the overall results?

The survey is now closed. We welcome any further comments or thoughts you may have. We’d love to hear from you!

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.