We would like several different users to login to VisualCron to run SAS jobs. The SAS jobs need to run under each user's domain account. I have set-up a test job, set the Credentials on the Task, and the jobs run fine.

The problem I have is that it looks like each user can choose to run their Task with any of the saved Credentials. We need to set it up so that they are not able to run jobs using someone else's domain account. Is there a way to limit the visibility of the Credentials so they can only see their own Credentials? Or a way to make it so they are prompted for a password when they schedule something?

This is not possible right now - limiting view that way. You can override execution on Jobs but you cannot control the Credentials the way you want - right now.

I am moving this topic to Feature requests forum.

---

In the meantime, would denying them permissions to modify the task/job but leaving them permissions to execute it suffice for your purposes?

Yes, I think we will try to make a Job for each person and make it so they can't edit the Tasks. I may also try to add something to the script that calls the SAS job to check if the account that logged into VisualCron matches the security context that the script is being run under. I haven't checked but I suspect I can get the VisualCron username from the variables and then compare this to the domain account that the script is running under. Thanks.

Has this ability been added to the application? Our Information Security department is making this a requirement for the application.

We have implemented this for 8.4.2 You can, on Credential level, decide who can save a Task with a certain Credentia. This has been implemented in 8.4.8: https://www.visualcron.c....aspx?g=posts&t=9330 

---