Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

 

AD/Internal User Source

The Active Directory/Internal Hybrid authentication profile type combines the Internal User Source type with the Active Directory User Source type. Active Directory is used to find all of the users, and to check their credentials when they attempt to log in. However, it allows assigning of roles, contact info, and other meta-information about a user through Ignition, then stores all this information as if it were an Internal User Source.  This way, Active Directory can be consulted to see if a username/password is valid, but the management of roles does not require coordination with your IT Department, who typically controls the Active Directory system. This "best of both worlds" approach is popular for many users of Active Directory.

The AD/Internal Hybrid User Source is partially manageable in Ignition.  Users cannot be added or removed, and their usernames and passwords cannot be changed. This is because this information resides in Active Directory, not within Ignition. Other information, such as user roles, contact info, schedules, are manageable in Ignition.

Info
titleGateway Settings

Before you can use the User Management component to manage roles, contact info, etc., you first have to go into Gateway Settings, and mark the checkbox to 'Allow User Admin.'  This allows for the administration of the Gateway's system user source from the Designer and the Client. Unless this is enabled, the Vision Module's User Management component is prevented from modifying the Gateway system's user source.

Property Reference

This User Source shares many properties with the AD User Source page. Please see the Active Directory Authentication page for a list of properties. 


On_this_page



Scroll HTML Exporter Ignore


Iulink
URLhttps://inductiveuniversity.com/video/ad-internal-hybrid?r=/video/search/?q=ssl
NameAD Internal Hybrid

 




Creating an AD/Internal Hybrid User Source

To set up an AD/Internal Hybrid User Source, you must specify the host that is acting as your primary domain controller. You can also use a secondary domain controller in case the primary is unavailable. You'll also need to specify the name of the domain and credentials for the Gateway itself to use for authentication for when it queries the list of roles.
 

Info
titleMay need to contact your internal IT Department for...

When using AD/Internal Hybrid User Source, you may need to consult with your internal IT Department to get the required information to complete your user source setup.

 

  1. On the Gateway webpage, under the Configure section, go to Security > Users, Roles.  
    The User Sources page will be displayed. Click the blue arrow, Create new User Source.

  2. Choose the AD/Internal Hybrid authentication type, and click Next

     
     
  3. The New User Source window will open. Some properties are optional depending on how you setup your profile.