On Sep 6, 2019, at 2:00 PM, Tom Benedict wrote: > Can you also get access privileges from AD? If so, how are they synced to 4D > Users & Groups? Or maybe they aren’t? If they aren’t, what do you do to > manage access within the app?
Hi Tom, For the system I was talking about, I gave my client the option of using the existing access privileges system I made in 4D, or we could move it all to AD. This database does not use 4D Users & Groups, it is purely table based. They decided to just stay with the database system and not move it to AD. There are many possibilities for moving access privileges to AD. 4D has all the LDAP commands needed to log in to AD, query for attributes and get the resulting attribute data. So one way would be to go into AD and find a bunch of unused attribute fields and use those for storing your 4D access privileges. It could be as simple as just using a single text attribute in AD and building a structured chunk of text with all the access privilege info you need in 4D. When the user logs in to 4D you just use the LDAP commands to grab this information. If you want to get “fancy” and store access privileges in a very orderly and structured way, you can do that too in AD by creating “custom attributes”. https://social.technet.microsoft.com/wiki/contents/articles/20319.how-to-create-a-custom-attribute-in-active-directory.aspx Create a hundred new custom attributes with any structure and names that you want/need. Then you use the LDAP commands to access that information. When IT creates a new user account they fill in all these custom attributes with the 4D access privilege information your system needs. For my client, they didn’t want to go through the time and expense of creating the custom attributes in AD. It just wasn’t worth the effort. IT already knew how to get into the database and manipulate the access privileges system I had created many years ago. One important issue with custom attributes in AD is that they are permanent. They can’t be renamed, changed or deleted. So once you create a custom attribute you are stuck with it forever. Tim ***************************************** Tim Nevels Innovative Solutions 785-749-3444 [email protected] ***************************************** ********************************************************************** 4D Internet Users Group (4D iNUG) Archive: http://lists.4d.com/archives.html Options: https://lists.4d.com/mailman/options/4d_tech Unsub: mailto:[email protected] **********************************************************************
