AD/Database Hybrid Good Practice

I'm in the process of implementing Active Directory Database Hybrid user source, I'm stuck in paralysis by analysis right now and I need a push.

Have you implemented an AD Database Hybrid model and how did you link the roles to the AD users? From what I can tell:

• you can duplicate the users into a database and link that to roles
• you can link AD to a database of roles but that it heavily IT involved.
• you can script when a user logs in and validate against roles.

I'm sure there are other methods but I'm looking to see what the best practice is. DO you have any input or suggestions on implementing a database of roles to an active directory list of users?

Hello Drewdin,
Since IT departments are heavily involved in this AD process, it is recommended to reach out to them. Especially since they will likely have the information you will need to access your AD, Ignition gets its users and passwords from the AD, and the rest should come from the Database, I highly recommend getting your IT involved.

• Active Directory Authentication - Ignition User Manual 8.1 - Ignition Documentation
• AD Database Hybrid - Ignition User Manual 8.1 - Ignition Documentation

Thanks, I do have AD working properly, now I just need a good way to link the roles to the AD users. I take it that I need to manually link them to the AD usernames.