I'm in the process of implementing Active Directory Database Hybrid user source, I'm stuck in paralysis by analysis right now and I need a push.
Have you implemented an AD Database Hybrid model and how did you link the roles to the AD users? From what I can tell:
- you can duplicate the users into a database and link that to roles
- you can link AD to a database of roles but that it heavily IT involved.
- you can script when a user logs in and validate against roles.
I'm sure there are other methods but I'm looking to see what the best practice is. DO you have any input or suggestions on implementing a database of roles to an active directory list of users?