what is the recommended practice for building an Ignition db structure? apparently (from talking with my boss) Ignition Gateway uses its own internal SQLite db for 'stuff', which i presume is also user management? i would like to use a db from our own MySQL server for authentication and managing access to Ignition Gateway data but i don't know where to start looking. i'm looking to flight test something in a couple weeks and need to get started on the planning. i'm frankly looking here for advice and guidance so i don't fly into a wall at speed. 
the guy before me kept zero records and didn't even document his code, so i'm not sure if the current configuration is even good or optimally useful. it's all seems to be just one big glob of unrelated dbs.
EDIT: bonus points: where is the user db even located??
That doesn't sound like a good plan. Ignition has all this built in and it can tie in with LDAP or Microsoft Active Directory.
The way I and many others on the forum use it is to create an AD Hybrid Usersource and we can then authenticate the users against Active Directory. That proves that they are who they say they are. Then use the Ignition element of it to assign roles to each user.
https://docs.inductiveautomation.com/display/DOC81/Security
There's an excellent plugin by @ryan.mcloughlin that I can't find right now.
If you are creating the AD hybrid then leave the default user source active with just the Administrator account and write down the password. It will save you when you accidentally break the hybrid configuration.
did not know that. excellent. this is why i come here. 
now i just have one less thing on my list of stuff to do before yesterday. 
Yes, gateway config (except projects) is stored in a SQLite database.
Depends on your user source type:
https://docs.inductiveautomation.com/display/DOC81/Classic+Authentication+Strategy
This would be a database authentication profile: Database Authentication - Ignition User Manual 8.1 - Ignition Documentation
Where all authentication and authorization logic is delegated to the DB.
Generally speaking, in the install directory, at data/config.idb. Install directory default for Windows is C:\Program Files\Inductive Automation\Ignition, and for Linux is /usr/local/bin/ignition.
Regardless of what alternative user source you choose (database, active directory, etc), I would always recommend to still keep the Internal database as a soft fallback, so that you can still login if the 3rd party user source is disconnected (e.g. in an offline development environment). I would just keep a select few users in this source used purely for development
1 Like
It is also a good place for contractors that you don't want to add to your company directory.
2 Likes
i am so very glad i asked this question. as i've mentioned, my predecessor left no documentation. you guys have delivered pure gold. i am feeling more at ease with your generous help. thank you so much.
