On the Gateway webpage, go to the Configure section, and choose Security > Users, Roles from the menu on the left.
The User Sources page is displayed.
Click on the manage users link for the User Source you want to manage.
Click the Edit link for the User you want to edit, or click the blue Add User link to add a new user. (When adding a new user, you can also add their roles at the same time).
This is not showing in the Manage Users and Roles for Profile ‘blahblah’ like the document says it should or like it showed up in 7.9.9
I’m not seeing an issue with my brief tests, which OS/browser are you using? Also, which type of user source?
Current version of Edge for browser, then under security - users, roles - AD/Internal Hybrid I click the more, then manage users, but there is no Add User link to use…
Looks like Chrome does the same thing
This is expected from an AD/Internal Hybrid User Source.
The AD/Internal Hybrid User Source is partially manageable in Ignition. Users cannot be added or removed, and their usernames and passwords cannot be changed. This is because this information resides in Active Directory, not within Ignition. Other information, such as user roles, contact info, schedules, are manageable in Ignition.
With the 7.9.9, I was able to add user names (exactly like they would use for logging in to active directory), and then assign that user a role. In the https://docs.inductiveautomation.com/display/DOC80/Managing+Users+and+Roles page under the Assigning Roles to Users section it discusses this and shows the link. I am not able to complete step 3 due to no Add User link showing on the page
What type of User Source?
User type as previously stated.
Thank you for clarifying. As @jspecht stated, that’s working as intended.
All of the available User Sources that interact with AD do not have a mechanism to add users: the point of the AD User Sources is AD adds new users.
Of course, what I am attempting to do (similar to what we have done with 7.9.9 and before) is add roles for specific users. I cannot do this without adding a user name to add a role to can I?
a.k.a. not trying to add users to AD, but instead add the role in the gateway so when that user logs in they have the appropriate level of permissions based on their AD creds as to what they are allowed to do on the gateway.
Ah, I apologize for the misunderstanding. I’ll load up the latest beta build and see if I can replicate (not seeing the issue on a slightly older build).
Sadly, not seeing it on my end either.
If you examine the page (Ctrl + Shift + I, on Chrome) does the console list any errors?
Thanks for the response. Sadly, that doesn’t appear to give us much information.
If you do an edit/save on the User Source, do you see anything interesting in the gateway console?
Ah, found it… the setting “List users from Active Directory” needed to be unchecked.
Maybe make those checkmarks “bold”
and when you do that, all of the users are removed from the on-call rosters. That isn’t good.