Our customer desires to have a unified user source for projects running on multiple gateways. We have considred using Active Directory but do not like the fact that it can no longer be managed from within Ignition. Or the fact that we have no way to warn users that their password is about to expire.
In light of that issue, I am considering using the database security authentication profile.
Can anyone shed some light on these questions:
- How difficult is it require a password change every 90 days? (I know this is built into the internal authentication profile.)
- If we allow this database authentication profile to be used for multiple gateways, will the password be resolved correctly? I’m just not sure how the hashing on the password field works.
- Does anyone have experience using MySQL cluster in Ignition? The reason I ask is I want to make sure there is an available copy of the database profile locally in case the WAN goes down.
EDIT: I have tested question #2 and can see that users can be added from either gateway and passwords will be preserved.