Hello
For the security of the scada, we have established the active directory.
but now we have all the users of the active directory, how can we filter the users by groups?
Thank you
If you’re using the Active Directory User source (it sounds like you are), group membership is exposed as roles. Something like system.security.getRoles or system.security.getUserRoles let you interact with what rolls a user has. This includes any active directory groups of which they are a member.
I’m not sure that answers your question. If you’re more specific about what you’re trying to do, you’ll probably get a more relevant answer.
One approach is the AD/Database Hybrid type of User Source.
My understanding is that you use AD to say whether the username/password is valid, and then pass a valid username as a parameter to a database query that contains the security roles for that user.
So first, you’d create a database table that maps usernames to security roles, then you’d populate the User Source with the appropriate queries, leaving ? where the username goes. Finally, you’d set the permissions on the views using the roles loaded from the database.
thanks for your reply.
in my company there are many groups (Administration, IT, etc.) so I want the AD to only show me the users of a specific group. I think that is configured in the gateway, see screenshot.
but I don’t know how to configure it.
