Problem with Active Directory and validationUser

fml_z · January 4, 2021, 7:01pm

I was trying to apply a login with system.security.validationUser in the Script console with the Active Directory userSource, is it possible not ?, Because I put the username, password and UserSource but the return is false, I understand that if It returns false is because some credential is wrong but from what the client told me those are the credentials. What if I am interested in knowing if it is possible to use that command to log in from an active directory

jspecht · January 4, 2021, 8:03pm

Which version of Ignition are you using?

Are you able to login with the same user source and same user credentials from the Gateway Web Interface > Config > Users, Roles > Verify a User Source tool?

fml_z · January 30, 2021, 8:37pm

thanks,I did’t remember this.I was using 7.9.12.Other Question , is possible change the tag “RoleString” of System --> Client --> User ?

jspecht · February 2, 2021, 8:19pm

I do not believe so. That tag represents the roles that the current user has. Only way it changes is if you switch users.

dhiraj.pawar · May 28, 2024, 7:02am

Hello,
Can you please confirm, is it possible we can validate user with Active Directory user Source by below function?

system.security.validationUser()

I have tried by Gateway Web Interface > Config > Users, Roles > Verify a User Source but its not working when selecting Active directory user source

jspecht · May 28, 2024, 3:17pm

I believe you are looking for system.security.validateUser

dhiraj.pawar · May 29, 2024, 7:33am

Hi @jspecht ,
yes, I want to validate user with below ignition function when selecting active directory internal SureSource.

system.security.validateUser(currentUser, password,authProfile).

I have seen on ignition portal, Active directory user source fetch username but do not fetch password. so, Can you confirm whether it is possible? or can you suggest another way to validate user when selection active directory internal usersource?

pturmel · May 29, 2024, 11:57am

Authentication systems are generally built with non-reversible salt+hash password storage. They simply cannot supply a password. A user must supply the password. That's the point of that system function--validate that a specific user is present for an operation while leaving the original user still logged in. (Like having a supervisor approve something.)

Amitkumar_Ravat1 · November 16, 2024, 12:46pm

I tried system.security.validateUser for Active directory but it validate based on name ( first + last name ) and password not username and password