User source AD/DB hybrid select query problem

Basically I had thought I could add an “enabled” column to our auth DB and add it to the end of the user properties query, just add “and enabled” to the end of it so its “SELECT firstname, lastname, schedule, language, notes FROM user_table WHERE username = ? and enabled”.

But I am testing this on a user where enabled is false… and its letting them in. Whats going on here? The failover source does not include this user.

Edit: I’ve also added a ‘where enabled’ to the List Users Query text, no dice.

In this type of profile, the AD server is handling your authentication. The database is just there for role management.

1 Like

I get that, but I thought it would stop somewhere if it didn’t find a user in the DB. Could I add something like “where enabled” to the roles query so it would return no roles? Also I have “List Users from Active Directory” set to FALSE. With a description of “If true, Active Directory will be queried for the list of all users. If false, the database will be queried instead.”, I would have thought the DB would give a list of users that would NOT include someone with enabled set to false, so it wouldn’t go through. I just want a way to set something in the DB to not allow someone to log on or at least to not have any roles.