I'm testing Ranet Analytics which is to be used with active directory logins. Users are currently able to log in with their active directory username (in the format domain\username), but they do not automatically appear in the 'users' list when I go into design mode (Security - > Users).
How can I add active directory users to roles? Is there a way for active directory users to automatically appear in the users list, or for me to add AD users to roles without them being in the users list?
Replies
User
Description
Posted On
olegorehvaClient
It is an interesting question. Please provide me more detailed information so I will be able to reply correctly. Do you use windows authentication in Ranet Analytics? Why have you decided to combine users in roles?
alexzarachClient
Hi Oleg, I am using Windows authentication. I would like to put multiple users into roles so I can assign certain reports to certain roles. If all Windows users are able to log into Ranet Analytics, I would like reports to only be available to specific roles.
olegorehvaClient
Currently, you have to create users manually. We don't have possibility to extract users from log or other source.
alexzarachClient
Does this mean I will have to create a user account for every user that I would like to be able to use a report (unless I allow everyone to see the report)? Is there any plan to automatically add users when they log in using Windows login? I have tried Kyubit and their tool does this already.
When adding users, the form asks for their passwords, this means that when I create a user I will know their password and have to send it to them - this does not seem very secure!
olegorehvaClient
Our UI of security module adapted for working with forms-authentication.
I agree with you. You can't know passwords of your windows-users.
I think the best way to solve your task:
1. Open file App_Data\Roles.xml
2. Add your roles and users in XML-file. (please see attached image)
Ok, that makes a lot of sense! I did see the roles XML, I forgot about it, I think that will do everything I need
alexzarachClient
I have spotted an issue though - even if I secure the report so only certain roles can access it, everyone can access the report if they have the URL (e.g. http://[domain]/#/Views/NavigatePage.xaml$adHocReportId=WidgetGallery.All%20time%20reports lets a user see the report even if they are not in the role assigned to that report. It is not visible to them in the 'open ad hoc report' menu but they can still see it with the URL. This means people with access to the report are able to share the report with people who do not have access.