I have a couple of servers that do authentication via some LDAP, ActiveDirectory or something. There is a permission mapping in place between the user groups and Axon.ivy permissions. If I want to change said mapping, do I have to manually do so on each server, or is there a file/table that I can write to? Question also applies for new installations.

asked 30.03 at 06:46

sorin's gravatar image

sorin
31312
accept rate: 100%


Mappings between groups/users defined within an Axon.ivy Project to an Active Directory CN must be defined on the Axon.ivy Engine serving the workflow app.

In then Engine Cockpit roles can be defined with an 'external security name' reference. So once roles are linked like this to the Active Directory - they are fully under control of the AD administrator.

https://dev.axonivy.com/doc/8.0/engine-guide/tool-reference/engine-cockpit/security.html#role-detail

Basically these role/user mappings live in the system database of the Axon.ivy Engine. So you have to define it on the server for once. Many other security system configurations can be defined in files: see https://dev.axonivy.com/doc/8.0/engine-guide/configuration/files/ivy-securitysystem-yaml.html#ivy-securitysystem-yaml

link

answered 01.04 at 02:52

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦
9.4k21857
accept rate: 70%

edited 01.04 at 04:39

Thank you. The only relevant information for me is "Basically these role/user mappings live in the system database of the Axon.ivy Engine." Any idea in which table?

(01.04 at 10:54) sorin sorin's gravatar image
1

You mean which user is which role? -> IWA_UserRole Or which user/role has which permission? -> IWA_SecurityDescriptor

(02.04 at 02:13) Lukas Lieb ♦♦ Lukas%20Lieb's gravatar image

Set you security system configuration: enter code here

Set an external security name in your role configuration: alt text

Synchronize role. The role should now be mapped to the security system group: alt text

link

answered 01.04 at 03:10

Lukas%20Lieb's gravatar image

Lukas Lieb ♦♦
4161212
accept rate: 60%

Thank you, but that's not what I asked

(01.04 at 10:52) sorin sorin's gravatar image
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×19

Asked: 30.03 at 06:46

Seen: 281 times

Last updated: 02.04 at 02:13