It works if you synchronize the users with your own logic. - Create an application that uses the `Ivy Security System` instead of the official 'Microsoft Active Directory. - Set-up a simple process that runs every night (e.g. with a Timed Start Event). Within this process you can modify valid Axon.ivy Users and Roles by using official API. `ivy.session.getSecurityContext().createXYZ`. - To get users of the different Active Directory System Systems you can use the [Ldap-Beans][1] which give you a simple interface and spits out matching users of the LDAP accoring to your queries. - To verify that the synchronized users are really allowed to use your system I'd use an IIS front-end server that handles the authentication. (and IIS can easily handle complex AD-Forests) ![alt text][2] [1]: https://github.com/ivy-supplements/bpm-beans/tree/master/ldap-beans [2]: https://answers.axonivy.com/upfiles/adminUi_securitySystemSelection.png

It works if you synchronize the users with your own logic. - Create an application that uses the `Ivy Security System` instead of the official 'Microsoft Active Directory. - Set-up a simple process that runs every night (e.g. with a Timed Start Event). Within this process you can modify valid Axon.ivy Users and Roles by using official API. `ivy.session.getSecurityContext().createXYZ`. - To get users of the different Active Directory System you can use the [Ldap-Beans][1] which give you a simple interface and spits out matching users of the LDAP accoring to your queries. - To verify that the synchronized users are really allowed to use your system I'd use an IIS front-end server that handles the authentication. (and IIS can easily handle complex AD-Forests) ![alt text][2] [1]: https://github.com/ivy-supplements/bpm-beans/tree/master/ldap-beans [2]: https://answers.axonivy.com/upfiles/adminUi_securitySystemSelection.png

It works if you synchronize the users with your own logic. - Create an application that uses the `Ivy Security System` instead of the official 'Microsoft Active Directory. - Set-up a simple process that runs every night (e.g. with a Time Timed Start Event). Within this process you can modify Users and Roles by using official API. `ivy.session.getSecurityContext().createXYZ`. - To get users of the different Active Directory System you can use the [Ldap-Beans][1] which give you a simple interface and spits out matching users of the LDAP accoring to your queries. - To verify that the synchronized users are really allowed to use your system I'd use an IIS front-end server that handles the authentication. (and IIS can easily handle complex AD-Forests) ![alt text][2] [1]: https://github.com/ivy-supplements/bpm-beans/tree/master/ldap-beans [2]: https://answers.axonivy.com/upfiles/adminUi_securitySystemSelection.png

It works if you synchronize the users with your own logic. - Create an application that uses the `Ivy Security System` instead of the official 'Microsoft Active Directory. - Set-up a simple process that runs every night (e.g. with a Time Start Event). Within this process you can modify Users and Roles by using official API. `ivy.session.getSecurityContext().createXYZ`. - To get users of the different Active Directory System you can use the [Ldap-Beans][1] which give you a simple interface and spits out matching users of the LDAP accoring to your queries. - To verify that the synchronized users are really allowed to use your system I'd use an IIS front-end server that handles the authentication. (and IIS can easily handle complex AD-Forests) ![alt text][2] [1]: https://github.com/ivy-supplements/bpm-beans/tree/master/ldap-beans [2]: https://answers.axonivy.com/upfiles/adminUi_securitySystemSelection.png

It works if you synchronize the users with your own logic. - Create an application that uses the 'Ivy `Ivy Security System' System` instead of the official 'Microsoft Active Directory. - Set-up a simple process that run runs every night (with (e.g. with a Time Start Event). Within this process you can modify Users and Roles by using official API. `ivy.session.getSecurityContext().createXYZ`. - To get users of the different Active Directory System you can use the [Ldap-Beans][1] which give you a simple interface and spits out matching users of the LDAP accoring to your queries. ![alt text][2] [1]: https://github.com/ivy-supplements/bpm-beans/tree/master/ldap-beanshttps://github.com/ivy-supplements/bpm-beans/tree/master/ldap-beans [2]: https://answers.axonivy.com/upfiles/adminUi_securitySystemSelection.png

It works if you synchronize the users with your own logic. - Create an application that uses the 'Ivy Security System' instead of the official 'Microsoft Active Directory. - Set-up a simple process that run every night (with a Time Start Event). Within this process you can modify Users and Roles by using official API. `ivy.session.getSecurityContext().createXYZ`. - To get users of the different Active Directory System you can use the [Ldap-Beans][1] which give you a simple interface and spits out matching users of the LDAP accoring to your queries. [1]: https://github.com/ivy-supplements/bpm-beans/tree/master/ldap-beans