Improve Active Directory Integration
s
shanekelly@focus-eng.com
A problem we're seeing with Ignition's AD authentication is an inability for a user to see when their password is expiring and they're unable to change their password should it expire! This is a big problem where users typically only use a HMI and are not required to use a PC for any other duties. Users could be left in a position where they can't login when there is no support on site to advise why they can't login!
Most 21 CFR 11/Annex 11 compliant software packages we use allow these features,.
Log In
P
Paul Griffith
Merged in a post:
Managing LDAP User source from Ignition
R
Richard DELEYE
Unfortunately an active directory user source in Ignition is just a reference to the tokens returned from the LDAP query on that AD. This means that Ignition has no ability to actually add/modify users on the AD side. Is it possible to add some functions in ignition helping the management of ldap users (modifying the user password and also knowing the number of days the password is still valid are essential). To resolve those problems, we need to use external solutions which are not easy to put in place.
R
Richard DELEYE
I put the same idea there (didn't see yours at the first time): https://inductiveautomation.canny.io/ignition-features-and-ideas/p/managing-ldap-user-source-from-ignition
Exactly the same problem on my side.
Other HMI software doesn't have this restrictions on Active Directory.