Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hello,
I have a user directory with AD domain users and a user directory with users in a sql table.
The app includes following section access:
SECTION ACCESS;
secAccess:
LOAD * INLINE [
ACCESS,NTNAME
ADMIN,MYADDOMAIN\USER1
ADMIN,MYADDOMAIN\USER2
USER,SQLSERVERUSERDIRECTORY\USERSQL
];
I openthe app with a ticket and AD domain I have no problems.
When I try to access with the user in the SQLSERVERUSERDIRECTORY
I get a "Access Denied" message.
I see that USERSQL is among the users with SQLSERVERUSERDIRECTORY
I set a rule to allow the SQLSERVERUSERDIRECTORY to login (so I don't get the PASS not avialable message anymore)
Maybe I should try to write section access in a different way or what could I check?
EDIT: as I can't cancel this post I rewrite and repost this one as I see the problem has nothing to do with Sql Server user Directory and I come up with wrong conclusions.
sorry, for the misunderstanding. The one in red is indeed a user (so SQLSERVERUSERDIRECTORY, is the user directory and USERSQL is a user).
In the end my problem was that SQLSERVERUSERDIRECTORY wasn't authorized to read the stream in which the app was.
Thanks for your time
I'm pretty sure you can't use a directory in section access and need to list all of the individual users.
Hello,
I in my section access this user
ADMIN,MYADDOMAIN\USER1
works (and it has user directory):
if I change it to:
ADMIN,USER1
it doesn't work so I guess I need the user directory.
Or maybe you are referring to something else?
I will try to clear up my explanation.
This is your section access:
SECTION ACCESS;
secAccess:
LOAD * INLINE [
ACCESS,NTNAME
ADMIN,MYADDOMAIN\USER1
ADMIN,MYADDOMAIN\USER2
USER,SQLSERVERUSERDIRECTORY\USERSQL
];
What it sounds like is the two in blue work, but the one in red doesn't (if I'm misunderstanding here, please let me know). The reason the blue ones work is because those are actual user names. It sounds like the one in red is a directory or user group, which is why that isn't working (each user name needs to be listed individually like the ones in blue).
sorry, for the misunderstanding. The one in red is indeed a user (so SQLSERVERUSERDIRECTORY, is the user directory and USERSQL is a user).
In the end my problem was that SQLSERVERUSERDIRECTORY wasn't authorized to read the stream in which the app was.
Thanks for your time