-
Notifications
You must be signed in to change notification settings - Fork 156
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AD integration for sAMAccountName #1380
Comments
@anthonysena @pavgra |
@ambuj369 - I think you've listed off all of the relevant settings as described on the wiki (https://github.com/OHDSI/WebAPI/wiki/Security-Configuration#active-directory-ad) and also as described in some of your questions on #1373. It seems your requirements are specific and without knowing your environment, I think this will be hard to solve. Since this is an open-source project, you are welcome to make some code modifications that address your concerns and push that branch for review. As for Tomcat logging, the instructions provided in the wiki a quick way to get things working on Windows. I'd suggest looking at the Tomcat documentation to understand how to best configure logging in your environment: http://tomcat.apache.org/tomcat-8.5-doc/logging.html. Hope this helps. |
@anthonysena How can we change it to show display name? I have display name attribute set as displayname as in Active Directory. But no luck so far. How to fix it? Also, I have irrelevant question to this post: |
@ambuj369 - I believe that to have the user name display instead of a login would require a change to the Atlas JavaScript code. I'd have to look into it but presumably both the login and display name are returned to Atlas via WebAPI so perhaps it is a matter of making that change to see if it works for you? I believe that you can change the default "public" role via Atlas. Try going to Configuration -> Manage Permissions -> select the "public" role -> Permissions Tab -> search for the "source key" in the list of permissions. Looking at this in my environment, we don't currently support role to role mapping. Meaning, you can't say "anyone in the public role also gets the Source User role". You'd have to copy over the same permissions between the Source User role to the public role for now. |
Hello All,
I am trying to integrate Active Directory with Atlas. But there are certain constraints to it :
<security.ad.url>ldap://url/</security.ad.url>
<security.ad.searchBase>DC=xxx,DC=yyy,DC=zzz</security.ad.searchBase>
<security.ad.principalSuffix></security.ad.principalSuffix>
<security.ad.system.username>user</security.ad.system.username>
<security.ad.system.password>password</security.ad.system.password>
<security.ad.searchFilter></security.ad.searchFilter>
<security.ad.ignore.partial.result.exception>true</security.ad.ignore.partial.result.exception>
<security.ad.result.count.limit>30000</security.ad.result.count.limit>
<security.ad.default.import.group>Source user (omop_cdm)</security.ad.default.import.group>
<security.ad.searchString>(&(objectClass=person)(sAMAccountName=%s))</security.ad.searchString>
<security.ad.userMapping.usernameAttr>sAMAccountName</security.ad.userMapping.usernameAttr>
Please let me know if there is any additional settings which I missed or required.
Also, I want to enable logs for WebAPI in Linux; as this link https://github.com/OHDSI/WebAPI/wiki/WebAPI-Installation-Guide have it for Windows
Please someone address this issue ASAP.
Thank You
Ambuj
The text was updated successfully, but these errors were encountered: