07-01-2021 12:11 PM
Is there a way to use the Unity API to automatically create a user inside of OnBase that is tied to an AD account to where you can map a SID to that same user to be created. I am hoping I am just missing the details of what I need in order to accomplish this.
Thanks.
07-12-2021 09:43 AM
Hi Ryan.
You can create an OnBase User Account in Config or via the Unity API. In both cases, when you create the user account it will not have a SID mapped to the OnBase User Account. When the user attempts to login via directory service authentication (i.e. AD - Enhanced), OnBase will attempt to find a user with the same SID. Since this will return no user accounts, it will then look for an OnBase User Account with the same name (i.e. hsi.useraccount.username = AD sAMAccountName attribute). If they match, then OnBase will store the user's AD SID with the OnBase User Account in the database and the SID will be used the next time the user authenticates.
Best wishes.
07-01-2021 01:28 PM
A user account in OnBase having the same username as a user account in AD will technically be automatically mapped. I don't believe there is a way to map using a SID.
07-02-2021 08:25 AM
When you are using AD - Enhanced and Active Directory, then yes you will map based upon the SID. That's why AD - Enhanced worked. I guess I will have to do some testing to see if I can create the user inside of OnBase, but then see when a user logs in using AD - Enhanced that it maps the SID and such to the created user. Just need to mess with it and test it out I guess.
07-12-2021 09:43 AM
Hi Ryan.
You can create an OnBase User Account in Config or via the Unity API. In both cases, when you create the user account it will not have a SID mapped to the OnBase User Account. When the user attempts to login via directory service authentication (i.e. AD - Enhanced), OnBase will attempt to find a user with the same SID. Since this will return no user accounts, it will then look for an OnBase User Account with the same name (i.e. hsi.useraccount.username = AD sAMAccountName attribute). If they match, then OnBase will store the user's AD SID with the OnBase User Account in the database and the SID will be used the next time the user authenticates.
Best wishes.
07-12-2021 11:25 AM
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.