1. When adding a CranSoft user the system should be able to connect to Active Directory and pull out the Name, Email Address, Phone Number, and Domain for a user based on their Windows ID. It should show an error if the user is invalid.
2. Should run a periodic check to validate existing users against Active Directory, so as folks roll off projects there is a process to remove invalid users from CranSoft.
3. CranSoft should be able to insert or remove records from AD Groups. Often Folder Security, or other functionality is driven off AD Groups. Currently all CranSoft users must also be added to a specific AD group in order for them see the CranSoft application published through a Citrix Portal at my client. Other clients have tied the Report Folder security to AD Groups. This means that for each user we add / remove from CranSoft, we also need to add / remove them from one or more AD Groups.
This would need to be configurable because some clients do not use Active Directory, and often users exists outside of the Default Domain, so we need a place to configure the correct Domain Servers, etc.
Still relevant, is this functionality included in a planned rewrite of DSP Security?
Attachments Open full size