Automatically Adding Users from AD

You can automatically create / update users from Microsoft AD in FintechOS Platform using a configuration file.

NOTE  Automatically creating users from AD will remove the existing business units and security roles from FintechOS Platform and add the ones from AD as provided in the configuration file. If you want to keep the system user as is, you should make additional settings. For information on the additional settings, see Preserve System User’s Business Unit and Security Roles.
IMPORTANT!  In FintechOS versions prior 18.2.8, ,getting from the Active Directory (AD) the groups to whom a user belongs to did not work smoothly; therefore, there might be situations in which wrong security roles were applied to users. With version 18.2.8, the existing configurations for mapping AD groups-roles (specified in the ~\ADUserConfiguration.xml file) might not work as it worked in previous versions of FintechOS.

To automatically create/update users in FintechOS Platform using a configuration file, follow these steps:

  1. Add the following secret in Vault:
    2. Key Path Key Name Key Value
    kv/<environment>/<application>/app-settings EBSADAuthAutoCreateUsers true

     

    Copy 
    <app-settings>
    ...
    <add key="EBSADAuthAutoCreateUsers" value="true"/>
    ...
    </appSetting
  2. In an xml file, create the mapping between the AD groups and the security roles and business units fromFintechOS Platform. Name the file ADUserConfiguration.xml.
    Overwrite the Business Unit from FintechOS Platform with the business unit from AD.
    Copy
    <ADUserConfiguration>
        <SecurityGroup>
              <Name>`AD Group Name`</Name>
               <DefaultBusinessUnitName>`FTOS Business Unit Name`</DefaultBusinessUnitName>
               <SecurityRoleName>`FTOS Security Role Name`</SecurityRoleName>
        </SecurityGroup>
    </ADUserConfiguration>
  3. In the root of the WebApp, add the ADUserConfiguration.xml file previously created.