Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Work Tasks

TABLE OF CONTENTS

Add Additional User Providers

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedJun 11, 2024
  • 3 minute read

AVEVA Work Tasks allows you to have an additional provider for an existing repository. Because of this feature, one repository can make use of users from different providers. The example below illustrates the need to add additional User Providers.

Example

There is a need for a AVEVA Work Tasks Repository to communicate to Active Directories from multiple domains. The two Active Directory domains are "Workflow Management" and "NG" and the existing repository is "Main Repo" connected to both the Active Directories.

To add additional User Providers

  1. Create a Repository with an Active Directory (AD) as User Provider.

    While creating a Repository select the Active Directory as User Provider from the drop down box. The currently connected Active Directory [AVEVA Work Tasks AD in our case] details need to be filled. If the Active Directory details are not displayed, provide the details manually and check the connection, by clicking Test LDAP button. You can also use AVEVA Work Tasks Active Directory Tool, to retrieve the details.

  2. Configure the repository created in step 1 with the other Active Directory [NG] available in the domain.

  3. Navigate to the AVEVA Work Tasks Repository Database associated with the Repository.

  4. View the User Provider/Authentication provider details maintained in the "SKEntity" and "SKEntityDataSourceProvider" Tables.

  5. Locate two entries for the repository from the SKEntity table.

    The DefinitionXML column will have the XML schema, of the Authentication Provider of the repository.

    Sample Entry:

    UserEntity:

    <entity type="user"><properties><property name="UserName" displayname="Name" type="string" /><property name="UserId" displayname="Id" purpose="identifier" type="string" /><property name="UserDisplayName" displayname="Display Name" purpose="name" type="string"/><property name="UserEmail" displayname="Email" purpose="email" display="true" valuecollection="true" type="string" /><property name="UserDesignation" displayname="Designation" purpose="designation" type="string"/><property name="UserDepartment" displayname="Department" purpose="department" type="string"/><property name="UserManager" displayname="Manager" purpose="manager" type="string"/><property name="UserRole" displayname="Role" purpose="groupname" type="string"/></properties></entity>%%$#@@!!!*&

    RoleEntity:

    <entity type="role"></entity>%%$#@@!!!*&

  6. Open the SKEntityDataSourceProvider table and make the necessary changes.

    1. Add Two more rows for the new authentication provider, Active Directory details, which is required to associate with the same repository.

    2. Provide the details of the new Active Directory in XML format.

    3. Enter the details in the SKEntityDataSourceProvider, before making the new AD entry. The columns, EntityId are mapped with SKEntity ID column.

    The DisplayName column has the display value. The Definition XML will have the XML schema of attributes used to identify users from the AD.

    Sample Entry:

    <dataproviders><provider name="activedirectory" type="activedirectory"><properties><property name="name" type="string" displayname="Resource ID" entitymappedproperty="UserName"/><property name="sAMAccountName" persistcolumn="UserIdString" type="string" purpose="identifier" displayname="Account Name" entitymappedproperty="UserId"/><property name="displayName" type="string" purpose="name" persistcolumn="Name" displayname="Resource Name" entitymappedproperty="UserDisplayName"/><property name="mail" type="string" purpose="email" displayname="Email" entitymappedproperty="UserEmail"/><property name="title" type="string" purpose="designation" displayname="Designation" entitymappedproperty="UserDesignation"/><property name="department" type="string" purpose="department" displayname="Department" entitymappedproperty="UserDepartment"/><property name="manager" type="string" displayname="Manager" suppressdn="true" purpose="manager" entitymappedproperty="UserManager"/><property name="memberof" type="string" purpose="groupname" displayname="Group" suppressdn="true" entitymappedproperty="UserRole"/></properties><Preferences><SearchScope>Sub Tree</Search Scope><Referral Chasing>External</Referral Chasing><Timeout>60</Timeout><Size Limit>0</Size Limit><Authentication User>WORKFLOW MANAGEMENT\anilk</AuthenticationUser><AuthenticationPassword IsEncrypted="true">iB9rbif4XqNm4+8cO3nnTw==</AuthenticationPassword></Preferences><LDAPServer>LDAP://</LDAPServer><LDAPSearchBase>DC=Workflow Management,DC=dom</LDAPSearchBase><LDAPBaseFilter>(objectCategory=Person)</LDAPBaseFilter><DomainName>WORKFLOW MANAGEMENT\</DomainName></provider></dataproviders>

    This entry will be created when we create the repository, by providing a user provider. In our case its Active Directory -AVEVA Work Tasks .

  7. Add another entry for the other domain that we need to configure with the repository.

    • The new entry will have the similar schema in the DefinitionXML column, as the one above, but the LDAP SearchBase will be pointed to the AD that we want to associate with the repository, as shown in the below sample:

    • The DisplayName column will have the value that we want to display in the EC Site.

    • The InstanceName will have to be different. This is mandatory.

    • The Provider column will have the same as other row entry value, activedirectory in our case.

    • After making the changes, the SKEntityDataSourceProvider will have a new row added as shown.

  8. Navigate to the Central Configuration and click on the Repository Provider List link.

  9. View the repositories and there respective Authentication Provider details.

  10. Select the repository that was created with the changes. Observe that there are two entries under User Entity.

    Notice that the Repository has UserEntity mapped with two active directories-Workflow Management and NG.

  11. Click on the Click Here link to view the DefinitionXML schema.

    This confirms that the necessary changes have been applied, and a repository associated with two user providers is created.

  12. Navigate to the Enterprise Console page.

    Observe that the repository can be accessed by users of both the domains configured with the Repository.

    Now users from both the Active Directories, AVEVA Work Tasks and NG, can access the repository.

If there are users belonging to both the configured Active Directories, then you need to use <mappingfields> element to map the similar columns of the user properties from both the providers. This element will be part of the DefinitionXML column which has the XML schema.

A sample schema with <mappingfields> element is as below:

<mappingfields><mappingfield mappedfromprovider="activedirectory"><fields mappedtoprovider="ngactivedirectory"><field name="sAMAccountName" mappedto="sAMAccountName" /></fields></mappingfield><mappingfield mappedfromprovider="ngactivedirectory"><fieldsmappedtoprovider="activedirectory"><field name="sAMAccountName" mappedto="sAMAccountName" /></fields></mappingfield></mappingfields>

Related Links
TitleResults for “How to create a CRG?”Also Available in