Login vs. User Name; Active Directory; Windows Security

If you are having a problem using Vault, post a message here.

Moderator: SourceGear

Post Reply
Thomas Linder Puls
Posts: 153
Joined: Tue Jan 20, 2004 2:28 am
Location: PDC, Copenhagen Denmark
Contact:

Login vs. User Name; Active Directory; Windows Security

Post by Thomas Linder Puls » Fri Jun 27, 2008 2:34 am

Each user both have a login and a user name.

It seems that the login is displayed all places (checked out by, history, etc).

But it seems more natural to display the user name these places. And only use the login for (well...) login.

We have chosen to use full name with underscores as login, so at the moment is not a big problem for us. It seems however that if we want to use the active directory facility, we will have to change logins to match the windows logins and retrospectively we will have to realize that they are chosen rather bad.

On the other hand, the active directory facility does not fulfill our wishes anyway. The problem is that you still have to supply the password, and if you want to run scripts you will even have write it somewhere in visible format.

The best solution would be if ordinary Windows Security could be used to establish the identity and rights of the user. I.e. if my Vault account could be tied to my Windows Account, such that when I am this Window user I am also that Vault user.

In this ideal solution it is of course not my Windows login that should be shown in history, status, etc. but my User Name.
Thomas Linder Puls
Visual Prolog www.visual-prolog.com

Beth
Posts: 8550
Joined: Wed Jun 21, 2006 8:24 pm
Location: SourceGear
Contact:

Post by Beth » Sat Jun 28, 2008 8:00 am

I have logged your requests (to show user name and to have Windows login auto-login into Vault). Thanks for the feedback.

Steve Wageman
Posts: 5
Joined: Thu Oct 30, 2008 1:47 pm

Re: Login vs. User Name; Active Directory; Windows Security

Post by Steve Wageman » Thu Oct 30, 2008 2:00 pm

I would like to second the request for using the user name not the login. Our group is in the same situation where we use Windows active directory logins which have been obfuscated to the point we have no way of knowing who they are without looking them up. Couple of ideas that our users have suggested include being able to right click on the login name and get details (i.e. user name) or being able to select whether the login name is displayed or the user name is displayed.

Beth
Posts: 8550
Joined: Wed Jun 21, 2006 8:24 pm
Location: SourceGear
Contact:

Re: Login vs. User Name; Active Directory; Windows Security

Post by Beth » Thu Oct 30, 2008 3:47 pm

Thanks for the feedback. I've added your vote.

F: 13534
Beth Kieler
SourceGear Technical Support

tjruska
Posts: 59
Joined: Tue May 13, 2008 7:35 am
Location: Milwaukee, WI
Contact:

Re: Login vs. User Name; Active Directory; Windows Security

Post by tjruska » Fri Oct 31, 2008 10:02 am

I have a solution to list users from Vault (active or not) and then taking that result into a spreadsheet and running a macro to spin thru it hitting AD to get names, etc. It's not pretty but it does the trick especially when we term employees and they still exist in Vault which uses up a license which could be free'd up. I do this once a month. If interested, I could either post the solution here or email me privately. I'll let the mods decide as I don't want to violate anything. :wink:

-Tom

Beth
Posts: 8550
Joined: Wed Jun 21, 2006 8:24 pm
Location: SourceGear
Contact:

Re: Login vs. User Name; Active Directory; Windows Security

Post by Beth » Fri Oct 31, 2008 3:00 pm

So far I don't see anything wrong with the suggestion. Thanks for posting your idea.
Beth Kieler
SourceGear Technical Support

tjruska
Posts: 59
Joined: Tue May 13, 2008 7:35 am
Location: Milwaukee, WI
Contact:

Re: Login vs. User Name; Active Directory; Windows Security

Post by tjruska » Mon Nov 03, 2008 7:45 am

Here goes. Run this SQL to get a list of all "active" users in Vault using your favorite SQL tool.

Code: Select all

use sgvault
SELECT UPPER(login)
  FROM tblusers
where active = 1
and CHARINDEX('admin', login) = 0
order by 1
Export/Save results as a CSV fle.
That's the easy part. Now you want to spin thru these ID's against your Active Directory store. Here's how I did it.
Import this csv file into Excel. Now save it as a .xls file. Hit Alt-F11 (brings up VB editor...it pains me too!)
Insert a new module by going up to menu and hitting Insert-->Module
Copy and past following code into the VB editor:

Code: Select all

Sub GetUSerInfo()
    Set adConnection = CreateObject("ADODB.Connection")
    adConnection.Provider = "ADsDSOObject"
    adConnection.Open ("Ads Provider")
    
    Set rsUsers = CreateObject("ADODB.Recordset")
    Set objRootDSE = GetObject("LDAP://RootDSE")
    
    For intRow = 2 To Cells(65536, "A").End(xlUp).Row
        strNTLogin = Cells(intRow, "A").Value
         
        strFilter = "(&(objectCategory=user)(samAccountName=" & strNTLogin & "))"
        strCmd = "<LDAP://" & objRootDSE.Get("defaultNamingContext") & ">;" & strFilter & ";adsPath;subTree"
   
        Set rsUsers = adConnection.Execute(strCmd)
                         
        If rsUsers.EOF = False Then
            rsUsers.MoveFirst
            While Not rsUsers.EOF
               Set objUser = GetObject(rsUsers("adsPath"))
               On Error Resume Next
               Cells(intRow, "B").Value = objUser.givenName & " " & objUser.sn
               rsUsers.MoveNext
            Wend
        End If
        rsUsers.Close
    Next
    
    For intRow = 2 To Cells(65536, "A").End(xlUp).Row
        strNTLogin = Cells(intRow, "A").Value
         
        strFilter = "(&(objectCategory=user)(userAccountControl:1.2.840.113556.1.4.803:=2)(samAccountName=" & strNTLogin & "))"
        strCmd = "<LDAP://" & objRootDSE.Get("defaultNamingContext") & ">;" & strFilter & ";adsPath;subTree"
   
        'create recordset containing all termed AD users
        Set rsUsers = adConnection.Execute(strCmd)
                         
        If rsUsers.EOF = False Then
            rsUsers.MoveFirst
            While Not rsUsers.EOF
               Set objUser = GetObject(rsUsers("adsPath"))
               On Error Resume Next
               Cells(intRow, "C").Value = "Y"
               rsUsers.MoveNext
            Wend
        End If
        rsUsers.Close
    Next
    
    adConnection.Close
End Sub
Run it and when done, hit Alt-Q and you should be back to your spreadsheet and if it worked, you should have some names in column B and a "Y" in column C to indicate a "termed" employee at least from an AD perspective.
Note: you have to have read permissions to AD in order for this to work.

HTH, Tom

Beth
Posts: 8550
Joined: Wed Jun 21, 2006 8:24 pm
Location: SourceGear
Contact:

Re: Login vs. User Name; Active Directory; Windows Security

Post by Beth » Mon Nov 03, 2008 2:01 pm

Thanks for the information.
Beth Kieler
SourceGear Technical Support

Thomas Linder Puls
Posts: 153
Joined: Tue Jan 20, 2004 2:28 am
Location: PDC, Copenhagen Denmark
Contact:

Re: Login vs. User Name; Active Directory; Windows Security

Post by Thomas Linder Puls » Tue Oct 23, 2018 9:06 am

What is the status on this?
Thomas Linder Puls
Visual Prolog www.visual-prolog.com

Tonya
Posts: 866
Joined: Thu Jan 20, 2005 1:47 pm
Location: SourceGear

Re: Login vs. User Name; Active Directory; Windows Security

Post by Tonya » Wed Oct 24, 2018 8:25 am

Feature request F:13534 is still open and has not yet been implemented.

Thanks,

Tonya

Post Reply