lee mcdermott Posted October 29, 2020 Share Posted October 29, 2020 We seem to have issues when peoples Active directory accounts get changed - usually a name change of some sort. In the past i have had to archive the original user and import them again with the new name. However recently we have moved from google to O365. We have many users who's account (user id in AD) has changed format and I can no longer get them working or able to log into Hornbill. In one instance I have a user called Heidi.beerbalm (dont worry this is not a real person but a test name and account) so AD and Hornbill id matched and the can log into hornbill, the ad account was changed to Hbeerbalm and can no longer access hornbill. I created a new hornbill user called Hbeerbalm and archived the original(heidi.beerbalm). it still wouldnt log in? so i re enabled the heidi.beerbalm in hornbill and it then let that account log in. It therefore appears it is using both accounts in hornbill as it logs in with user ID hbeerbalm, but once logged in the details of the account in Hornbill are those of the Heidi.beerbalm account? So no idea how this is working like that? Another instance is the account in AD matches that in Hornbill but cannot get it to log in - get error the user account is not assigned to the role for the application. But they have the same assigned roles as everyone else? any advice? I was hoping it may be easier to try and amend the original user ID field if possible? thanks lee Link to comment Share on other sites More sharing options...
Victor Posted October 29, 2020 Share Posted October 29, 2020 @lee mcdermott you can't change a user ID but you should be able to change the Logon ID. It's the logon ID that is actually checked on login, not user ID. So if the issue with with authentication, changing user ID won't help, is all about the logon ID. Link to comment Share on other sites More sharing options...
lee mcdermott Posted October 29, 2020 Author Share Posted October 29, 2020 @Victor that is what i had thought, but my example above seemed to disprove that. As i had changed the login id so they match and it didnt work. it was only when i created a new user account in hornbil with a user id that matched the username in Active directory did it then work * but only with the old and new account in hornbill active? also as it is using SAML authentication would that have any bearing on what it uses for authentication i.e. user id or log in id? as I cannot get it working by just changing the login id? Link to comment Share on other sites More sharing options...
Victor Posted October 29, 2020 Share Posted October 29, 2020 @lee mcdermott as we are talking about SSO, it also depends what the IdP is sending back to HB during authentication process... I think is best if we can take this (for now) on a support request and see what is going on... Link to comment Share on other sites More sharing options...
lee mcdermott Posted October 29, 2020 Author Share Posted October 29, 2020 @Victor yes that would be useful, as I have loads of outstanding calls for people who can no longer get in. do i need to raise it or can you raise it from this thread? Link to comment Share on other sites More sharing options...
Victor Posted October 29, 2020 Share Posted October 29, 2020 @lee mcdermott - I'll raise it from this thread, you should receive a notification shortly Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now