Vault General Discussion

Reply
Valued Contributor
OwenW
Posts: 56
Registered: ‎09-23-2004
Message 1 of 13 (462 Views)

Windows Authentication

462 Views, 12 Replies
07-22-2008 06:54 AM
Why does this not work with Vault? Every time I select it, I get an error dialog.

"Windows Authentication is not supported by a Vault Autodesk management server."

What gives? I find it to be utterly ludicrous to have to manage my users security in two places, just because Autodesk cannot figure out how to use Active Directory. Why would the option be there at all if it is not supported? Honestly, Bentley even has a workable file management system. Unless I am missing something, I have to give Vault a failing grade right from the start. Let's review:
Security & User Configuration - fail
Mapped Title Block Attributes - fail
Integration with Sheet Sets - fail

Isn't the native security in SQL good enough? Why re-invent the wheel?

Owen
*Brian Roepke \(Autodesk, Inc.\)
Message 2 of 13 (462 Views)

Re: Windows Authentication

07-22-2008 07:44 AM in reply to: OwenW
Greetings Owen,

As per the documentation Windows Authentication is only part of
Productstream.

--
Brian Roepke
Sr. Product Line Manager
Data Management
Autodesk, Inc.
Valued Contributor
OwenW
Posts: 56
Registered: ‎09-23-2004
Message 3 of 13 (462 Views)

Re: Windows Authentication

07-22-2008 07:59 AM in reply to: OwenW
Brian,

That is funny. The Help documentation within Vault seems to indicate that this is possible. There is also a checkbox for all the log-in dialogs that says 'Use Windows Authentication'.

Are you telling me that the Vault software is in fact crippleware, and if I want a product that works as the dialogs indicate it should, I need to pay extra?

I seem to be looking at the wrong documentation. Should I look somewhere other than 'F1'?
*Brian Roepke \(Autodesk, Inc.\)
Message 4 of 13 (462 Views)

Re: Windows Authentication

07-23-2008 08:59 AM in reply to: OwenW
Here is the help from the login dialog.

--
Brian Roepke
Sr. Product Line Manager
Data Management
Autodesk, Inc.
Valued Contributor
OwenW
Posts: 56
Registered: ‎09-23-2004
Message 5 of 13 (462 Views)

Re: Windows Authentication

07-23-2008 09:16 AM in reply to: OwenW
I am not arguing that it does not work. It obviously does not. I want to know WHY not. There is no way I'm going to use Vault if I have to manually re-create all my carefully managed Active Directory security groups in the Vault administration dialogs. I am a busy person, and the idea of managing users redundantly is not one I am willing to accept.

People have been asking for this integration for years now. The login dialogs clearly show Windows Authentication as an option, even though it is not. Can you explain the reasoning behind Autodesk's decision to not enable this integration?

I would gladly throw Vault out the window and never think of it again, but many of the advanced data management capabilities of Civil 3D and Architecture are dependant on Vault. Do you know of any custom extensions out there that will do the Active Directory integration as it ought to be done?
Valued Contributor
spatzengr
Posts: 66
Registered: ‎03-20-2006
Message 6 of 13 (462 Views)

Re: Windows Authentication

07-23-2008 10:27 AM in reply to: OwenW
Sooo Vault 2009 doesn't look at AD for the user account log-in ID and PW?

--
Mark Spatz, P.E.
Civil 3D 2008, SP2
Vault 2008, SP1

Herbert, Rowland & Grubic, Inc.
Harrisburg, PA 17111

[ BUILDING RELATIONSHIPS.
DESIGNING SOLUTIONS. ]
*Doug Redmond \(Autodesk\)
Message 7 of 13 (462 Views)

Re: Windows Authentication

07-23-2008 11:15 AM in reply to: OwenW
To answer your earlier question. Why does Vault show the Windows
Authentication option if it does not support Windows Authentication?
The reason is that a Vault client can connect to either a Vault or a
Productstream server. Only Productstream has the Windows Authentication
feature, but until you log in, the Vault client doesn't know which server
you are talking to. So that checkbox was put there in the event that your
Vault client wants to talk to a Productstream server.

I understand that you don't want to go through the processes of manually
entering all your Active Directory users into Vault. You should definitely
take a look at this thread:
http://discussion.autodesk.com/thread.jspa?threadID=500136


Doug Redmond
Software Engineer, Autodesk Inc.
Valued Contributor
OwenW
Posts: 56
Registered: ‎09-23-2004
Message 8 of 13 (462 Views)

Re: Windows Authentication

07-23-2008 11:16 AM in reply to: OwenW
Apparently not. I just found out the hard way. The only place I have seen this mentioned is in a single line of the help documentation, as Brian pointed out. For now, I am suspending all work on Vault until I find a workaround.

To be fair, the Vault log-in does indeed pull that information from AD. If you check the box for Windows Authentication, it certainly does populate the login name and password for you. That is as far as it goes, though. To my knowledge, Autodesk Vault has entirely bypassed the excellent security management that Windows Server and SQL 2005 provides. I really cannot grasp why that was ever considered to be a good idea.
*Brian Roepke \(Autodesk, Inc.\)
Message 9 of 13 (462 Views)

Re: Windows Authentication

07-23-2008 11:24 AM in reply to: OwenW
Hi Owen,

Clearly you're not happy with this and I doubt there is anything I can say
to change that. However there are good reasons to leverage a custom
security model:

1) If you're not using Active Directory (Smaller company, Workgroup in a
larger company, Novel, Unix, Linux... More?)
2) Having a custom security model gives CAD Manager's the ability to fully
administer the user model without worrying about asking IT for help (this
can be difficult in larger organizations)

There are additional reasons which I won't cover here. Having multiple
choices is always good. The fact that we've chosen to put Windows
Authentication in the products that are considered an upgrade from Vault is
a business decision based on the value they offer. I apologize if you don't
see it this way.

How many users do you have 50? 100? 200? More? Just curious.

--
Brian Roepke
Sr. Product Line Manager
Data Management
Autodesk, Inc.
Valued Contributor
OwenW
Posts: 56
Registered: ‎09-23-2004
Message 10 of 13 (462 Views)

Re: Windows Authentication

07-23-2008 01:06 PM in reply to: OwenW
Brian,

It's fair to say that I am unhappy. Let's see if I can help you understand the position Autodesk has put me in. Vault is needed to get full value from certain AutoCAD verticals. I am disappointed to see that Vault has some intrinsic flaws (by design) that are a none-to-subtle impetus to sell yet more software (by your own admission).

---you said---
1) If you're not using Active Directory (Smaller company, Workgroup in a larger company, Novel, Unix, Linux... More?)
---response---
Vault either requires SQL or installs SQL Express. Both support AD, and if AD is not used, then the built-in security management for SQL is top-notch. Why complicate the matter with a custom model?

---you said---
2) Having a custom security model gives CAD Manager's the ability to fully administer the user model without worrying about asking IT for help (this can be difficult in larger organizations)
---response---
Since Vault operates on it's own instance of SQL, would it really be so hard to have the administration dialog handle the configuration of users via Sequel's own security? Then the question of whether or not AD is used is moot, it'll work perfectly either way.

Owen
Announcements
New button for Platinum & Gold Subscription customers
Gold & Platinum Subscription customers can alert Autodesk if they require assistance with their forum post

Manufacturing Community
The Manufacturing Community provides additional access to tips, tutorials, blogs and networking with peers.
Need installation help?

Start with some of our most frequented solutions or visit the Installation and Licensing Forum to get help installing your software.