Community

Automatically create User Account

Automatically create User Account

Anonymous
Not applicable
1,059 Views
7 Replies
Message 1 of 8

Automatically create User Account

Anonymous
Not applicable
‎09-21-2023 12:08 PM

Much to my surprise this morning, a bunch of users had their Windows accounts changed and thus, they can't get into Vault, etc. This "migration" is taking place over the next few weeks and I have no information as to who or when such will take place (don't get me started on that).

 

So today, I have at least 6 users thus far who've been changed. My question is, and I've been searching for clarification on this, but what does the "Automatically create a user account for new domain group members upon login" option actually do or can it be used to fix this issue? Can someone dumb this down or point me to a more detailed explanation on its use? 

 

UsersAD.JPG

0 Likes
Like
Report
Accepted solutions (1)
Solution 1
1,060 Views
7 Replies
Replies (7)
Message 2 of 8

Anonymous
Not applicable
‎09-21-2023 01:47 PM

So...here's what I've tried with no luck thus far:

 

  • Update Domain User
  • Changed to Vault Authentication sign in and then back to Windows, selected the "search names" and selected the user again in hopes it'd update to the new domain
  • Disabled and re-enabled the user
  • Import Domain User
0 Likes
Like
Report
Message 3 of 8

Gabriel_Watson
Mentor
Mentor
in reply to Anonymous
‎09-21-2023 02:03 PM
I gave up and switched everyone to Autodesk ID eventually, back in my days, because I could control from the Autodesk Manage portal who moved in or out without relying on IT nor HR to update the AD.
I'm pretty sure the software could also do something to help with these issues as we have seen multiple posts around this issue. It probably can't be pinned down to Antivirus/Firewall in your case, so let's see if support can help you.
Report
Message 4 of 8

ihayesjr
Community Manager
Community Manager
in reply to Anonymous
‎09-22-2023 06:17 AM

@Anonymous 

The Windows Account is stored in Vault using a unique identifier coming from Windows. If the account was "changed" then the identifier was changed and no longer matches what Vault has. This will not automatically get updated in Vault.

You have to unlink the account and re-link it.

 

Here is what the Automatic setting will do.

  • You have an Active Directory Group inside of Vault, along with its members. You add a new user to the Windows Active Directory Group. You do not have to add that user in Vault. When the user logs into Vault for the first time, Vault will find the user, see that they are a member of the Active Directory Group, then create the account in Vault, automatically.
  • Changing the Windows Active Directory Group member ship for a user. The user is already in some AD groups which are in Vault. You change the user's group membership. The next time the user logs into Vault, their Vault group membership will automatically get updated.

Those are examples of what will happen automatically. Depending on the "change" made in Active Directory on the user account, especially a change that caused the unique identifier to change, the account may not automatically get updated in Vault.




Irvin Hayes Jr
Principal Product Manager
Autodesk, Inc.
Vault - Under the Hood Blog
Report
Message 5 of 8

Anonymous
Not applicable
in reply to ihayesjr
‎09-22-2023 08:12 AM

@ihayesjr Thank you!

 

I think I understand such. Will have to test it and see how it actually works and if it'll help us in any way.

 

Now if I can just figure out a way to update everyone's account due to an unannounced internal domain change that started yesterday. Was hoping this might help with that.

 

Might be time to open a case with Adesk.

 

0 Likes
Like
Report
Message 6 of 8

ihayesjr
Community Manager
Community Manager
in reply to Anonymous
‎09-22-2023 09:16 AM

There won't be an automatic way to do this. Since there was a domain change, the user's unique identifier most likely change. Therefore, it will be a manual update to the users.




Irvin Hayes Jr
Principal Product Manager
Autodesk, Inc.
Vault - Under the Hood Blog
Report
Message 7 of 8

Anonymous
Not applicable
in reply to ihayesjr
‎09-28-2023 09:45 AM
Accepted solution

So I found a fix or at least one that's now working as the first couple attempts, it failed.

 

But yes, no autofix, I am having to edit each user's account once they have been migrated to the new domain.

 

Process:

In Vault as an Admin, Tools > Global Settings > (Users and Groups) Manage Access

VLT-02.JPG

Select the user > Select "Edit" > In the User Profile pop-up, select "Accounts" .

 

In the Add Authentication pop-up menu, make sure "Windows Authentication" is checked/active. Select "Select Domain User..." button on the right side.

VLT-03.JPG

 

 

Select the "Locations..." button and select the new domain from the list > select "OK".

VLT-04.JPG

 

Type in the users name in the "Enter the object name to select" field and the select "Check Names". Select the user's name from the list and select "OK".

VLT-05.JPG

 

Back on the Add Authentication pop-up menu, select "OK". A progress bar will pop up then disappear once done.

 

Close the User Profile menu and you should be good to go.

0 Likes
Like
Report
Message 8 of 8

Gabriel_Watson
Mentor
Mentor
in reply to Anonymous
‎09-28-2023 09:49 PM

Yeah this seems to be an import on as-needed basis, and I had to do the same process over and over a few years back when we changed most user accounts in the AD. Not to mention when someone would get married and change their names, lol...

0 Likes
Like
Report
Report a website issue