Solved

Get list of users in AD mapped roles

  • 12 March 2022
  • 1 reply
  • 150 views

Userlevel 4
Badge

We’re using AD roles mapped to Acumatica roles for quite a few of our users.

Trying to create a selector that gives us a list of users that have certain Acumatica roles, and not able to get the “active” roles. Acumatica does not store the mappings in UsersInRole or anywhere else that we can find.

There are two possible paths to this we’ve found:

  1. Use PXSelectAllowedRoles from PX.SM
    1. Not sure how this DAC works or how to use it, but it appears to be the DAC that provides the mapped roles on the users screen. It is used in Access.cs
  2. Use  ActiveDirectoryProvider.GetUsersByGroupIDs(usergroups) or some other method of the ActiveDirectoryProvider. We haven’t completely explored this either.

Does anyone have experience with trying to do this?

icon

Best answer by Troy Vars 12 March 2022, 21:45

View original

1 reply

Userlevel 3
Badge +1

As far as I am aware Acumatica doesn’t allow for deactivation of roles only of users. However, if you mean Active as is in to have an assigned role to user, then the following tables should help you to build the BQL for your selector.

PX.SM.Users  contains a field IsADUser

PX.SM.RowUsersInRoles contains the link of Acumatica Role Name to User

this is used in Acumatica Reports and is most likely a projection of PX.SM.UsersInRoles dac/table

PX.SM.RoleActiveDirectory contains the link Acumatica Role Name to the AD GroupID (aka AD Roles) 

PX.SM.Roles contains the Role Name and Description

Reply


About Acumatica ERP system
Acumatica Cloud ERP provides the best business management solution for transforming your company to thrive in the new digital economy. Built on a future-proof platform with open architecture for rapid integrations, scalability, and ease of use, Acumatica delivers unparalleled value to small and midmarket organizations. Connected Business. Delivered.
© 2008 — 2023  Acumatica, Inc. All rights reserved