I'm putting some added security on forms, so can anyone remind me what to put in the FORM Initialize Rule to check if the current user attempting to load the form is a member of an AD Group?
If there are in the AD Group, then let them in.
If they are not, then navigate to another form explaining why they dont have access...
I've already grabbed the attempting users department and username via the GetUserDetails method and put them in data labels to use
Thanks as always
Hi there
There should be an AD User SmartObject available. It is usually automatically built and available in the SmartObject Service Tester. This SmartObject should have a Get Users for Group method that will allow you to get the roster for an AD group. From there, you should be able to tell whether the current user is in that group.
Ian
Hi Ian,
I tried that, using getUsersbyGroup, but no success. -Where do i pass in the current users name to be checked against the AD Group?
Input is Groupname: i.e. AD Group A
Do i need something in the filter?
What do i put in the Output mappings?
Where do i enter the current users name to check against the AD group?
Can you do a step by step on how to check if the current user is a member of AD Group A, if so, then proceed, else put up a message saying "your names not down, you're not coming in"???
Dear ,
Frist off , Add a datalabel on ur form , just as a "flag" purpose"
I couldnt find a smartobject that has boolean return value , but i found the following ,
go create a smart object and save it to any folder u want Using Tester utility,
Open the tester and expand URM manager and Create smartobject off the UMUser
Might be long , but hope it helps!
Best regards.
Ahmad,
Thanks for your excellent and clear reply, very much appreciated.
I think i've managed to get it working, using the Getusersbygroup and then using advanced condition to check for empty, if is is empty, forward the user to a Access Denied form...
Just need to double check everything works, but looks promising.
The other similar thing i need to do on a different form is to check if the "Department" of the User loading the form matches the same Department of ANYBODY in one AD Group, can this be done in a similar way? This is because i want to only allow the user to access the form, if there is an Authoriser for his/her department in the AD group?
Any ideas how i would acomplish that?
Dear ,
Its kinda the same process as before , (add 2 data labels on ur form/view : 1-DepartmentName , 2-ExistFlag )
First go to ur tester ultility and create SMO of the following (shown in the figure) and name it AD USER2
Note: First SMO method will have input name , and return department name
Second SMO will have input groupname , Filtered by department name , and returns name value into Flag data label on view/form
If condition will check if Flag Data label is empty/not
if is not empty it means that the department is found for ANYBODY in the AD group .
2-Configuration for First SMO GetUsersDetails Method
4-Configuration for Second SMO GetUsersByGroup Method
6-
Hope it helps!
Best regards.
Ahmad,
Thank you (again), thats works great.
One last bit to this (no more i promise 
)
For a seperate part i am working on, I want to store the names of ALL the users returned from the GetUsersBygroup smartobject event.
At the moment, it just returns the Name of the FIRST person it finds with the SAME department. Is it possible to capture all the users names/display names in that Group with the same Department?
I want to use those returned names in a notification message.
The only other way I could think off was to use a List View, but if i can do it using a Smartobject method instead, it would be much simpler.
Really appreciate your help so far!!!
Dear ,
Its my pleassure to help ! ur very welcome .
Yes its possible to get all users/display names with SAME department with the same SMO , same Input , same Filter
and only thing i would think of simpler than creating a list view is list box ,
there is a control named "list box" , go to its property and set the datasource = "AD User2" (As before)
After that just go apply same Input , same Filter , on the rule that will be auto-generated in ur "when ur view executing initilize" open its configure part.
This should return all names/display names u need .
Hope it helps!
Best regards.
Ahmad....
I can't see any List Box controls in the Input section of Designer when editing the FORM. I'm on version 4.6.8
Was list box control introduced afterwards?
If not, any other way?
Dear ,
My apologies , I didnt know that u were on 4.6.8 ,
Im nt rly sure about other option that u could use , but u could try to check the controls u have , and if u have anything that accepts a "data source" and its output is "list" u could use the same steps .
Best regards.
Ahmad,
I managed to get it working using a Form with a List View.
Added the rules as you mentioned and it's working fine.
Thanks Bro
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.