Skip to main content

Configure multiple custom directories

If several directories are configured in the Axidian Access system that is already in use (after granting primary rights to the system administrator), and the location of the system administrator or the prefix specified in the accessControlAdminSettings parameter changes, you must delete the previously granted rights and restart the primary configuration utility.

To delete the rights, you must delete all data from the DbAccessGroupMembers table located in the database of the system.

Tip

If the containers are located in different domains/divisions, you must create a user to read data from the container in your domain/division.

  1. Add lines to the adUserCatalogProviders tag to connect to containers.

    <userCatalogProviderSettings rootUserCatalogProviderId="user">
     <userCatalogProviders>
       <sqlUserCatalogProviders></sqlUserCatalogProviders>
       <adUserCatalogProviders>
         <adUserCatalogProvider id="Ad1" serverName="demo.local" containerPath="OU=AxidianAccess_Users,DC=demo,DC=local" userName="demo\ind-user" password="Q1q2E3e4" />
         <adUserCatalogProvider id="Ad2" serverName="inforest.demo.local" containerPath="OU=UsersInForest,DC=inforest,DC=demo,DC=local" userName="inforest\cataloguser1" password="Q1q2E3e4" />
         <adUserCatalogProvider id="Ad3" serverName="newforest.local" containerPath="OU=Usersoutforest,DC=newforest,DC=local" userName="newforest\cataloguser2" password="Q1q2E3e4" />
       </adUserCatalogProviders>
     </userCatalogProviders>

  2. Add the orUserCatalogProvider tag with the id parameter inside the orUserCatalogProviders tag.

Information

The value of the id parameter must match the value specified in the rootUserCatalogProviderId parameter.

  1. Add the userCatalogProviders tag inside the orUserCatalogProvider tag. Inside the userCatalogProviders tag, add the userCatalogProvider tags with the id parameter, which specifies the ID of the user container, and ignoreExceptions with the value true. This parameter ignores the error connecting to the directory if this directory is unavailable.
Information

These tags may not be present in the configuration file if the configuration file has previously been encrypted with unspecified parameters. If there are no tags, then add them manually. The full file structure is represented below.

<orUserCatalogProviders>
    <orUserCatalogProvider id="user">
       <userCatalogProviders>
          <userCatalogProvider id="Ad1" ignoreExceptions="true" />
          <userCatalogProvider id="Ad2" ignoreExceptions="true" />
          <userCatalogProvider id="Ad3" ignoreExceptions="true" />
       </userCatalogProviders>
    </orUserCatalogProvider>
</orUserCatalogProviders> 
<accessControlAdminSettings userId="UserId_891f2b6c-9a55-4e1a-b69b-b4d6418f4c4c"/>
  <logonSettings secretKey="*****"/>
  <userCatalogProviderSettings rootUserCatalogProviderId="user">
    <userCatalogProviders>
        <sqlUserCatalogProviders>
        </sqlUserCatalogProviders>
        <adUserCatalogProviders>
            <adUserCatalogProvider id="UserId" serverName="new.loc" containerPath="DC=new,DC=loc" 
                userName="axidian-users" password="Q1q2E3e4" />
            <adUserCatalogProvider id="UserId1" serverName="test.new.loc" containerPath="DC=test,DC=loc" 
                userName="axidian-users" password="Q1q2E3e4" />
        </adUserCatalogProviders>
    </userCatalogProviders>
    <combineRules>
        <orUserCatalogProviders>
            <orUserCatalogProvider id="user">
               <userCatalogProviders>
                  <userCatalogProvider id="UserId" ignoreExceptions="true" />
                  <userCatalogProvider id="UserId1" ignoreExceptions="true" />
               </userCatalogProviders>
            </orUserCatalogProvider>
        </orUserCatalogProviders>
        <andUserCatalogProviders>
        </andUserCatalogProviders>
    </combineRules>
  </userCatalogProviderSettings>