Active Directory Authentication not working properlly

Active Directory Authentication not working properlly

  

I have configure Active Directory Authentication in my Dev Environment.

I have created a user in the user application.

When i access MyInfo page  in my application with the new user created they are allowed to edit the information like Name,Phone and Email. Even i am able to change my Password.

But as AD authentication is enabled the user should not be allowed to change the details and password.

At least Password should not be changed .Please let me know if this behaviour is correct or not ?



 

This is a default page, you can modify to your needs. As the default authentication is not on AD the page created by OutSystems lets you to change the password, and the password changed in this screen won't affect AD logins.

@Victor Salvalagio Pereira : i agree with the upper response but can you give me the answers for below Scenarios


Scenario

If AD authentication is Enabled and then if a person/user (Who is not the user in Outsystem User Application) login/access any application then its user is created in outsystems User Application.

This user is not able to Change the Details and Password. Screen is attached.

Please let me know why this user is not able to change the data ?


Scenario 2

If I create a user with the same Username as his AD Username (e.g. Domain/AD_Username) But provide a different password than his AD password, Aslo If AD Autentication is Enabled then user can login with both the Outsystems Username and Password and Also with the His AD credentails (As AD Autentication is Enabled)

This User is able to change the Password and the details in both type of Access (Ouysystems and AD credentails). 

Please let me know why this user is able to change the data ?





If you open the Users's eSpace you can see this condition on the webblock:


Site.UseActiveDirectoryLogin and GetUser(Session.UserId).User.Password<>""

If this condition is true, then the user can change the data. If not the fields are displayed in readonly mode.

The problem here is that your user is authenticated on the AD, but the password exists. I think you shouldn't set the password on the User entity if you use AD authentication, but I can't tell you why you can login with the AD and the password at the same time. 

I think if AD is enabled the OutSystems login with password should not work, but I can't have any servers configured like this to test.



@Victor Salvalagio Pereira : Thanks for the above information regarding the Condition in Users eSpace.

but when we create a user Password is Mandatory. Please see the screen shot attached. So in that case the user will always have this Password Filled, it cannot be empty in any scenario

Below scenario will only be having the empty password.

 If AD authentication is Enabled and then if a person/user (Who is not the user in Outsystem User Application) login/access any application then its user is created in outsystems User Application.

Also if the above Scenario is the only way to have the empty password thne it is not correct and user friendly as well.

My All applications are Role based and i cannot tell user to first login to my any application so his/her User  will be create in Outsystems than i will assign roles to make user access applications properly.



@Victor Salvalagio Pereira

The Password is the mandatory field, it cannot be empty f we create User