I'm using the follwing statement to create windows users: New-PWUserSimple -UserNames name -Description description -Email email@example.com -Password $secpassword -SecurityProvider GLOBAL
Can someone tell me what do i need to modify to create a windows synchronized user?
i tried to use the old PWPS command "new-pwuse" and this gives me the following error:
new-PWUser : Unable to find an entry point named 'aaApi_CreateUser2' in DLL 'dmscli.dll'.
Unable to find an entry point named 'aaApi_CreateUser2' in DLL 'dmscli.dll'.,Bentley.ProjectWise.PowerShell.Commands.NewPWUser
Looking at the database, there is no distinction between Windows and Windows Synchronized users in the dms_user table (both are W). I have a query that will find users not in a synced group (close but not exactly what you need) - this is as close as I could get. A distinction in dms_user would be preferred. Once the user is found I can go and edit him manually in PWA.
DECLARE @i INT
DECLARE @var2 VARCHAR (max);
SELECT @i = o_groupno
WHERE o_groupname LIKE 'Domain Users'
SET @var2 = 'SELECT o_username, o_userdesc, o_email
WHERE (o_userno NOT IN
(select o_userno from dbo.dms_grpm where o_groupno = ' + CONVERT (VARCHAR (10), @i) + ')) AND
(o_flags = 0) AND
(o_usertype = ''W'') AND
(o_secprovider = ''NA'')
ORDER by o_username'
It would be nice if this functionality were there so creating synced accounts would not have to rely on the sync service or manually setting them in administrator, but the documentation has always stated "Currently, changing a User's Type from Windows to WinSync (or vice-versa) will have no effect" even when trying to change the settings of a user using PowerShell.
I changed the DOMAIN on accounts with the API a few years ago. I had to set the account to Logical, then back to Windows (synced). So that the SID was updated in the account. There is only L and W for type when using aaApi_ModifyUserExt from the API. I do not see a way to set the user an synchronized this from the current c++ api.