Bentley Communities
Bentley Communities
  • Site
  • User
  • Site
  • Search
  • User
ProjectWise
  • Product Communities
ProjectWise
ProjectWise PowerShell Extensions Forum Add data to identity tab without converting user type
    • Sign In

    • State Verified Answer
    • Replies 7 replies
    • Answers 1 answer
    • Subscribers 67 subscribers
    • Views 1594 views
    • Users 0 members are here

    Add data to identity tab without converting user type

    Morten Pathuel Jørgensen
    Offline Morten Pathuel Jørgensen over 3 years ago

    Hi...

    We are trying to convert our on-premise Projectwise users to IMS without converting their User Type, which is currently Windows Synchronized.
    (so basically just add the email to the federated identity tab)

    What we are doing are:
    Get-PWUsersInUserList -UserList Test33 | Convert-PWUserToFederated -DoNotChangeUserType

    This changes nothing in the user properties, .. this, however, works:

    Get-PWUsersInUserList -UserList Test33 | Convert-PWUserToFederated

    But this converts users to Federated authentication, which is exactly what we are trying to avoid.

    Something seems to be wrong with the way we use the -DoNotChangeUserType parameter.

    PWPS_DAB Version: 1.15.3.0
    PW server Version: 10.00.03.140

    Any ideas on what we are doing incorrectly ?

    Kind regards.

    Morten Pathuel
    Sweco

    • Sign in to reply
    • Cancel

    Top Replies

    • Rene Lloyd
      Offline Rene Lloyd Mon, Dec 16 2019 3:20 AM in reply to Rene Lloyd +1 verified
      update-user-accounts-with-identity
    Parents
    • Dan Williams
      0 Offline Dan Williams Thu, Dec 5 2019 12:45 PM

      Morten,

      I don't see how it would be possible to have a federated user that isn't a federated user type.  The -DoNotchangeUserType does just that, it keeps the user as its current type, which of course if used, then it means that the user is still the same user type as when you started.  I don't know why this parameter exists, but there was probably a good reason, perhaps as a safety measure when processing a list of what are assumed to be federated users and you want to updates some property about those federated users, but if by chance any non-federated users get passed, they don't actually get converted?  I'm just speculating here, but I've looked at the code behind that option and if used, it passes "null" to the second parameter to aaApi_ModifyUserExt() in the PW APIs.

      You can have "apples" or "oranges", but you cannot have something that is both.

      What problem are you trying to solve?  Why the desire to have a user who is both?

      • Cancel
      • Vote Up 0 Vote Down
      • Sign in to reply
      • Verify Answer
      • Reject Answer
      • Cancel
    • Brent Goreham
      0 Offline Brent Goreham Thu, Dec 5 2019 3:45 PM in reply to Dan Williams

      Our method sounds similar to Mortens
      We use Active Directory to control the users in groups, sync the groups into the DataSource as Windows Synchronised users, and then give them a federated identity (without changing the type) 

      This allows a single source of control through Active Directory and the use of IMS logins. 

      I recently noticed issues when trying to use the Convert-PWUserToFederated -DoNotChangeUserType, although I haven't had time to properly find a solution. 

      Keen to see the thoughts on this. 

      • Cancel
      • Vote Up 0 Vote Down
      • Sign in to reply
      • Verify Answer
      • Cancel
    • Dan Williams
      0 Offline Dan Williams Thu, Dec 5 2019 3:56 PM in reply to Brent Goreham

      OK, thanks for the information.  I will have to investigate what exactly this process involves.  I'll leave it to others to help Morten resolve his problem.

      • Cancel
      • Vote Up 0 Vote Down
      • Sign in to reply
      • Verify Answer
      • Cancel
    • Morten Pathuel Jørgensen
      0 Offline Morten Pathuel Jørgensen Fri, Dec 6 2019 2:25 AM in reply to Brent Goreham

      Thanks Brent.

      Exactly what we are looking to achieve, too.

      kind regards.
      Morten

      • Cancel
      • Vote Up 0 Vote Down
      • Sign in to reply
      • Verify Answer
      • Cancel
    • Rene Lloyd
      0 Offline Rene Lloyd Tue, Dec 10 2019 9:08 AM in reply to Morten Pathuel Jørgensen

      Could we just insert the users into dms_identity with [o_userno],[o_idname] ?

      • Cancel
      • Vote Up 0 Vote Down
      • Sign in to reply
      • Verify Answer
      • Cancel
    • Rene Lloyd
      +1 Offline Rene Lloyd Mon, Dec 16 2019 3:20 AM in reply to Rene Lloyd

      update-user-accounts-with-identity

      Answer Verified By: Morten Pathuel Jørgensen 

      • Cancel
      • Vote Up +1 Vote Down
      • Sign in to reply
      • Reject Answer
      • Cancel
    • Morten Pathuel Jørgensen
      0 Offline Morten Pathuel Jørgensen Mon, Dec 16 2019 4:00 AM in reply to Rene Lloyd

      Hi Rene. And thanks.

      This seems to be identical to the solution we ended out using, which looks like:

              $PWusers = Get-PWUsersInUserList -UserList Test33
                  foreach ($user in $PWusers)
                  {
                      $username = $user.username
                      $user32 = Get-PWUser -UserName $username # PWPS
                      $user32.Identity = $user.Email
                      Update-PWUser $user32 # PWPS
                  }
      kind regards.
      • Cancel
      • Vote Up 0 Vote Down
      • Sign in to reply
      • Verify Answer
      • Cancel
    Reply
    • Morten Pathuel Jørgensen
      0 Offline Morten Pathuel Jørgensen Mon, Dec 16 2019 4:00 AM in reply to Rene Lloyd

      Hi Rene. And thanks.

      This seems to be identical to the solution we ended out using, which looks like:

              $PWusers = Get-PWUsersInUserList -UserList Test33
                  foreach ($user in $PWusers)
                  {
                      $username = $user.username
                      $user32 = Get-PWUser -UserName $username # PWPS
                      $user32.Identity = $user.Email
                      Update-PWUser $user32 # PWPS
                  }
      kind regards.
      • Cancel
      • Vote Up 0 Vote Down
      • Sign in to reply
      • Verify Answer
      • Cancel
    Children
    No Data

    Communities
    • Home
    • Getting Started
    • Community Central
    • Products
    • Support
    • Secure File Upload
    • Feedback
    Support and Services
    • Home
    • Product Support
    • Downloads
    • Subscription Services Portal
    Training and Learning
    • Home
    • About Bentley Institute
    • My Learning History
    • Reference Books
    Social Media
    •    LinkedIn
    •    Facebook
    •    Twitter
    •    YouTube
    •    RSS Feed
    •    Email

    © 2023 Bentley Systems, Incorporated  |  Contact Us  |  Privacy |  Terms of Use  |  Cookies