Cloud user account management
NewWe have used LDAP for our user accounts for a long time and are in the process of switching them all to Cloud accounts. With LDAP the name is pulled directly from our Active Directory as Last Name, First Name, Middle Initial and Department. When setting up their Cloud account, the user then adds their own information but the results are displayed as First Name and Last Name so long as they actually filled in the field, not requied and some have even left it blank or they have but in a nick name or I had one user put in their email address in the last name field. As an system administrator it would be nice to be able to edit this information to fix it and or add in thier department information to make it easily viewable to determine if they are (POLICE) (TECH-OPS) (M&O) or their school campus initals (MRHS) as an example.
It also would be a great features to be able to automatically convert or create a Cloud account for existing LDAP users, but to also have the option to keep both if desired. Only reason I say that is yesterday our internet provider connection went down for an hour so no one could log into the Cloud but those who still had their LDAP account were able to connect and view their cameras. For our critical users such as our POLICE, I have chosen to keep both as seen below but as mentioned prior, the naming is not displayed in same order.
For LDAP accounts, as an administrator I can edit the Name field as needed, but not a Cloud user account, see below.
Here is an example of one I'd like to fix where the user for their first name put in all caps and their last name the put in the alpha email account even though we use their ID email account as that will never change where their alpha email account if they were to change their name due to marriage would be a lot to update and keep up with.
One major reason for delaying the switch to Cloud accounts is the loss of the LDAP integration particularily if their LDAP account gets disabled due to employement termination or retirement. With the Cloud, this will be a manually process. Our cyber security and systems operations group asked if SAML could be used to control access.
One last request, many of our roles are custom as we have multiple school locations that can be on one server and we only want to give the user thier appropriate access. When adding a user though the client I can select the correct role however if I try to do the same thing through the Cloud portal, I can see the Access Level (Role) that I want to assign, in this case KPD-CID, and lets me add it and underneath it, it says Custom user role specified in system.
However when I then check in the system using the client it assigned the role as CUSTOM and not as the role KPD-CID.
I then have to go back and change the Role making using the Cloud portal not very useful.
Sorry I know this is a lot of questions but as an administrator of a very large system, time is everything and just trying to save as much time as possible.
-
Hi Scott,
Thank you for your feedback. To combine the convenience of managing LDAP users with the advantages of cloud users, we are currently working on a feature we internally call SSO support. This feature enables importing users from a cloud identity provider and will address the issue of consistent and correct user naming. You can find more details about it in these threads:
- https://support.networkoptix.com/hc/en-us/community/posts/360036930053-SAML-LDAP-for-NX-Cloud-for-SSO-across-server-locations
- https://support.networkoptix.com/hc/en-us/community/posts/1500000703162-sso-connectionAs for the issue with setting an access level in the cloud portal not being applied to a user, that seems to be a bug. Could you let me know which version of the software you are using?
Please sign in to leave a comment.
Comments
1 comment