User imports

Administration Page Application/Contract Syracuse/Collaboration Class userImports Representation userImport

To connect a Version 7 node server to a Sage X3 folder you need to establish a link between a declared user on the Version 7 platform (stored in mongodb database) and an ERP user managed in the folder.

Frequently, the user code is the same on both sides. The user repository with the associated authorizations, are created first on the Sage X3 folder.

It is useful to have a function that creates or updates the administration user repository from the user table on a Sage X3 folder. This is the purpose of this function.

Definition of a user import profile

Description

A description is given that describes the user import profile.

Filter section

This section defines the users targeted by the user import profile, with the following information:

Endpoint

Indicates the endpoint that is the Sage X3 folder from which the import will be done.

Filter

Defines a condition based on different properties of the AUTILIS table. Only the lines following this condition will be considered during the import. When displayed, the filter is presented as an Sdata condition, for example USR eq 'JOHNDOE'.
In edit mode, only properties that can be a filter component are displayed on a list followed by an operator and a value. You must select the operator (greater than, greater or equal to, less than, less or equal to, starts with, equals, not equal to, and so forth) and a corresponding value on every column that must be filtered. The corresponding condition is then displayed.

Policy section

This section indicates the rules used for the import, with the following information:

Import mode

Determines whether the import procedure will do one of the following:
* Only create new users if they do not exist.
* Only update existing users.
* Both.

A radio button selection is available to define this.

Key property

Refers to the property used to match administration users with Sage X3 users. The match can be done as follows:

  • Email address. The email address on both sides is compared.
  • Code. The comparison is done between the user code (USR property on Sage X3) and the login in the administration user definition.
  • Login. The comparison is done between the login code (LOGIN property on Sage X3) and the login in the administration user definition.

Sage X3 Name format

Determines how the first name and last name in the administration definition are fed from the user name (USRINTIT property on Sage X3). As a unique column can feed two columns in the administration definition, the Sage X3 user name is split if two words are present (with a separator that can be spaces or other characters). The two choices define the order in which the fields are considered ({Last name}{First Name} or the opposite).

Group assignment policy

Indicates how groups are assigned to users at creation time. Three options are available:

  1. Always create: If this option is selected, groups are automatically created for the endpoint every time the import is launched. The groups are assigned to the created or modified users. To define which role is assigned to the group, two options exist:
    • Use existing role: The role must be entered. A unique group with the corresponding role is created and all concerned users based on the execution will be assigned to this group.
    • User menu profile mapping: The algorithm used is the following:
      • For every user, the system looks at the endpoint definition if a role is assigned to the menu profiles.
      • For every role considered a group is created and linked to the role, and the corresponding users are assigned to this group.
      • If no entry is found in the endpoint definition for the menu profile of a user, no role can be assigned. A dedicated group with no role is created.
      • All other users having a menu profile that does not match a role are also assigned to this dedicated group.

  2. Use endpoint and menu profile mapping: If this option is selected, the system performs a search if a group associated with the endpoint and the role resulting from the menu profile mapping exists. If this group is not found, an option defines what must be done with two possible choices:
    • Create group: A group will be created. The previous option for assignment of a role to the created group is also entered.
    • Do not associate the group to the user: No automatic assignment will be done.

  3. Use existing group: If this last option is selected, the group has to be entered.

Use of the user import profile

The Execution link will use the user import profile definition to trigger the import of users.
The import execution is done as a batch task. When finished, a message appears that provides the results such as the number of users created or updated.

When standard authentication method is via local database, then for each created user, the initial password is equal to the user name, and the check box that tells the password must be changed on first login is set. For other standard authentication methods (e. g. LDAP), the user does not have to change it.