Legacy Role/Group Syncing - Version 6
(versions 6.4.7 - 6.4.13)
Improvements have been made in version 7. Refer to: Quick Active Directory and OpenLDAP User Guide for more information
Prior to version 6.4.7, user roles were only synced to Active Directory roles on initial user creation or import. Starting from version 6.4.7, there are three modes for role syncing, described below.
Role syncing modes
Mode 1: Initial only
This is the default syncing mode and matches the behaviour of earlier versions as well.
This mode will sync role membership only when a user is initially created in Password Server (regardless of whether they are imported manually or automatically).
If you made changes to your role sync settings, you can return to the Initial only mode by removing all role sync configuration keys.
Mode 2: Never
Roles are not synced in this mode. To use this mode, edit the appSettings by deleting any current sync settings, then add the following lines before the </appSettings> line:
<add key="SyncRoles" value="false" /> <add key="SyncOauthRoles" value="false" />
Mode 3: Always
In this mode roles will be synced on initial user creation (manual or automatic) and every time the user logs in (or authenticates). Note that this may reduce application performance. To use this mode, edit the appSettings by deleting any current sync settings and add the following lines before the </appSettings> line:
<add key="SyncInitialOnly" value="false" /> <add key="SyncOauthInitialOnly" value="false" />
Locating and editing the settings
The sections below describe how to properly locate and edit these settings.
Locating the appSettings
The appSettings section is a part of the Web.config file, which is usually found at
C:\Program Files (x86)\Pleasant Solutions\Pleasant Password Server\www\Web.config
It begins with the line <appsettings> and ends with the line </appSettings>.
Editing the appSettings
To edit the appSettings:
1) open the Services window by opening a command prompt window, typing services.msc and pressing the enter key.
2)In the Services window, find the service called Pleasant Password Server, right-click on it, and select Stop.
3)Now copy the Web.config file to your home directory, open the copy in Notepad, make your changes, save the file, close Notepad and copy the file back to its original location (select Copy and Replace if asked whether to overwrite the existing file). Finally, go back to the Services window, right-click on Pleasant Password Server and select Start to start the server with the new changes.
Deleting any current sync settings
To delete any current sync settings, edit the appSettings by deleting lines starting with any of the following:
<add key="SyncRoles" <add key="SyncInitialOnly" <add key="SyncOauthRoles" <add key="SyncOauthInitialOnly"