Home | Forums | Contact | Search | Syndication  
 
 [login] [create account]   Wednesday, June 18, 2025 
 slxdeveloper.com
 Community
 Members
 General
 Architect
 External
 Web
 Downloads
 Resources
6/18/2025 1:29:39 AM







 
slxdeveloper.com Community Forums  
   
The Forums on slxdeveloper.com are now retired. The forum archive will remain available for the time being. Thank you for your participation on slxdeveloper.com!
 Administration Forums - General Administration
Forum to discuss general administration topics for SalesLogix (including LAN & remote topics). View the code of conduct for posting guidelines.
Forums RSS Feed


 Back to Forum List | Back to General Administration | New ThreadView:  Search:  
 Author  Thread: AD Authentication passthrough
Michael Litman
Posts: 94
 
AD Authentication passthroughYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 18 Oct 06 10:16 AM
fiogf49gjkf0d
Can anyone explain how the passthrough is working from AD to SLX and back.

Thx ML
[Reply][Quote]
Ryan Farley
Posts: 2265
slxdeveloper.com Site Administrator
Top 10 forum poster: 2265 posts
 
Re: AD Authentication passthroughYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 18 Oct 06 1:16 PM
fiogf49gjkf0d
First, take a look here: http://www.slxdeveloper.com/page.aspx?action=viewarticle&articleid=59

AFAIK, you basically link up the AD user to a SLX one and in doing so the AD user's SID is stored for the SLX user account record. When SLX starts up it matches the logged in user SID with a SID stored for a SLX user and if located, SLX is logged in with the SLX user account credentials automatically. So, you're not exactly logging in with the AD user's credentials, so nothing is passing through to the AD. The logged in user on the local pc's SID is compared with one previously stored in the SLX database (linked up with a SLX user) and then the SLX user's credentials (that matched the logged in SID) are used to log in. That's how I understand it anyway.

-Ryan
[Reply][Quote]
Michael Litman
Posts: 94
 
Re: AD Authentication passthroughYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 18 Oct 06 1:33 PM
fiogf49gjkf0d
if I understnad correctly then it wouldn't matter what the SLX username is as long as you login to the correct desktop user account you will get in to SLX?
[Reply][Quote]
Ryan Farley
Posts: 2265
slxdeveloper.com Site Administrator
Top 10 forum poster: 2265 posts
 
Re: AD Authentication passthroughYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 18 Oct 06 1:39 PM
fiogf49gjkf0d
That is correct. The SLX user name does not need to match the AD user in any way. It is all based on the AD user you're logged into the desktop pc as, and if that user has been linked to a SLX user account.
[Reply][Quote]
Michael Litman
Posts: 94
 
Re: AD Authentication passthroughYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 18 Oct 06 1:42 PM
fiogf49gjkf0d
What would be the implcations in citrix or term services? Thx for the info

P.S. thanks for the site
[Reply][Quote]
Ryan Farley
Posts: 2265
slxdeveloper.com Site Administrator
Top 10 forum poster: 2265 posts
 
Re: AD Authentication passthroughYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 18 Oct 06 1:46 PM
fiogf49gjkf0d
The same would apply as they are still authenticated by the AD as an AD user. Whether on a physical desktop or via RDP, term services, Citrix, they are still logging into the OS as some AD user, so everything would still apply.
[Reply][Quote]
Jeremy Brayton
Posts: 491
Top 10 forum poster: 491 posts
 
Re: AD Authentication passthroughYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 18 Oct 06 4:30 PM
fiogf49gjkf0d
Can SLXProfiler.exe profile the SQL returned by the AD auth method? I'm betting that it can't since it will only link up to a SLX app when it's logged into the database.

If this is the case, how would one go about profiling it? SQL profiler?
[Reply][Quote]
Ryan Farley
Posts: 2265
slxdeveloper.com Site Administrator
Top 10 forum poster: 2265 posts
 
Re: AD Authentication passthroughYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 18 Oct 06 4:46 PM
fiogf49gjkf0d
Quote:
Originally posted by Jeremy Brayton

Can SLXProfiler.exe profile the SQL returned by the AD auth method? I'm betting that it can't since it will only link up to a SLX app when it's logged into the database.


Yes, the SLX profiler can profile activity from connections using integrated security. The profiler profiles provider level activity, regardless of how the user authenticated.
[Reply][Quote]
Jeremy Brayton
Posts: 491
Top 10 forum poster: 491 posts
 
Re: AD Authentication passthroughYour last visit to this thread was on 1/1/1970 12:00:00 AM
Posted: 18 Oct 06 7:19 PM
fiogf49gjkf0d
Quote:
Originally posted by Ryan Farley


Yes, the SLX profiler can profile activity from connections using integrated security. The profiler profiles provider level activity, regardless of how the user authenticated.

I meant profile the SQL query that the AD integration calls, like "SELECT WINDOWSAUTH FROM USERINFO WHERE SID = 'BLAH'". The SLX profiler doesn't start capturing information until the connection is fully authenticated, so I believe the only way to get the query is to use the SQL profiler. I believe I answered my own question but I was basically looking for a way to validate what it's doing under the hood.
[Reply][Quote]
 Page 1 of 1 
  You can subscribe to receive a daily forum digest in your user profile. View the site code of conduct for posting guidelines.

   Forum RSS Feed - Subscribe to the forum RSS feed to keep on top of the latest forum activity!
 

 
 slxdeveloper.com is brought to you courtesy of Ryan Farley & Customer FX Corporation.
 This site, and all contents herein, are Copyright © 2025 Customer FX Corporation. The information and opinions expressed here are not endorsed by Sage Software.
code of conduct | Subscribe to the slxdeveloper.com Latest Article RSS feed   
 
page cache (param): 6/18/2025 2:03:16 AM