5_2:creating_users

KB0000111 Creating Users

Three Ways to Create Users

There are three ways to create users in PIAB:

1. Using the 'Admin | Manage Users' form in the Windows Client. This is the simplest and recommended for small-medium numbers of users.

2. Import from Active Directory via a CSV File. This is useful for larger numbers of users, and you can review and modify the CSV file to include your choice of attributes.

3. Using LDAP. This method reads user information directly from your Active Directory and inserts in into the database. This is useful for very large numbers of users, and requires a knowledge of LDAP query syntax.

This article describes the options 2 and 3.

Importing users from AD via a CSV file

It is possible to export the list of users from your domain controller into a csv file. The columns that are exported into the csv file are defined by which columns you have in user manager.

Note that for smaller numbers of users, it may be simpler to create them via the Windows client.

Exporting Information from AD

  1. Run 'Active directory Users and Computers'
  2. Go to 'view' and select which columns you want to display e.g. Name, Display Name, E-mail Address, Telephone…etc
  3. Right click on the Users container and select ‘export list’, export the list to ‘text comma delimited *.csv format'. This will create you a csv file viewable in excel that contains your user names and columns for use in PIAB. If you wanted to export more columns you just need to select more in Step 1. You will use this information to copy and paste into a new csv file to import into PIAB.

Creating the CSV Import File

You now need create a new CSV file that contain all the correct columns for importing into PIAB. A sample copy can be downloaded from here:

https://www.projectinabox.org.uk/customerdownloads/etc/samplePIABcsv.csv.

The columns the PIAB csv file can contain are as follows:

Log in
Display Name
Password
User  Type
Admin
Portfolio User
Role
Organisation
Email 1
Email 2
Tel 1
Tel 2
Tel 3
Fax
Business Address
Postcode
Message

Most of these are self explanatory and relate to the 'Manage Users' forms in PIAB. There are three special columns which can only contain values specific to PIAB

  • 'User Type' - can only be set to Manager, Team, Hub or Contact Only.
  • 'Admin' - can only be set to 1 for on, or 0 for off
  • 'Portfolio User' - can only be set to 1 for on, or 0 for off.

You can now use the newly created csv file to import your list of users, using the Server Management tool.

  1. Select the 'Import Users' tab
  2. Browse to the csv file you created above
  3. Select 'Read' and confirm that the records are correct
  4. Select import to transfer the list of users and details into PIAB

NB It is recommended that you backup the PIAB database before importing users

Other Functions

Header Row

Check the 'Header Row' checkbox to treat the first row of the CSV file as a header row, i.e. it is not imported.

CSV Delimiter

By default the CSV delimiter is a comma ','. You can specify alterative here. For the 'tab' character, enter tab or \t.

Randomise Passwords

When using Windows Authentication in PROJECT in a box, the explicit passwords stored in the PIAB database are not used, but you should randomise the passwords to prevent a security issue if, for instance, the authentication scheme is not correctly set up or is put in a 'Basic Authentication' state during maintenace or testing. Pressing 'Randomise Passwords' will create unique random passwords for each user in the list, prior to import.

Non-Ascii Characters

If you wish to include non-ascii characters e.g. characters with diacritics (e.g. accents) then please save your CSV import file with the correct character encoding e.g. Unicode. The import routine should pick recognise the correct encoding when it reads the file.

Reviewing the CSV File and Deleting Users

NB it is important to review the csv before importing into PROJECT in a box, it is not possible to completly delete users from PIAB once they have been added through the client interface; they can be set to 'Deleted' (releasing the licence they might otherwise be using) they will still appear in the list of users in PIAB.

For administrators with access to SQL, the users can be deleted directly from the 'tblUsers' table, but this should only be done with care, and before the users concerned have logged in and started working on projects. Alternatively you could restore your PIAB database , to how it was before you imported users from your csv file.

Using LDAP to Create PIAB Users

This article describes using LDAP for creating PROJECT in a box users based on users in your Active Directory. Note that for smaller numbers of users it may be easier to manually create users using the Windows client, or by importing from CSV file.

The PROJECT in a box server program can help create your PROJECT in a box users consistently with your Active Directory uses. This is useful in the situation where you are using a 'Single-Sign-On' scheme. In this scheme, the PIAB user names must match up with the Windows domain login names.

There are four steps to the syncronisation:

Step 1: Enter your LDAP server name, and the username and password to login.

Step 2: Click Read Active Directory Users to read the user names from Active Directory.

Step 3: Select the users you want to sync. with PROJECT in a box.

Step 4: Click 'Users»' or 'Emails»' to copy over user names or primary email addresses into the PROJECT in a box Database.

New Users are 'Contact-Only'

When users are added, they are set up as “Contact-Only” user types, which means that by default they cannot log into PROJECT in a box using the client or Enterprise Hub. If you wish these users to be able to log into PROJECT in box then please use the PROJECT in a box client (using and Admin account) to setup the appropriate user types and to grant access to specific projects.

LDAP Query Settings

Field Default Value
LDAP ServerThe name or IP address of your LDAP server (e.g. Windows Domain Controller)
DomainThe domain name of your windows domain
LDAP UserA username with read access rights on the LDAP server
PasswordThe password to access the LDAP server
LDAP QueryThe query used to access the users. By default this is
 LDAP://w2003svr1/DC=myhome,DC=local 
LDAP Filter An LDAP filter to return users.By default this is:
(&(objectclass=user)(objectcategory=person))
ExcludeA text string to exclude unwanted accounts e.g. system or machine accounts. By default this is:
ASPNET;IUSR_;IWAM_;krbtgt;Guest;SUPPORT_;
5_2/creating_users.txt · Last modified: 2019/03/03 07:44 by admin