Active Directory overview
Active Directory is used to connect and authenticate users on the PTC Modeler SQL Server instance. Using Active Directory Domain Name services, you can create and manage users and groups for SQL Server authentication.
In PTC Modeler, users and groups are referred to as Logins on a server level, and Principals on a database level.
Logins allow AD users and groups to connect to SQL Server. Principals allow users and groups that are associated with a server login to connect to a specific database. You can assign permissions for AD users on a server, database, package, or a model level. For more information about PTC Modeler access permissions, see Overview of Modeler access permissions.
 |
You must synchronize any changes that you make in Active Directory with SQL Server. For more information, see Synchronizing Active Directory changes for Modeler databases (Model Explorer).
|
This chapter covers the following Active Directory administration tasks:
• Creating a user.
• Creating a group.
• Adding or removing users from groups.
For more information about Active Directory, refer to the Microsoft help:
Active Directory Domain Services
 |
In Active Directory, embedding groups within other groups is referred to as nesting. PTC Modeler does not support nested groups. If you are creating a server login for an AD group with nested groups, users in the nested groups will have to synchronize their permissions. To grant access to users under nested groups, you must perform the following:
1. Create a server login for each nested group under the main group. See Creating Server logins for users and groups (Model Explorer).
2. Add the nested group as a database principal to each database where user permissions are derived from that group. See Adding principals to a database (Model Explorer).
3. Synchronize changes with the Active Directory. For more information, see Synchronizing Active Directory changes for Modeler databases (Model Explorer)
|