AD/Database Authentication Profile

The active directory/database hybrid profile type uses the database authentication profile for role management, but uses Active Directory for authentication. This means that for any username/password combination, Active Directory gets to decide whether that user is a valid user, and if they are considered valid, then the roles for that user are retrieved from an external database connection.

This type of authentication profile is very handy for projects that are required to integrate with IT's centrally managed security, but negotiating the management of roles with IT would be too cumbersome. The main reason one would choose this profile type over the AD/Internal profile is that by storing the roles in an external database, they can be managed outside of the Ignition Gateway's web configuration interface. Specifically, one can create screens using the Vision Module for role management, thus allowing security management from within a running Client.