TM1 Forum

Hello,

I am setting up integrated login on a TM1 server for the first time. It works very well for single users where I set UniqueID to user@domain in the }ClientProperties cube (I am not using the ETLDAP utility). My question is if you, instead of a single user, can map a client in TM1 to a user group on the domain? I have tried using group@domain and domain\group as UniqueID but that did not work. I can't find any information on how to find the domain-qualified name of a user group. Do you know if what I am trying to do is possible, and if so how to get it right?

Thanks!

/Bergstrand

Interesting idea - but I think for IL, users in TM1 have to be users in the LDAP source - since IL uses the source for authentication, it needs to ask for a user not a group.

Ok, that's why it doesn't work then. Too bad - it would have made our user administration simpler.

Thanks for your fast reply, David!

Hi

1. If you use this code in a batch file an execute it from the command prompt the User and Domain will be returned in the way you need it for the UniqueID if you use NTLM.

---
echo off
cls
echo .
echo .
echo .
echo User: %username%
echo Workstation: %computername%
echo logon to: %logonserver%
echo Domain: %userdomain%
echo profile: %userprofile%
echo .
pause
---


2. Your TM1 user does not need to be a LDAP user. You can for example have a TM1 user 'IdontExist' with yourwindowsid@domain in the UniqueID and it will log you in as that TM1 user.

3. As far as I know you cannot use groups in the Unique ID, it is always user@domain. You wouldn't be logged on as a group onto to your machine, would you?

Cheers

Gregor