We got a DEV/TEST environment in IFS cloud for testing before we move our PROD to the cloud (remote deployment) and there are two features in our current Apps10 setup that seems not working in IFS cloud.
1) We have several service accounts in Apps 10 that we use for integrations, and there are couple of instances that these accounts are used to access the IFS DB directly. Does IFS cloud provide a way for these accounts to access the DB directly?
2) At the moment we have users in AD Groups and user are assigned to permission Sets are are synced with these AD Groups. (Active Directory user Integration Config in Apps10) Is there an option in IFS cloud to set this up the same way? If not is there an alternative?
User Accounts in IFS Cloud
+1
Userlevel 7
+19
Hi
In our company there’s an AD Group created especially for this purpose. The 4-5 users within that group can access the IFS Cloud database. So I think there’s an option. Is there a way you can request this through possibly an IT Infrastrucure team of yours?
Thanks,
Asela
+1
Hi Asela,
Thanks for your response. I guess you’re answering on the first question I have raised above.
But, even if we create new accounts (through AD) in IFS Cloud. Those users are not able to connect to the DB directly. Our requirement is to have a user(s) whom we can use to login to the oracle database directly. Any suggestion on that?
Thanks!
Userlevel 6
+14
1. Service Account Database Access
- Apps10: Service accounts directly access the IFS database.
- IFS Cloud: Direct database access for service accounts isn't available. IFS Cloud enforces a secure application service layer that mediates all data access. This enhances security and compliance.
2. User Authentication and Authorization
- Apps10: Active Directory (AD) groups manage user assignments to permission sets.
- IFS Cloud: IFS Cloud adopts a different approach. It leverages cloud-based identity providers like Azure Active Directory (Azure AD) or Okta for user authentication and authorization. You can configure IFS Cloud to synchronize users and groups from your chosen provider. This eliminates manual user provisioning and permission set assignments based on AD groups.
Alternatives for Service Account Access:
While direct database access isn't possible in IFS Cloud, you can explore alternative solutions:
- API Access: Consider using IFS Cloud's APIs for data access. IFS Cloud offers a comprehensive set of APIs that service accounts can leverage to interact with the application data.
- Integration Tools: Utilize integration tools like Boomi or MuleSoft to mediate data flow between IFS Cloud and other systems. These tools can handle authentication and authorization on behalf of service accounts.
Darshana is right, users created through Aurena do not have DB accounts. In addition to the options that Darshana mentioned, using APIs and integration tools, these methods are also available for on-premises installs:
- Use one of the System of Service Users that have DB acccounts (link).
- Create Oracle DB accounts for your users using a script or manually.
FYI, SQL statements in Quick Reports run much faster in Aurena than they did in previous versions. This can be an easy way of running SQL statements if needed.
Reply
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.