Integrate PowerBuilder with Active Directory

You need to create an Access Control system in your .NET or PowerBuilder applications.
Your organization already manages Active Directory Accounts.
So you wonder if you can re-use AD accounts for the authentication phase, and add a permissions system.

This would imply significant development.

First you would have to develop, implement and maintain a permission system. Then you would have to code in order to manage the integration of Active Directory into your system.

Or you could use Visual Guard for PowerBuilder: it provides a ready-to-use solution for authentication, permissions and audit. You can reuse Active Directory authentication to enter PowerBuilder applications and then use Visual Guard permission features to create, modify and manage permissions.

Visual Guard offers powerful features such as:

  • Defining permissions for each account (what they can do in the application)
  • Keeping track of sensitive transactions (Auditing - who did what?)
  • Single Sign-on (users do not enter credentials to access each application)
  • Mixed-mode authentication: combine AD accounts with application accounts
  • and much more...

Integrate with Active Directory

Users will sign in to PowerBuilder applications with their Windows accounts

With Visual Guard for PowerBuilder, you can use Active Directory accounts to authenticate users and define which account can access each PowerBuilder application.
When a user tries to enter the application, Visual Guard asks for his credentials, checks the user identity with Active Directory and lets the user access the application if he was authorized to.

Implement Single Sign-on (SSO)

Users start the application and get authenticated silently.

Visual Guard offers a ready-to-use Single Sign-on solution for PowerBuilder Applications:

  • The user provides his credentials when starting a Windows Session (as usual).
  • When the user opens a PowerBuilder application, Visual Guard uses the current Windows Account to identify the user and verifies if he can access to this application.
  • If so, Visual Guard loads the user permissions and dynamically adjusts the application to these permissions.

Grant Access Rights to Windows Users

Define what a user can do within the application

With Visual Guard for PowerBuilder, you can grant roles and permissions to Active Directory accounts.
As a result, you define what each user can do within the application (which data they can access, which controls they can use etc.). Users Permissions are automatically enforced after authentication.

Visual Guard offers the possibility to define such roles and permissions without writing code in your application.
You would do that in a few clicks within Visual Guard Administration console.

Grant Access Rights to Windows GROUPS

Manage Permissions at Group Level

With Visual Guard, you can define a hierarchy of user groups, for instance replicating the hierarchical structure of your organization.
You will grant access rights to groups and place users in Windows groups. This way, you no longer need to manage permissions for individual user. A user can belong to one or several groups.

Manage other types of user accounts

Depending on your architecture, you may NOT want to use Active Directory accounts. Visual Guard can manage its own user accounts (created and stored within Visual Guard). You can also reuse existing user accounts such as Facebook, Google, etc.

Mixed mode authentication? No problem

Visual Guard allows you to implement mixed mode authentication:
In some cases, you need to have mixed mode Authentication. For example both the employees and the customers access your applications. Visual Guard allows you to manage mixed mode authentication. You could use Active Directory/Windows accounts to authenticate Employees, and application accounts to authenticate customers.

Multi-user desktop?

Another possibility is to implement Single Sign-On on the desktops of your end users, and to have one or a few desktops available to everyone. On these particular machines, you want to stop Single Sign-on process and to have everyone entering his/her credentials to access the applications. Visual Guard for PowerBuilder enables you to have this kind of “kiosk” desktop, even if you use Single Sign-on on all other machines.