Windows Authentication and People Planner SSI
Windows Authentication is used when you have already logged in to Windows, and you then start the People Planner Windows Application.
It is also used when you access MyPlan directly from a browser. If you access MyPlan or the People Planner WSC Components via the Maconomy Workspace Client instead, the system uses the People Planner Silent Sign In functionality to authenticate you.
Both Windows Authentication and PP SSI rely on the following fields in the User table:
- NetworkUserName
- NetworkDomainName
- NetworkDomainAlias (Normally set as a local parameter of the People Planner import task specification)
The NetworkUserName and NetworkDomainName properties are normally retrieved from Maconomy using a Master Data import task. The NetworkDomainAlias property is not retrieved from Maconomy, but can be set as a part of defining the Master Data import task.
The getUsersMQ Web Service query fetches the users; it is defined in the Maconomy AccessControl.I file.
This query uses the UsersAndGroupsU universe to request the data. You can customize this universe and map other fields or define default values if the fields are empty.
You can also use the .I file to modify the data that is returned to People Planner. This is important to realize because these properties (NetworkUserName and NetworkDomainName) are used for user authentication.
When running a People Planner application using Windows Authentication or People Planner SSI, the user-"the user" being a Windows Account name, the UPN name, or the name that is embedded in the PP SSI-token-is validated against the NetworkUserName, NetworkDomainName, and NetworkDomainAlias properties. If People Planner can find the user in its database, the user is logged in.
People Planner SSI is described in more detail in the Deltek People Planner Technical Installation Guide and in the Deltek People Planner Integrations Guide.