Planning for SQL User Manager

Microsoft Azure Active Directory is now Microsoft Entra ID

The SQL User Manager (SQLUM) is a security provider that allows you to store user information in a SQL database that the product uses to authenticate identities. While Active Directory, Azure Active Directory, and LDAP-based systems are typically more robust, enterprise-ready Identity Providers (IdPs), you can use SQLUM to provide users who are not part of those IdPs the ability to log in to the system. You can also add these users to Roles, and those roles can contain users from other IdPs as well.

You can use SQLUM for any user that does not belong to a standard IdP. You need to decide what artifacts these users need to access and how they get that access. The first option below is the simplest approach, while the second option allows you more flexibility in separating your SQLUM users from your standard users.

  1. Enable SQLUM users to log in to the same sites that other users (from AD, AAD, or LDAP) use
  2. Create a separate SmartForms runtime site that only SQLUM users use

The most common method of installing and using SQLUM is with the Setup Manager. If you are installing the product in an Active Directory environment, SQLUM will be installed automatically as well and you will not see any options in the installer that relate to SQLUM. If an Active Directory domain is not detected during installation (such as in the case of a workgroup server not joined to a domain), SQL User Manager is the only choice for User Manager and you will see it listed on the following page in the installer, as shown here:

See the following topics for more information about SQLUM:

Considerations

  • Before installing the product on a workgroup server, create a user in SQL Server for the Administrator. For information on required permissions for this and the account you use to install the product(if they aren't the same), see the topic Required Permissions.
  • The SQLUM is installed with every installation of the product. However, you cannot choose it as your main user manager if the server is joined to a domain.