I noticed what looks like a bug related to AD AccountIDs.
Our company uses digits as Users UID in both Single-Sign-On systems and AD, so once declared in NPM AccountID column in Accounts table looks like DOMAINNAME\501xxxx.
When acknowledging alerts, the AcknowledgedBy column in AlertStatus column looks like DOMAINNAME(1xxxx - Orion Website.
Looks like the \50 is interpreted as octal, hence the ( sign...
More generally, regarding the AD user accounts, i have a couple feature requests:
1. Allow use of Users Full Name, or best, user defined attribute from AD instead of their domain logon in acknowledgment or audit trails in NPM/NCM. When using digits or non-human readable logins, and with a large user base, its quite difficult to identify who did what...
3. Change the login page to include a select one input list displaying possible domainnames inherited from AD or user local computer, and fallback to an input textbox if user is not connected to a domain.
Turns out entering the DOMAINNAME\ prefix is confusing for a lot of users. Maybe strip the domainname from AccountID column and maintain it in an additional column in the Accounts table ?
This is more like a 'nice feature to have' than a mandatory thing, but that don't seem like a much difficult thing to implement and would IMHO improve user experience.
Btw, any plan to integrate NPM website with SSO frameworks such as SiteMinder or OpenID ?
And one last thing: looking at the Accounts table i noticed the password column was filled for AD-enabled users. Is this a dummy value only or you're actually storing the AD password in there ? Not only this might be considered as a potential security issue, but how do you handle password expiration in AD using this method ?
Thanks & Regards
I've marked this for the PM to review.