2 Replies Latest reply on Jun 3, 2013 3:14 PM by MaxStrueverWipro

    Check if PIUser is Disabled?


      Is it possible to check if a PI User is disabled in the security database?


      I would like to perform certain actions on a PIUser depending on whether or not the user is enabled or disabled. 


      But I cannot seem to find an "Enabled" boolean property as I would have expected. 


       I am using PISDK 1.3.6

      PIUser aPIUser = MyPIServer.PIUsers[Username];
      //check if user is enabled?!
          //perform actions for enabled users
          //perform actions for disabled users





      Will there be a way to programmatically work with Identities? It seems that it is there under IServerConnect but not implemented yet. 

        • Re: Check if PIUser is Disabled?

          Hello Max,


          What kind of actions is your application supposed to perform on disabled / enabled PIUsers?


          It looks to me as if the functionality you are asking for isn't implemented into PI SDK. At least I wasn't able to figure it out.


          However, we don't want to leave you without a solution and take the chance to praise on PowerShell and the PowerShell Tools for the PI System:



          $mySrv = Get-PIServer "MYPIServer"
          $myIdentities = Get-PIIdentity -PIServer $mySRV
          Foreach ($myIdentity in $myIdentities) 
                    If ($myIdentity.Type -eq [OSIsoft.SMT.PiIdentity+Types]::PIUser)
                         if ($myIdentity.Disabled) { $temp = "Disabled" } Else { $temp = "Enabled" }
                         $msg = "{0} is {1}" -f $myIdentity.Name, $temp
                         write-host $msg


            • Re: Check if PIUser is Disabled?

              Ah, I will have check out PowerShell more.


              I have a web application that has to connect to two different PI servers. For firewall reasons, a user can't connect directly to both servers at once. The application sits on a server with a firewall exception to connect to both PI servers. The application needs to check whether or not the user is disabled on the server that the user is not able to connect to directly.


              I have looked into Kerberos hopping/delegation, but we do not currently have windows security fully integrated to PI (the server behind a firewall does not have access to the active directory) and I also do not think we will be able to set up delegation here.