www.hkvforums.com

The ANM2017 Application integrates UserLevel or Role based Access when it manages its own security tables eg Users
Generally a user only needs one user level.. eg Admin, Owner, Editor or Reader

It is then possible to integrate this without much difficulty without interrogating AD
An ANM2017 user could create a very simple low security table in their database so the owner or admin could
control access to "their" online database application. eg Username/UserLevelID/UserActivated
Using a simple Username Match and Execute Scale request can then get the UserLevelID
and assign it as their role without the need to access AD or LDAP.

Only the user authenticates, then the database assigns the role.
The same should be applicable for Windows Authentication

Below is my basic code logic (non functional) for the user validated event

var username = CurrentUserName(); //Get the Currently Authenticated LDAP or Windows Login Name
var value = ew_ExecuteScalar("SELECT Username FROM ('DMPDB_Editor.DMP_System') WHERE Username =" + CurrentUserName()); //MATCH with User Table
ew_Session["CurrentUserLevel"] = value; // Get the UserLevelID and assign the Role to the user

As explained in the help file (under User_CustomValidate server event), the default validation will continue after custom validation (in this case validating LDAP user). The user will always pass the default validation and get the User ID and User Level, if any. If you use Advanced Security, you still need the user table to store user information such as User ID and User Level, although the password field value can be empty or any value.