acecombat2 from my experience, trying to sync something what you can not be in control all the time is almost impossible.
I am not sure what was thinking behind to add users into each business.
- Desktop edition does ignore it so they are currently useless there
- Server and cloud would use them, but if it is on business level users can not be shared across businesses.
- User would have to have 2 users for 2 businesses
With super admin you will export file, change super admin password on server import file back, there is no way to say that it is the same user. Maybe it is imported from different server. If you ignore password and just load, when why to have password at all?
If intention for users on business files was for security reasons, so that desktop version could read files only if password is known.
- In this case it is probably better to have export password which you can enter on export, so that it is clear that it has nothing to do with users, and you don’t need to sync it anywhere, it is pure import export password.
If there is no intention to secure desktop backup files, why would you want to keep users in desktop version at all.
- In that case you want only server/cloud to manage users and permission
- Exporting usernames/passwords out of secure and controlled environment is also huge security issue.
If there are real technical reasons to make business files separate, the only way forward to have identity server and implement some sort of SSO implementation. i.e. OAuth, where you login on authentication server and it generates encrypted token to access all other businesses on other instances, it can also include permissions for business access. It would introduce quite a bit of overhead for maintenance thou.
Or you have single web app that handles authentication, if there is need to have something talking to manager-server externally, it could be done over API, but all data is secure in manager and controlled by permission levels, so that API connections don’t have free access to everything, but just what is allowed.