Small width layout Medium width layout Maximum width layout Small text Medium text Large text
     Search
Downloads Downloads Directory Directory Forums Forums Forge Forge Blogs Blogs        Marketplace Marketplace Careers Program Careers
Products › Development › Forge › Provider - Authentication Register  |  

 

 
  Quick Links  
 


  Team Leadership  

Mike Horton
(Team Lead)

 

 Charles Nurse
(Core Team Sponsor)
 


  Team Members  

 Daniel Bartholomew
(CardSpace)

Mike Horton
(Active Directory)

  Charles Nurse
(LiveID, OpenID)

We're recruiting!  Can you handle support for the LiveID or OpenID provider?
 


  DotNetNuke Projects  
The DotNetNuke Projects are a special category of platform extensions which are developed by volunteers to conform to the high professional standards mandated by DotNetNuke Corporation. The DotNetNuke Projects are distributed as a standard part of the DotNetNuke core application release offerings.
 


AppTheory specializes in solutions based on the DotNetNuke platform and has 2 employees on the DotNetNuke Core Team.
  Ads  
r2i.ntegrated
 


  Sponsors  

Meet Our Sponsors

ExactTarget email software solutions
Merak Mail Server
WebSecureStores -- ASP.NET & DotNetNuke Hosting Solutions
FCKeditor Project
Salaro -- Skins and more
OnyakTech
 


DotNetNuke® Project :: Authentication Providers

The Authentication Provider project is actually a collection which includes both the core components and the individual providers for each authentication type.  At present the supported providers include Active Directory, LiveID and OpenID.

Each member of the Authentication team leads the effort on their own specific provider.  However, they work as a team to ensure that all the providers are well serviced (including forums, fixes, etc).
 


Team Member Blog

Active Directory 01.00.02 Provider Status Update

Jan 16

Posted by: Mike Horton
1/16/2008

The provider is currently stalled in the Release Tracker because changes to IIS7 prevent the provider from running in Integrated mode (it runs fine in Classic mode though). The major issue is the Microsoft decided that running two authentication types was a bad thing so if Forms authentication is enabled you can't run any other form of authentication (Basic, Windows, etc.). So it essentially ignores any IIS security settings applied to any files and goes off what is set in the web.config.

At this time I don't know if there's a work-around to the problem (searches haven't returned anything promising yet) and I don't know if this is going to cause the provider to fail in the tracker. In the meantime, if you need the provider for DotNetNuke 4.8.0 and are not running your site under IIS 7.0 Intergrated mode then you can find the version that is in the tracker at http://dnn.gmss.org.

Trackback Print
Location: Blogs Mike Horton
Tags:

Re: Active Directory 01.00.02 Provider Status Update

Seems like this may slow things down a bit.

By ckoeber on   1/16/2008

Re: Active Directory 01.00.02 Provider Status Update

Mike I think IIS7 might provide you the ability to alter it's settings through asp.net code. Using this it should be possible to change the settings to provide the configuration you need.

By AdefWebserver on   1/17/2008

Re: Active Directory 01.00.02 Provider Status Update

If you are talking about the "windows logon page" you could put it in it's own directory and give it it's own web.config... Maybe not ideal, but quick to implement...

By dstgroup on   1/17/2008

Re: Active Directory 01.00.02 Provider Status Update

Is there development underway to make the "roles" automatically populate from active directory groups? So instead of relying on dotnetnuke roles, you could assign permissions to a particular AD group instead?

By jrhyne2584 on   2/8/2008

Re: Active Directory 01.00.02 Provider Status Update

I'm not sure what you mean. Do you mean that any groups in the AD would automatically get recreated as DNN roles and automatically pull all the users from those groups, create accounts, and add them to the DNN role? Or that DNN would constantly query the AD database security roles to check permissions.

I'm not going to say never but either scenario isn't very practical in my opinion. As a quick example, I work at a college in Alberta and only the school that I support is using DNN with the AD provider. In our AD (the whole college uses one AD) there are thousands of groups and tens of thousands users. In the first scenario I mentioned it would be an administrative nightmare when in reality we only need 40 or 50 groups and < 10,000 users. In the second scenario it would slow the response speed of DNN dramatically as it had to search through 1000s of groups to see if they had permissions.

However, I could see somewhere down the road that a more robust adminstrative interface (maybe as a standalone module) that would allow you to automate things a little bit.

By mikeh on   2/8/2008

Re: Active Directory 01.00.02 Provider Status Update

I am new to using DotNetNuke and have downloaded the 4.8.1 version. Is there a way AD integration is possible? We have not yet upgraded our browsers to IE7.

By hmansoori on   2/28/2008

Re: Active Directory 01.00.02 Provider Status Update

hmansoori, download the 01.00.03 beta (the same version is currently in the Release Tracker) from http://dnn.gmss.org. That version works fine in DNN 4.8.0 and 4.8.1

By mikeh on   2/28/2008

Re: Active Directory 01.00.02 Provider Status Update

hey
i downloded the "ActiveDirectory_01.00.00_Install.zip" and installed it .As soon as i did that im getting an error

Value cannot be null.
Parameter name: path1
Stack Trace:


[ArgumentNullException: Value cannot be null.
Parameter name: path1]
System.IO.Path.Combine(String path1, String path2) +2686595
DotNetNuke.UI.Skins.SkinDefaults..ctor(SkinDefaultType DefaultType) +127
DotNetNuke.Common.Globals.get_DefaultSkin() +31
DotNetNuke.Entities.Portals.PortalSettings.GetPortalSettings(Int32 TabId, PortalAliasInfo objPortalAliasInfo) +2812
DotNetNuke.Common.Globals.GetHostPortalSettings() +216
DotNetNuke.Common.Globals.GetPortalSettings() +79
DotNetNuke.Authentication.ActiveDirectory.HttpModules.AuthenticationModule.Init(HttpApplication application) +213
System.Web.HttpApplication.InitModulesCommon() +66
System.Web.HttpApplication.InitInternal(HttpContext context, HttpApplicationState state, MethodInfo[] handlers) +814
System.Web.HttpApplicationFactory.GetNormalApplicationInstance(HttpContext context) +243
System.Web.HttpApplicationFactory.GetApplicationInstance(HttpContext context) +106
System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr) +340

Can u please give me step by step installation of AD with DNN.Objective is to link the logins with a particular AD.
Thanks



By qwedsa on   3/4/2008

Re: Active Directory 01.00.02 Provider Status Update

hey
i downloded the "ActiveDirectory_01.00.00_Install.zip" and installed it .As soon as i did that im getting an error

Value cannot be null.
Parameter name: path1
Stack Trace:


[ArgumentNullException: Value cannot be null.
Parameter name: path1]
System.IO.Path.Combine(String path1, String path2) +2686595
DotNetNuke.UI.Skins.SkinDefaults..ctor(SkinDefaultType DefaultType) +127
DotNetNuke.Common.Globals.get_DefaultSkin() +31
DotNetNuke.Entities.Portals.PortalSettings.GetPortalSettings(Int32 TabId, PortalAliasInfo objPortalAliasInfo) +2812
DotNetNuke.Common.Globals.GetHostPortalSettings() +216
DotNetNuke.Common.Globals.GetPortalSettings() +79
DotNetNuke.Authentication.ActiveDirectory.HttpModules.AuthenticationModule.Init(HttpApplication application) +213
System.Web.HttpApplication.InitModulesCommon() +66
System.Web.HttpApplication.InitInternal(HttpContext context, HttpApplicationState state, MethodInfo[] handlers) +814
System.Web.HttpApplicationFactory.GetNormalApplicationInstance(HttpContext context) +243
System.Web.HttpApplicationFactory.GetApplicationInstance(HttpContext context) +106
System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr) +340

Can u please give me step by step installation of AD with DNN.Objective is to link the logins with a particular AD.
Thanks



By qwedsa on   3/4/2008

Re: Active Directory 01.00.02 Provider Status Update

@ qwedsa,

I'm assuming you're runnint DNN 4.8.0 or DNN 4.8.1 in which case the 01.00.00 version of the AD provider will not work (I've blogged about this before). If you follow the link at the end of my blog post (http://dnn.gmss.org) you can download the .03 version nof the provider that does work. It'll be downloadable from there until the .03 version completes the DNN Release Tracker process and is available as a DNN download.

By mikeh on   3/4/2008

Re: Active Directory 01.00.02 Provider Status Update

Thanks for that it worked the .03 version
Now the Synchronize Role doesnt seem to work.is there any step by step configuration for that??

my objective is to synchronize the roles of the AD users with the roles of dnn.
Do i have to manualy create the same roles and then it would synchronise?

Thanks

By qwedsa on   3/5/2008

Re: Active Directory 01.00.02 Provider Status Update

Yes the roles need to be created manually in DNN.

By mikeh on   3/5/2008

Re: Active Directory 01.00.02 Provider Status Update

Hi,
Ive installed the .03 version of the AD module.There are certain issues ive faced.There are about 500 users in the Active Dir

1)The login for the users in the login page is very slow.Takes about a minute or two to login
2)For some users it does not login even when there credentails are proper.

All this happens when i choose the "Windows Login Tab" and try to login from my login page.

But when clear my history and cookies and refresh i get the pop up box (since i removed the anonmyous user on the windows signing.aspx in IIS ) and when i put the credentails there it logs in in a matter of seconds and all the users log on without any error,but if the user logs off and tries to login again it gives a invalid password.

Is there any way i can get such a result through my login page when i click the "windows login tab"?cause most of my logins dont work through this.

Thanks

By qwedsa on   3/10/2008

Re: Active Directory 01.00.02 Provider Status Update

@qwedsa (RE: your 3/10/2008 comment)

I have some suspicions on the slow login but have been busy with other projects at work and haven't had time to test them fully.

On the Windows Login page, are your users logging in with DOMAIN\username or just username? It has to be the first one.

Windows Popup, the site needs to be in either the Intranet or Trusted sites zone in your internet settings so that you don't get the pop-up.

This is all covered in the documentation.

Also, in the future, it would be better to post your questions in the Providers forum rather than here.

By mikeh on   3/10/2008

Re: Active Directory 01.00.02 Provider Status Update

i was goin to post at http://dnn.gmss.org/Forum/tabid/130/Default.aspx but got "I'm currently moving everything over to this new site. Until I get the forum data transferred the forum will be unavailable.

Until then you can email me at mhorton@telus.net with any questions/problems.

"

the windows login still doesnt work with some users even though the credentails are proper and im loggin in using "domain\username".


But when i use the http:///DesktopModules/AuthenticationServices/Active/Directory/WindowsSignin.aspx as mentioned in your documentation all the users log in but it logs in very slow about a minute.but sometimes it automatically logs in.

please let me knw how can all the users log on succesfully using the forms authentaication
and
also using http:///DesktopModules/AuthenticationServices/Active/Directory/WindowsSignin.aspx , how to disable the automatic log in's cause i tried the "Auto-login IP Address"Feature as mentioned in your documentation and it dosent seem to work .To be more elaborate everytime a user clicks on this link he shld be asked to type in his credentails in the windows pop up.

Thanks

By qwedsa on   3/12/2008

Re: Active Directory 01.00.02 Provider Status Update

qwedsa, I meant on the Authentication Provider forum here on the DNN site (http://www.dotnetnuke.com/tabid/795/Default.aspx).

By mikeh on   3/12/2008