Mike Horton (Team Lead)
Charles Nurse (Core Team Sponsor)
Daniel Bartholomew (CardSpace)
Mike Horton (Active Directory)
Ian Sampson (Active Directory)
Charles Nurse (LiveID, OpenID)
We're recruiting! Can you handle support for the LiveID or OpenID provider?
Meet Our Sponsors
2007.05.14
The Active Directory functionality is currently in redevelopment. In this phase it is being more cleanly separated from the core framework such that a TRUE Authentication Provider model can be supported. Mike and Charles are working on this project together with assistance from some other potential Authentication Provider project owners. When the separation is complete a number of additional new providers should come available shortly after.
Posted by: Mike Horton 6/14/2007
I just returned from a three day camping trip with my son's grade six class in the foothills of the Canadian Rockies to a mailbox full of people having problems with Active Directory. It was quite a shock to the system as it's been a long time since I was totally without internet access for more than a day. It looks like a change somewhere in the core has broken AD websites that use full authentication (the authentication line is uncommented in the web.config) but mixed-mode authentication still works (users log into the DNN site using DOMAIN\Username and their AD password or use a link to the windowssignin.ascx) in single portal installs (multiple parent/child portals is another matter). I've been able to recreate it on a test site but then was able to fix it by deleting the AD user from the DNN site and then visiting again. Once the account was recreated everything worked fine. However, this is not an ideal solution (deleting all current users) on a portal that has thousands of users. I've got today and tomorrow to catch up on things here at work and then I'm on holidays and will be able to dedicate my full attention to the problem rather than the 15 minutes here and 30 minutes there that I've been able to the last couple of weeks but wanted everyone to know that we're aware of the problem and are not ignoring it.
I just returned from a three day camping trip with my son's grade six class in the foothills of the Canadian Rockies to a mailbox full of people having problems with Active Directory. It was quite a shock to the system as it's been a long time since I was totally without internet access for more than a day.
It looks like a change somewhere in the core has broken AD websites that use full authentication (the authentication line is uncommented in the web.config) but mixed-mode authentication still works (users log into the DNN site using DOMAIN\Username and their AD password or use a link to the windowssignin.ascx) in single portal installs (multiple parent/child portals is another matter). I've been able to recreate it on a test site but then was able to fix it by deleting the AD user from the DNN site and then visiting again. Once the account was recreated everything worked fine. However, this is not an ideal solution (deleting all current users) on a portal that has thousands of users.
I've got today and tomorrow to catch up on things here at work and then I'm on holidays and will be able to dedicate my full attention to the problem rather than the 15 minutes here and 30 minutes there that I've been able to the last couple of weeks but wanted everyone to know that we're aware of the problem and are not ignoring it.
Re: Active Directory Provider Problems Hi Mike,Thanks for understanding and thanks in advance for help.I have 3500+ users in my OU which haven’t got any authentication problems before upgrade to dnn 4.5.3., so just try to imagine the amount of those users disappointment (and my also).You said that once the account was recreated everything worked fine. I don’t think so… In this case, users CAN login manually, but after random period of time they have ALWAYS logged out from site. See post of ninja.kornjaca on http://www.dotnetnuke.com/Community/Forums/tabid/795/forumid/89/threadid/142968/threadpage/2/scope/posts/Default.aspx - I obtain EXACTLEY the same results in my test environment.Ask if you need some more test results on this issue. Hop we will have solution for this problem as soon as possible.
Re: Active Directory Provider Problems
Hi Mike,Thanks for understanding and thanks in advance for help.I have 3500+ users in my OU which haven’t got any authentication problems before upgrade to dnn 4.5.3., so just try to imagine the amount of those users disappointment (and my also).You said that once the account was recreated everything worked fine. I don’t think so… In this case, users CAN login manually, but after random period of time they have ALWAYS logged out from site. See post of ninja.kornjaca on http://www.dotnetnuke.com/Community/Forums/tabid/795/forumid/89/threadid/142968/threadpage/2/scope/posts/Default.aspx - I obtain EXACTLEY the same results in my test environment.Ask if you need some more test results on this issue. Hop we will have solution for this problem as soon as possible.
Re: Active Directory Provider Problems Hi, Mike, nice to have you back. As htkalcic said, the biggest problem is that users get automatically logged off after random period of time. For example, I logged on yesterday on dotnetnuke.com, but when I browsed to dotnetnuke.com this morning, I had to log in again. :-)
Hi, Mike, nice to have you back. As htkalcic said, the biggest problem is that users get automatically logged off after random period of time. For example, I logged on yesterday on dotnetnuke.com, but when I browsed to dotnetnuke.com this morning, I had to log in again. :-)
Re: Active Directory Provider Problems Users getting logged off after a random period of time has always been there but you never noticed it because the autologon was working. As a temporary work around can you try putting a Text/HTML box on a page with a link to the windowssignin.ascx (http://yoursite/admin/security/windowssignin.ascx) and see if they get logged in when they click it. You might have to comment out the authentication line in your web.config as well.As far as being logged out of this site.... I think the cookie for the site expires after 24 hours.
Users getting logged off after a random period of time has always been there but you never noticed it because the autologon was working. As a temporary work around can you try putting a Text/HTML box on a page with a link to the windowssignin.ascx (http://yoursite/admin/security/windowssignin.ascx) and see if they get logged in when they click it. You might have to comment out the authentication line in your web.config as well.As far as being logged out of this site.... I think the cookie for the site expires after 24 hours.
Re: Active Directory Provider Problems Mike, I can't use that even as a a temporary solution. For example: people spend a couple of minutes filling out a form. But when they click "submit", they get logged out and the loose everything they have filled in. And if I tell them "Oh, that's expected, just click this link when that happens", I'll soon have a riot.
Mike, I can't use that even as a a temporary solution. For example: people spend a couple of minutes filling out a form. But when they click "submit", they get logged out and the loose everything they have filled in. And if I tell them "Oh, that's expected, just click this link when that happens", I'll soon have a riot.
Re: Active Directory Provider Problems Just to mention – ninja.kornjaca, you’re not the only one, the same situation is with me, my DNN Intranet and my users. Mike, any progress on resolving this issue so far???
Just to mention – ninja.kornjaca, you’re not the only one, the same situation is with me, my DNN Intranet and my users. Mike, any progress on resolving this issue so far???
Re: Active Directory Provider Problems I'd like to say that it's resolved but I'm still hunting down where exactly things are going astray. It's not in the actual authentication code. I spent yesterday stepping through the code on two computers (one where AD was working, one where it wasn't) comparing the results for each line. Unfortunately late last night I managed to hose the "not working" install and am currently waiting for the back to copy over. The vitural pc is 40Gigs in size and I've got to use wireless on my laptop at home (out of network ports on my routers).
I'd like to say that it's resolved but I'm still hunting down where exactly things are going astray. It's not in the actual authentication code. I spent yesterday stepping through the code on two computers (one where AD was working, one where it wasn't) comparing the results for each line. Unfortunately late last night I managed to hose the "not working" install and am currently waiting for the back to copy over. The vitural pc is 40Gigs in size and I've got to use wireless on my laptop at home (out of network ports on my routers).
Re: Active Directory Provider Problems Possible reason for the problem found. http://www.dotnetnuke.com/Community/Forums/tabid/795/mid/2108/threadid/145663/scope/posts/Default.aspx#145663
Possible reason for the problem found. http://www.dotnetnuke.com/Community/Forums/tabid/795/mid/2108/threadid/145663/scope/posts/Default.aspx#145663
Re: Active Directory Provider Problems I understand your frustration statcr. I not only face the same things you do I also see the posts on the forum. All I can do is ask for patience. At this time there's not a lot that can be done to the AD code until it's separated from the core into a proper provider. Feel free to email me (mhorton@telus.net) about the problems you're seeing.
I understand your frustration statcr. I not only face the same things you do I also see the posts on the forum. All I can do is ask for patience. At this time there's not a lot that can be done to the AD code until it's separated from the core into a proper provider. Feel free to email me (mhorton@telus.net) about the problems you're seeing.
Re: Active Directory Provider Problems I was able to do the windowsjsignin.aspx work around, but still have major problems with loggin in and out of users, users saving parts of the portal in their favorites but get errors, as well as using the mixed mode authentication having to put in the domain. Also, I'm not getting all my groups loaded from AD. Theres alot of work, I have had a hard time getting other developers in my shop to use dnn becuase of these AD issues.
I was able to do the windowsjsignin.aspx work around, but still have major problems with loggin in and out of users, users saving parts of the portal in their favorites but get errors, as well as using the mixed mode authentication having to put in the domain. Also, I'm not getting all my groups loaded from AD. Theres alot of work, I have had a hard time getting other developers in my shop to use dnn becuase of these AD issues.
Re: Active Directory Provider Problems I'm so glad to hear you're already working on the solution, I really appreciate your efforts and your quick response. I'll be checking here often to see if there are any news or updates. Thanks!
I'm so glad to hear you're already working on the solution, I really appreciate your efforts and your quick response. I'll be checking here often to see if there are any news or updates. Thanks!
Re: Active Directory Provider Problems informa
informa
