 |
|
Blog
|
|
|
|
|
|
Jul8Written by:slhilbert
7/8/2009 10:25 AM  Active Directory Integration has changed a bit since DNN 4. This guide is intended to help you setup Active Directory on your Dotnetnuke 5.x website. If you are running Dotnetnuke 4.x please see this post.
If you are running Dotnetnuke 3.x please see this post. Let’s get started with installing the Dotnetnuke Active Directory provider for Dotnetnuke 5.x- If you haven’t installed the Active Directory Provider yet, you need to first visit the download page located here.
- Once you have downloaded the files you need to login to your Dotnetnuke website with an account that has “Host” level access.
- Under the Host menu click on “Extensions”.
 - On the Host Extensions page go to the module settings menu and select, “Install Extension Wizard”.
 - Use the browse button to locate the Active Directory Provider install file. Select it and press “Next”.
- The next screen is a list of information regarding the Active Directory Provider. Press “Next”.
- The next screen contains release notes, if any exist. Press “Next”.
- The next screen is the license agreement, tick the “Accept License” box and then press “Next”.
 - At this point you should see information regarding the installation of the provider. Anything that has red text is bad and you should either try to reinstall the package or search on the error using, http://www.searchdotnetnuke.com. Click “Return”.
Setting up a portal to use Active Directory IntegrationEach portal has to have Active Directory setup and configured on it. If you create a new portal you will need to configure that portal to use Active Directory. This may seem like a pain but it makes sense in that each portal could be connected to a completely different Active Directory domain. - To start you must be logged in as a user that has at least “Administrator” level access on the portal.
- Go to the “Admin” menu and select “Extensions”.
- On the Admin Extensions page, click on the Blue Pencil next to “Dotnetnuke Active Directory Authentication Project”.
 - We are now at the configuration screen. If you are unsure what an item does click on the blue circle with a white question mark inside to see a description. Also you can consult the documentation which does a great job of describing how to use and setup the Dotnetnuke Active Directory Provider. Once you are done click “Update Authentication Settings”. TIP: Never hide the login controls unless you are 100% sure everything is working.
I hope this helps, leave your questions and comments in the comment field below and I will try to help as best as I can.
Tags:15 comment(s) so far...
Re: Using Active Directory in Dotnetnuke 5.x I did it exact the way you describe here and add this line to web.config:
butr got this error when hit Update Auth Settings:
Accessing Global Catalog:
FAIL
Checking Root Domain:
FAIL
Accessing LDAP:
FAIL
Find all domains in network:
Could not access LDAP to obtain domains info
Logon failure: unknown user name or bad password.
Any idea what is wrong?
Thanks,
Vlado
By Vlado on
7/8/2009 1:00 PM
|
Re: Using Active Directory in Dotnetnuke 5.x You can try several things. Try changing the authentication type. Also try setting up your domain root domain.
By Stuart on
7/8/2009 1:28 PM
|
Re: Using Active Directory in Dotnetnuke 5.x I am using DNN 5.1.4 with AD 5.0.0.2, Windows XP SP2, IIS 5.1
I set AD Provider in DNN:
- delegation
- root domain: dc=ABCD,dc=local
-username: ABCD\doru
-password,....
-default domain: ABCD
-autologin: 192.168.0.36-192.168.0.100
In web.config I have
I gave the same permission to user "doru" that ASPNET accounts has.
I have the following errors:
Accessing Global Catalog: FAIL
Checking Root Domain: FAIL
Accessing LDAP: FAIL
Find all domains in network: Could not access LDAP to obtain domains info
Logon failure: unknown user name or bad password.
I already checked the domain values using EasyAD module and the domain values are good.
Could you tell me where is the problem?
Thanks,
Doru
By Doru Pirvu on
11/11/2009 11:11 AM
|
Re: Using Active Directory in Dotnetnuke 5.x Web.config settings
identity impersonate="true" userName="RONET1\doru" password="..."
AND
add name="Authentication" type="DotNetNuke.Authentication.ActiveDirectory.HttpModules.AuthenticationModule, DotNetNuke.Authentication.ActiveDirectory"
By Doru Pirvu on
11/11/2009 11:13 AM
|
Re: Using Active Directory in Dotnetnuke 5.x Well, there are several things you can try.
You may not need to specify the domain at all. I usually do not, unless you are in a location with multiple domains or you need to specify an OU within a domain.
Also are you sure that your AD user credentials are correct? Can the use login to the domain specified?
You could try different authentication types.
Finally, I wouldn't use Impersonate in the web.config unless you need to.
My suggestion is fill out your information as I have shown above in my example. If it doesn't work starting changing authentication type. If doesn't work then start looking at your domain user. Try another user.
Then start looking at specifying a domain.
Then start using impersonate.
Hope that helps.
By slhilbert on
11/11/2009 11:31 AM
|
Re: Using Active Directory in Dotnetnuke 5.x Excellent!!!
It is working now!!!
You are the best :)
I have a new question about AD provider.
Is the scenario working when the DNN website is on the server and the AD users are on the other server?
These two servers are in different networks. These two servers communicate with each other only because of the internet connections. There is no other relation between these two servers. This means that the DNN website is outside the farm where AD is located.
I am looking forward to the answer!
Thank you very much,
Doru
By Doru Pirvu on
11/12/2009 9:48 AM
|
Re: Using Active Directory in Dotnetnuke 5.x Doru,
I think you have a few options. Though, none I have tested, so I am just throwing some ideas at there, I am not sure they will work.
1.) If you could setup a trust between the two servers then it should work. Though if it is truly across the Internet I am not sure if that will work.
2.) You could setup an ADAM server and then point the AD Provider to the Adam server, that should allow you to get to the users on the other domian.
I hope that helps.
By slhilbert on
11/12/2009 10:05 AM
|
Re: Using Active Directory in Dotnetnuke 5.x Thank you for your quickly reply and for your suggestions!
Best Regards,
Doru
By Doru Pirvu on
11/12/2009 10:51 AM
|
Re: Using Active Directory in Dotnetnuke 5.x Hello
I am using DNN 5.1.4 with AD 5.0.0.2.
I have no text in the login controls, only 2 grey squares (DNN login or AD login) . I can click and log in, everything is OK.
Any idea?
Thanx
By Olivier on
11/24/2009 5:27 AM
|
Re: Using Active Directory in Dotnetnuke 5.x Oliver,
So you are saying you see just two grey squares where you should be seeing something like DNN and Windows so you can switch between the two logins. I have seen this as well, but only on my development machine. Once I move to production it hasn't been an issue. Not sure what to tell you. Try doing a search over at www.searchdotnetnuke.com.
Stuart
By Stuart on
11/24/2009 9:17 AM
|
Re: Using Active Directory in Dotnetnuke 5.x i have a similar problem. I have DNN 5.1.4 with AD Provider 5.0.2. In AD Provider i got the settings:
Enabled true
Hide login controls true
sync roles false
do not auto create users false
Auth type: Secure
Domain root: DC=one, DC=local
user: ONE\user
in web.config i uncommented:
But when i get the error:
Accessing Global Catalog:
OK
Checking Root Domain:
FAIL
Accessing LDAP:
OK
Find all domains in network:
ONE.local
And for external users i still get the windows auth box and that is not OK. And internal users get loged in without any user/pass pop-up request. But when i try to log in typing DOMAIN\user and pass (internal or external) in the normal DNN module it doesn't work.
I want to make it so it doesn't pop-up the windows auth box an external and the login must be done in normal way (DNN module) without the user choosing between standard or windows (default i what AD login).
By Vlad on
3/22/2010 8:55 AM
|
Re: Using Active Directory in Dotnetnuke 5.x @Vlad.
First recomment the lines in the web.config. I never uncomment the web.config string.
Secondly, do not check, "Hide Login Controls". If you check, "Hide Login Controls" you will never see the Active Directory Login screen. You will know that you are seeing the Active Directory login screen because the Login and Password text will be centered over the top of the login and password text box.
Thirdly, you need to figure out the configuration that "Checking Root Domain" gets an "OK". That might mean you need to enable impersonation it might mean that you need to chnage something else. Try changing the dropdown box for the different types of authentication.
Finally, the way that you can make it so that only people login to Active Directory is to go to extensions under Admin and disabled the DNN Login. Do not do this until you are sure that Active Directory Authentication is working.
Hope that helps,
Stuart
By slhilbert on
3/22/2010 9:02 AM
|
Re: Using Active Directory in Dotnetnuke 5.x I've recommended the line:
But no luck.
The only setting that gives me 2 OK and Checking Root Domain FAIL is 'Secure' the rest of them are NotOK an all 3 checks.
So i think my problem come from the Root Domain.
By Vlad on
3/22/2010 10:20 AM
|
Re: Using Active Directory in Dotnetnuke 5.x Is there any detail log that AD provider keeps ? So i can see what exactly happens when checking Root Domain?
By Vlad on
3/22/2010 10:30 AM
|
Re: Using Active Directory in Dotnetnuke 5.x Not that I am aware of.
By Stuart on
3/22/2010 10:31 AM
|
|
|
|
 |
|
|
Search Blog
|
|
|
|
| |
|
|
Blog Archive
|
|
|
|
| |
|