Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationMixed Mode over SSLMixed Mode over SSL
Previous
 
Next
New Post
1/23/2007 10:07 AM
 
steve conard

Joined: 7/30/2003
Posts: 194

 

I have tried the gamut of combinations but cannot seem to find the key.  I am attempting to use a DNN 3.3.5 portal with mixed mode authentication.  The theory is: Clients on the network will not have to log into child portals.  Clients off network will use username and password as registered to log into child portals over SSL.  Root portal is not used.  Documentation seems to indicate:

1. authentication mode in web.config should be "Forms"
2. httpmodule "authentication" in web.config should be uncommented
3. windowssignin.aspx in auth dir should not allow anonymous access via iis
4. windows authentication settings in child portal should be set as "delegation" authentication type, root domain to tree of users LDAP://OU=users,OU=philadelphia,DC=ad,DC=ringTonep,DC=com, and username and password are not necessary as all network users have read access to AD.

The above settings do not allow network users to open child portals without manual login using AD credentials.  This existing portal has over 100 child portals and thousands of existing users.

Thank you for any assistance
 
New Post
1/23/2007 10:25 AM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

Are the domains part of the trusted zone to the local intranet on each intranet users computer? If they've all got the same root domain (domain.com) but you've got them separated out as their forests (sales.domain.com, support.domain.com, etc) you should just have to have *.domain.com as the trusted zone. This post has a wealth of information.
 
New Post
1/23/2007 11:29 AM
 
steve conard

Joined: 7/30/2003
Posts: 194

The instructions in the link you supply suggest removing from trusted and adding to intranet zone on the local client.  Conversly, your note suggest adding domain to trusted zone of the local client.  I have now tried both without success.  To add to the confusion, the link you supplied has conflicting information to this post http://www.dotnetnuke.com/DotNetNukeProjects/CoreActiveDirectory/tabid/840/EntryID/234/Default.aspx  on the project page as it indicates you do not need a single username and password since all network users have read access to ad.  The following four points seem to be key in getting autologin to function and yet autologin does not function on child portals.

1. authentication mode in web.config should be "Forms"
2. httpmodule "authentication" in web.config should be uncommented
3. windowssignin.aspx in auth dir should not allow anonymous access via iis
4. windows authentication settings in child portal should be set as "delegation" authentication type, root domain to tree of users LDAP://OU=users,OU=philadelphia,DC=ad,DC=ringTonep,DC=com, and username and password are not necessary as all network users have read access to AD.
 
New Post
1/23/2007 12:09 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

Either trusted or intranet zone will work. There's a lot of conflicting information out there I'll agree. The AD project has been leaderless for quite some time and, as such, it's become a situation where it's truly a community effort (everyone trying to help everyone else) and posting what has worked for them. Not having to have a username/password in the authentication tab doesn't make sense to me. Sure all network users have read access to the AD but not anonymous ones (ie: Joe Schmoe who comes in and plugs his personal laptop into the network) and unless you're running DNN under impersonation mode it's essentially accessing the AD as an anonymous user.

All I can say is that the information posted in the link I supplied worked for me and has worked for a lot of other people.
 
 Page 1 of 1
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationMixed Mode over SSLMixed Mode over SSL


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out