Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationActive Directory 01.00.04.21909 Beta Active Directory 01.00.04.21909 Beta
Previous
 
Next
New Post
6/22/2008 6:39 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

I've posted a beta of the 01.00.04.21909 release of the provider here.

RELEASE NOTES:

This is the third release of the Active Directory Authentication Provider since being separated from the DNN Core code.

The provider requires Full Trust in order to operate.

If you currently have a 01.00.04 beta version installed you'll have to either uninstall it and install this version or after you install this version you'll have to manually copy the .dll into your bin\Providers folder (the package installer doesn't copy the .dll if the version is the same in the .dnn file).

Changes/Fixes for this release:
Same as in this post (http://www.dotnetnuke.com/Community/Forums/tabid/795/forumid/89/threadid/235377/scope/posts/Default.aspx
Plus:
ACD-6960 - Auth Providers: Active Directory 01.00.02 Boggs Down Server in DNN 4.8

I've locked the other beta post so if you had a question that was in there that I haven't answered ping me in this thread.
 
New Post
6/23/2008 8:05 AM
 
Intranet Guy

Joined: 4/27/2007
Posts: 95

So far so good!  I'm able to sync roles again.  I've tested the logging in of a new user and it didn't throw any errors.  I also tested the logging in of an existing user, no errors.  Nice job!   This should prove to be a life saver...I'll try it in production next.

CISSP
 
New Post
6/23/2008 12:34 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

Wait, you can sync roles now when it wasn't working in an earlier beta? Even though the changes to this beta were related directly to the synchronization code it was just a fine tuning of the code. In the previous versions the code attempted to remove the user from every DNN/AD related role (whether the user belonged to it or not) and then re-add them to the roles they belonged to. If there were a lot of DNN/AD related roles this caused a lot of unnecessary calls to the database and slowed things down immensely. With this version it only deletes the user from DNN Roles when the user no longer belongs to the AD Group and only adds a user to a DNN Role when he doesn't already belong to it but has been added to the group in the AD.
 
New Post
6/24/2008 12:30 PM
 
Intranet Guy

Joined: 4/27/2007
Posts: 95

I see this as a problem right now.  It seems to be doing exactly what you stated here.  Users are being added to roles that they are in in AD, but being taken out of DNN roles that do not exist in AD.  This is not good behavior.  I have several DNN roles that I want to keep unrelated to AD roles.  Why can't it only sync AD roles and leave the DNN roles untouched?  That was the behavior previously, no?  I love the AD sync roles, that has got to stay working...but if I have a user that has access to active directory, and can put themselves into a role in AD, login to the portal, have access to areas in there that they are not supposed to have, logout and then remove their role in AD, how would we know?  We've got to keep the DNN roles and AD roles separate! ! !

CISSP
 
New Post
6/24/2008 1:33 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

It should't be affecting DNN Only Roles and I just did a quick test on my dev portal and the user wasn't removed from the DNN only role but I'll double check the code when I get back from my meeting.

I'll cover the rest of your comments when I get back as well.

EDIT: I stand corrected on the DNN Only roles and I'll get that fixed up ASAP. I tested against a role that I thought wasn't part of my AD but I guess it was.

Also, there's nothing I can do if a user has the ability to add themselves to an AD group, hits the site, see information they shouldn't, and then removes themselves from the group. Only people with proper permissions can change group memberships and one hopes that those who've been given such permissions are trustworthy.
 
 Page 1 of 6
123...6Next 
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationActive Directory 01.00.04.21909 Beta Active Directory 01.00.04.21909 Beta


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out