All,
I have found a slight bug in the Auto Create Users Logic. There is a modification that also needs done to the SignIn.aspx.vb page under admin\security.
Inside the WindowsAuthorization function,
Change the following:
If (Not objAuthUser Is Nothing) AndAlso (objUser Is Nothing) Then
' Add this user into DNN database for better performance on next logon
Dim createStatus As UserCreateStatus
Dim objAuthUsers As New DotNetNuke.Security.Authentication.UserController
createStatus = objAuthUsers.AddDNNUser(objAuthUser)
_userID = objAuthUser.UserID
' Windows/DNN password validation should be same, check this status here
strMessage = UserController.GetUserCreateStatus(createStatus)
To:
If (Not objAuthUser Is Nothing) AndAlso (objUser Is Nothing) Then
Dim _config As DotNetNuke.Security.Authentication.Configuration = DotNetNuke.Security.Authentication.Configuration.GetConfig()
If _config.AutoCreateUsers Then
' Add this user into DNN database for better performance on next logon
Dim createStatus As UserCreateStatus
Dim objAuthUsers As New DotNetNuke.Security.Authentication.UserController
createStatus = objAuthUsers.AddDNNUser(objAuthUser)
_userID = objAuthUser.UserID
' Windows/DNN password validation should be same, check this status here
strMessage = UserController.GetUserCreateStatus(createStatus)
End If
The BOLD lines are the additions. This will also wrap the Login.aspx page's Login Button functionality. Without this, if you have auto Create Users turned off, they may be redirected to the Login control and if they would click Login, it would still create an empty account for caching purposes. However, this account lacks a few properties, such as Full Name and Email address, so it also causes the User Accounts Control to error out.
Wrapping the inside of the If statement with the check for the auto create users, will not auto create the cached account and return a username/password error like it should.
I have updated the zip file for any new users who implement this.