Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationAD not synchronizing correctly anymoreAD not synchronizing correctly anymore
Previous
 
Next
New Post
6/23/2009 8:31 AM
 
Jens Lemmer

Joined: 11/9/2008
Posts: 191

Some weeks ago we set up DNN with AD integration for our new Intranet. At first, everything seemed to work fine when we tested with some users: First Name, Last Name, Display Name, E-Mail and Roles were correctly synchronzied. Now, after we went live, when I look at our user table, none of our user are synchronized correctly, but get the following information instead:

  • Username: DOMAIN\user-id (this, of course, is correct)
  • First Name: user-id
  • Last Name: (empty)
  • Display Name: (empty)
  • E-Mail: user-id@our-company.com

As one of our custom modules depends on a correct e-mail address, this issue causes many problems.

Could it be one of the following reasons:

  • Since our first test, we changed our portal alias to http://our-intranet-name/. Could it be that?
  • We did not add our intranet to the trusted intranet zone on every computer, because it seemed to work fine without. I think I can remember that when we tested the first time, things were syncronzied correctly even without having the intranet address added to the trusted zone.

I would be glad if someone can help us, as this is a really big issue for us. Thanks in advance!

//edit: I afterwards checked our AD settings in DNN again. While the settings are still the same, I am now getting the following error message when clicking "Update authentication settings":

Error: is currently unavailable.
DotNetNuke.Services.Exceptions.ModuleLoadException: Object reference not set to an instance of an object. ---> System.NullReferenceException: Object reference not set to an instance of an object. at DotNetNuke.Authentication.ActiveDirectory.ADSI.Utilities.AddADSIPath(String Path, Path ADSIPath) at DotNetNuke.Authentication.ActiveDirectory.ADSI.Utilities.GetRootEntry(Path ADSIPath) at DotNetNuke.Authentication.ActiveDirectory.ADSI.ADSIProvider.GetNetworkStatus() at DotNetNuke.Authentication.ActiveDirectory.AuthenticationController.NetworkStatus() at DotNetNuke.Authentication.ActiveDirectory.Settings.UpdateSettings() --- End of inner exception stack trace ---
 
New Post
6/23/2009 12:09 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

Looks like you need to use impersonation in your web.config. How to use impersonation is covered in the documentation.
 
New Post
6/24/2009 4:48 PM
 
Jens Lemmer

Joined: 11/9/2008
Posts: 191

Thanks for your reply, Mike. I read the AD users guide, where it says the following:

  • Give the user account you use for impersonation the same permissions to your DNN install that the NETWORK SERVICE or ASPNET account has.
  • The user account may also need the same permissions that the NETWORK SERVICE or APSNET account has on the website directory in the Temporary ASP.NET Files (usually found under the <SystemDrive>:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files directory).

Can you explain what user account I have to take? Do you know, why this is now causing a problem but not before? Is the error message and the missing/incorrect synchronization because of this impersonation? I would like to understand the problem better.
 
New Post
6/24/2009 5:36 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

It can be any user account as long as it's a domain account. In my situation we created a general user account that had no special access and used that as the account to do the impersonation.

Why it worked on your test install and not on the production install, I don't have an answer....Sorry. I've run into that same problem as well and have never found a satisfactory answer. But is it the cause of your problem? I believe it is. What I think is happening is that the provider is trying to communicate with the AD but it's passing the credentials as <Local Machine>\Network Service and the AD is rejecting it because it's not a domain account. Impersonation talks to the AD as the account you're using for impersonation.
 
New Post
6/24/2009 5:49 PM
 
Jens Lemmer

Joined: 11/9/2008
Posts: 191

Sorry to ask again, but I do not know much about this topic and I have to brief my colleague who is now working on this issue:

What is a domain account? As I have to tell my colleague to try the impersonation solution, I have to tell him to add a domain account but do not know what to tell him exactly. Do we have to create an additional AD user? Or only a user account on the machine our intranet is running on?

Thanks again!
 
 Page 1 of 2
12Next 
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationAD not synchronizing correctly anymoreAD not synchronizing correctly anymore


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out