Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...How to transfer Child portal to a different environmentHow to transfer Child portal to a different environment
Previous
 
Next
New Post
3/11/2008 12:36 PM
 
JHB

Joined: 12/12/2006
Posts: 33

We are a non-profit and a major project of ours has now been spun off as its own non-profit corporation. We need to take the project's child portal and transfer it to another environment, a new DNN site, as a parent portal.

How do we ensure that authentication works for them but that they don't have access to the mother ship, so to speak?

We use Evotiva backup script which should make it very easy to create a "copy" in a dev environment and do the changes necessary to make the child a parent (That part is not that complicated as far as I can see.)

My question is how to ensure the authentication works for them after the transfer but that they can't get admin access to the original parent portal. My understanding is that if we don't hand over our machine validation and decriptions keys, they  won't be able to log on. And if we give them our keys, then what risks would we run? These are currently two, compatible, sister organizations, but we have no way of predicting what paths they will follow in the future.

Is it possible to split off a child in such a way that the passwords still function without creating a security risk for the original parent?

 

 
 
New Post
3/11/2008 2:22 PM
 
Ian Robinson


enlivenhq.com
Joined: 1/6/2006
Posts: 921

JHB,

To address the first part (I agree - not so complicated):

As I see it you would want to make complete backup of your database and file system, set up the site as normal, and go about deleting the unwanted portal. Then you can configure your web site in IIS (or whatever other tool you are using) and also the portal alias so that your former child portal will load when navigating to said url (e.g. www.mydomain.com). Done --

The bit about authentication is a little tricky in that if you want to keep existing users, you will need to use the same machine key. You may however look into something like the Bulk User Management module to export the users and re-import them after you have set a new machine key. Beware though, this will export your users into plain text (I believe).

Take care,

Ian

Software Engineer
Co-Founder, dnnGallery
Stack Overflow: Ian Robinson
Twitter: @irobinson
Linked In: Ian Robinson
 
New Post
3/22/2008 11:43 AM
 
JHB

Joined: 12/12/2006
Posts: 33

Thanks.

I guess my question about the machine key boils down to this: Is there a security risk if some other ISP has a site that happens to use the same machine key as yours? Given that the critical passwords would be changed, would this really be much of a problem?

Upon reflection, the identity of the "machine" seems to matter much more within an environment of several "machines,"   more than it would matter from one organization to another. Is that right, or would that really make us more vulnerable?
 
New Post
3/24/2008 11:06 AM
 
Ian Robinson


enlivenhq.com
Joined: 1/6/2006
Posts: 921

JHB,

I suppose it could be considered a security risk to some extent...but here are a couple thoughts

1) they'd have to know they have the same machine key
2) they'd also have to steal your usernames and passwords (unencrypted) and then use the machine key in question to decrypt the passwords so that they could compromise your site.

Take care,

Ian

Software Engineer
Co-Founder, dnnGallery
Stack Overflow: Ian Robinson
Twitter: @irobinson
Linked In: Ian Robinson
 
New Post
3/30/2008 1:16 PM
 
JHB

Joined: 12/12/2006
Posts: 33

After seeing the security notes about 4.8.2, I am inclined to pay attention to this. Here's what I did to accomplish it:

1) Create a new DNN Install. Make sure the new host account has a userid distinct from any userid in the old site.

2) Save a backup of the db

3) "Restore" the transferred data using Evotiva BackupScript (or copy the db)

4) Insert the host rows, using the data from the saved db, in the Users, aspnet_membership, aspnet_users tables using the newly created application id (one row per table)

5) Use the NEW machine key.

Now, the only password that works is the new host ID. Tools like DNN Masters Membership Management can be used to reset all the passwords and send out notices with new passwords. A message can be put on the login page as well that informs the user the passwords have changed and to click "password reminder" etc etc. The marketing department can give the users a reason to visit and change ther password, etc.
 
 Page 1 of 2
12Next 
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...How to transfer Child portal to a different environmentHow to transfer Child portal to a different environment


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out