I have been watching the development of AD Authentication over the past couple of years. And, while the integration with the DNN core was quite valuable, and solved many problems for intranet environments, I think it is time to ask the core to make some more improvements in this area. So, I've created a new Feature Request in http://support.dotnetnuke.com asking for some capabilities to be added, and/or improved upon. Please comment on the request at:
http://support.dotnetnuke.com/issue/ViewIssue.aspx?id=5585
Here is the body of the request (if anyone knows of a similar request already in queue, please let me know):
=====================================================================
The Active Directory Authentication core module is a very valuable part of DotNetNuke, especially for those who are implementing in an intranet environment. However, the fact that the username is ALWAYS supplied as DOMAIN\USERNAME causes some problems in many environments. Many AD environments have but only one domain, and most users in those environments do not actually know (or care) what the domain name is. This makes forms login a pain to demonstrate to users.
I would like to see a new feature in Authentication which allows administrators to optionally specify a "default login domain". This option would then allow users to use forms athentication and supply only their Username instead of Domain\Username in the username text field of the login module.
To extend even further, it would be nice if the Authentication and Login modules could be updated so that Administrators can specify a list of Domains that can be logged into. This way, if an environment does indeed have multiple domains, the user could have a drop-down combo which lets them specify which domain they want to login to. This combo could/should also have an option for "(LOCAL)" which allows users such as "Host", "Admin", or any other 'locally' created user to login without domain contact.
Account Login module could look something like this:
LOGIN:
Username ________
Password ________
Domain: <dropdown> with list of domains. (only shows if configured todo so)
I do have some code where I have implemented this in DNN 3.x, but there have been numerous changes in the users/roles in DNN 4.5 which I have not had time to port over yet. If you would like to start with this code, I would be willing to hand it over. It also includes code to properly synchronize roles when the user logs in, and doesn't store AD passwords in the DNN database. Those parts of the code were taken from various threads in the DNN forums over the past year or so. (but, again, this is code implemented in DNN 3.x and would need to be ported to DNN 4.x).
=====================================================================