Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationrole sync problem with DNN 4.8 and AD 1.00.02 b2role sync problem with DNN 4.8 and AD 1.00.02 b2
Previous
 
Next
New Post
1/21/2008 2:27 PM
 
David Rosen

Joined: 6/23/2006
Posts: 4

I am a bit of a noob when it comes to .NET and active directory. I am trying to set up DNN for an intranet site. I have followed the instructions to use the AD provider and set up my domain within the portal settings authentication. When I try to login using AD it creates the user account, but it does not seem to be syncing the roles with AD. I tried a previous solution with changing the web.config to uncomment the impersonate code with no luck. Here is the event viewer before my AD login:

  1/21/2008 1:32:28 PM   Login Success   SERVICE\davros   WAIntranet   IP: 192.168.153.71; WindowsAuthentication: True;  ...
  1/21/2008 1:32:28 PM   General Exception       AssemblyVersion: 04.08.00; PortalID: 0; PortalNa ...
AssemblyVersion: 04.08.00
PortalID: 0
PortalName: WAIntranet
UserID: -1
UserName:
ActiveTabID: 36
ActiveTabName: Home
RawURL: /WAIntranet/DesktopModules/AuthenticationServices/ActiveDirectory/WindowsSignin.aspx?tabid=36
AbsoluteURL: /WAIntranet/DesktopModules/AuthenticationServices/ActiveDirectory/WindowsSignin.aspx
AbsoluteURLReferrer:
UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
DefaultDataProvider: DotNetNuke.Data.SqlDataProvider, DotNetNuke.SqlDataProvider
ExceptionGUID: e1542b49-f41a-4f8e-8df2-c25b717523cb
InnerException: The value for the property AttributeScopeQuery cannot be set.
FileName:
FileLineNumber: 0
FileColumnNumber: 0
Method: System.DirectoryServices.DirectorySearcher.DoSetSearchPrefs
StackTrace:
Message: System.InvalidOperationException: The value for the property AttributeScopeQuery cannot be set. at System.DirectoryServices.DirectorySearcher.DoSetSearchPrefs(IDirectorySearch adsSearch, AdsSearchPreferenceInfo[] prefs) at System.DirectoryServices.DirectorySearcher.SetSearchPreferences(IDirectorySearch adsSearch, Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindAll() at DotNetNuke.Authentication.ActiveDirectory.ADSI.Utilities.SearchNestedGroups(DirectoryEntry group, String DistinguishedName) at DotNetNuke.Authentication.ActiveDirectory.ADSI.ADSIProvider.IsAuthenticationMember(GroupInfo AuthenticationGroup, UserInfo AuthenticationUser) at DotNetNuke.Authentication.ActiveDirectory.UserController.AddUserRoles(Int32 PortalID, UserInfo AuthenticationUser)
Source:
Server Name: DEVELOPMENT-VM3
  1/21/2008 1:32:26 PM   General Exception       AssemblyVersion: 04.08.00; PortalID: 0; PortalNa ...
AssemblyVersion: 04.08.00
PortalID: 0
PortalName: WAIntranet
UserID: -1
UserName:
ActiveTabID: 36
ActiveTabName: Home
RawURL: /waintranet/default.aspx
AbsoluteURL: /waintranet/default.aspx
AbsoluteURLReferrer:
UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
DefaultDataProvider: DotNetNuke.Data.SqlDataProvider, DotNetNuke.SqlDataProvider
ExceptionGUID: d1677c36-e463-47f4-aeac-ac9ab22f5129
InnerException: Error processing AD login
FileName:
FileLineNumber: 0
FileColumnNumber: 0
Method: System.Threading.Thread.AbortInternal
StackTrace:
Message: System.Exception: Error processing AD login ---> System.Threading.ThreadAbortException: Thread was being aborted. at System.Threading.Thread.AbortInternal() at System.Threading.Thread.Abort(Object stateInfo) at System.Web.HttpResponse.End() at System.Web.HttpResponse.Redirect(String url, Boolean endResponse) at System.Web.HttpResponse.Redirect(String url) at DotNetNuke.Authentication.ActiveDirectory.HttpModules.AuthenticationModule.OnAuthenticateRequest(Object s, EventArgs e) --- End of inner exception stack trace ---
Source:
Server Name: DEVELOPMENT-VM3

I guess if I have to I can manually administer the roles, but I'd like them to sync.

 
 
New Post
1/21/2008 3:53 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

I haven't had any problems with synching except when I haven't named the DNN security groups the same as the Pre-Windows 2000 group name. Perhaps this is where it's breaking for you? IE: We've got a group in the AD called Business Staff but its old NT4 domain name was simply BUSSTAFF. If I don't use BUSSTAFF as the DNN Security Group name nothing syncs. The only other thing you could do is to debug the code and set a breakpoint in SearchNestedGroups in the Utilities.vb file and see what it's passing for a group name (the rest before that are part of .NET and can't be stepped through).
 
New Post
1/21/2008 4:40 PM
 
David Rosen

Joined: 6/23/2006
Posts: 4

Checked the group names (pre 2000) on my AD server and they match with my security roles in DNN. Where is this Utilities.vb file? Do I need to get the source ver of either DNN or your AD provider? Thanks for your help.
 
New Post
1/21/2008 4:49 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

You need the source version of the AD Provider at minimum. You can find it under the project downloads.

EDIT: It's part of the AD provider source code.
 
New Post
4/15/2008 10:06 PM
 
Tom McMurtry

Joined: 11/14/2003
Posts: 55

David,

Did you ever resolve this?
 
 Page 1 of 1
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationrole sync problem with DNN 4.8 and AD 1.00.02 b2role sync problem with DNN 4.8 and AD 1.00.02 b2


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out