Hi everyone, I cant get AD authentication to work and feel Im about to go mad. 

I installed the AD Authentication module, put the settings in, and everything checked out ok (I did everything else as per the setup notes). When going to authenticate it falls flat on its face, error message "Login Failed, remember that Passwords are case sensitive"

Ive tried:
- Turning on impersonation, didnt work
- Turning of DNN authentication and using just Windows AD, didnt work. This also included folder/file permissions
- Password length is set to 6 in web.config, just incase it was an issue but most passwords are 7 characters in length
- Going to the WindowsSignin.aspx page directly on the server (generates an error which is below) and a client pc, no joy.

Information
----------------------------
- DotNetNuke 04.08.04
- ActiveDirectory 01.00.03
- Windows 2003 R2 Domain Controllers
- Internet Explorer 7

- We have a master domain root.local and a sub forest call venus.local.  When setting up the AD Root Domain field info I entered DC=venus,DC=local as the domain to go to, this is where all our users are setup. Does it matter that our usernames are stored in different sub OU's, eg. Marketing, Sales?

- If I try to logon actually on the server I get:

Server Error in '/' Application.
--------------------------------------------------------------------------------

Object reference not set to an instance of an object.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.

Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. 

Stack Trace: [NullReferenceException: Object reference not set to an instance of an object.]
   DotNetNuke.Authentication.ActiveDirectory.ADSI.ADSIProvider.GetUser(String LoggedOnUserName) +69
   DotNetNuke.Authentication.ActiveDirectory.AuthenticationController.AuthenticationLogon() +254
   DotNetNuke.Authentication.ActiveDirectory.WindowsSignin.Page_Init(Object sender, EventArgs e) +103
   System.Web.UI.Control.OnInit(EventArgs e) +99
   System.Web.UI.Page.OnInit(EventArgs e) +9
   System.Web.UI.Control.InitRecursive(Control namingContainer) +321
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +834

 
- In the event log on the DNN server the following entry is logged:

Event Type: Warning
Event Source: ASP.NET 2.0.50727.0
Event Category: Web Event
Event ID: 1309
Date:  14/07/2008
Time:  14:56:39
User:  N/A
Computer: WEBINT1-VEHO
Description:
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 7/14/2008 2:56:39 PM
Event time (UTC): 7/14/2008 1:56:39 PM
Event ID: b714359719ed4548bcbc3900438bf6a3
Event sequence: 32
Event occurrence: 2
Event detail code: 0
 
Application information:
    Application domain: /LM/W3SVC/700492692/Root-1-128605167054332826
    Trust level: Full
    Application Virtual Path: /
    Application Path: D:\Inetpub\wwwroot\intranet\
    Machine name: WEBINT1-VEHO
 
Process information:
    Process ID: 2344
    Process name: w3wp.exe
    Account name: NT AUTHORITY\NETWORK SERVICE
 
Exception information:
    Exception type: NullReferenceException
    Exception message: Object reference not set to an instance of an object.
 
Request information:
    Request URL: http://192.168.50.254/desktopmodules/authenticationservices/activedirectory/windowssignin.aspx
    Request path: /desktopmodules/authenticationservices/activedirectory/windowssignin.aspx
    User host address: 192.168.50.254
    User: 
    Is authenticated: False
    Authentication Type: 
    Thread account name: NT AUTHORITY\NETWORK SERVICE
 
Thread information:
    Thread ID: 1
    Thread account name: NT AUTHORITY\NETWORK SERVICE
    Is impersonating: False
    Stack trace:    at DotNetNuke.Authentication.ActiveDirectory.ADSI.ADSIProvider.GetUser(String LoggedOnUserName)
   at DotNetNuke.Authentication.ActiveDirectory.AuthenticationController.AuthenticationLogon()
   at DotNetNuke.Authentication.ActiveDirectory.WindowsSignin.Page_Init(Object sender, EventArgs e)
   at System.Web.UI.Control.OnInit(EventArgs e)
   at System.Web.UI.Page.OnInit(EventArgs e)
   at System.Web.UI.Control.InitRecursive(Control namingContainer)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
 
 
Custom event details:

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

I tried that before but it didnt work. However Ive created a new AD user called ldap, gave it permissions to the ldap directory to read info. I then updated the web.config to use impersontation as you said.

Two strange things, if I go to to http://intranet/DesktopModules/AuthenticationServices/ActiveDirectory/WindowsSignin.asp it appears to login (it does show who you are logged in as though? Not sure if that is a feature or not)... however when I go to the authentication module plugin where the settings are and update to use the new user I get the below.... Im not sure if it is working or not now ??

Accessing Global Catalog:
FAIL
Checking Root Domain:
FAIL
Accessing LDAP:
FAIL
Find all domains in network:
Could not access LDAP to obtain domains info
A more secure authentication method is required for this server.

Thank you

The provider isn't able to pull the user information from the Active Directory so there's a log jam somewhere between the server and the domain controller. You could try a program called LDAPBrowser (http://www.ldapbrowser.com) to test with. I use it when I'm coding to verify that I'm pulling the right information in (and to see what information I should be able to pull in). It might help point us in the right direction.