Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationPassword and other info is not synchronized to ADPassword and other info is not synchronized to AD
Previous
 
Next
New Post
2/23/2009 9:04 AM
 
benediktas

Joined: 10/9/2007
Posts: 5

Hello DNN developers and users,

I have been searching through the forums, but could not find exact problem and solution for it. But first things first, i.e. my configuration:

DNN 4.08.00

AD provider 1.00.04 (1.0.4.62303 as identified by the dll file version)

I do not use impersonation.

Windows 2003 standard with AD

IIS 6.0

Everything on one server. From security point of view its bad, but let us leave this issue aside.

I have installed AD provider and using it. Everything works except the account info/password synchronization between DNN site and AD. This is what I observe:

1. Loging through "Windows login" tab for the first time with AD account is successfull.

2. Account is created in DNN database. Roles are synchronized.

3. If I try to change the password, DNN reports it has successfully been changed.

     a) However if I login with AD account with new password from "Windows login" tab it gives me standard error - passoword or username bad...

     b) If I login with initial AD password through "Windows login" tab - login is successfull.

     c) If I login with AD credentials, but from "Standard" tab with new password, login is successfull.

4. If I change account properties in DNN any changes are reflected in AD.

Thus I am making an assumption the synchronization is not working on my setup.

Any ideas?

Thanks

Benediktas L.
 
New Post
2/23/2009 10:25 AM
Accepted Answer 
Mike Horton


Joined: 7/16/2003
Posts: 4865

Synchronization is working. The AD provider is a one way provider. It only reads from the AD but doesn't write to it. With the 01.00.05 release the password code has been changed so that it's stored in the DNN database as a random password all the time instead of just on automatic login. 
 
New Post
2/23/2009 10:58 AM
 
benediktas

Joined: 10/9/2007
Posts: 5

hmm, so it seams I missunderstood the AD provider functions/scope however i think I saw in other threads people reporting, that they have synchronized account details to AD... in my case two way would be preferable If it is not in the current code/versions is this planned for the future?

anyway what to do if users doesn't have dirrect access to AD itself, but I want them to be able to change their AD password and to use it for login, is there any workaround in DNN, or maybe in the future releases it is planned as a feature?

Also there is a possibility to hide "Windows logon" tab, will that help in my situation? i.e. either user logs-on for the first time or not, he can login and change his password, and they shouldn't be aware to use Windows or stadard login tabs?... not sure if I made myself clear

I didn't quite understood, what do you mean by "it's stored in the DNN database as a random password all the time instead of just on automatic login". You mean, when using automatic login the random password is stored in DNN, while using usuall AD (user/pass) login it is stored as is in DNN (in version 1.00.04)? what other features/corrections will be made for 1.00.05 release? when it is planned to be released? as I understand 1.00.xx releases are mostly for DNN 4.x, while in DNN 5.x it is already being rewriten?

Thanks
 
New Post
2/23/2009 12:33 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

Most of the synchronization your hear about in the forum is to do with Roles but even then it's still only one way. Whether it'll be added in the future is undecided at this point.

When you hide the Windows Logon tab all it does is allow users to login as a DNN user. That's not going to work with the AD unless they've already had an account created in DNN.

Here's how automatic logins work... When a user is automatically logged into DNN through the AD provider there's no way of getting the password of the user but you can pull the username that the user is logged onto the computer with. The AD is checked to make sure that the computer logged in user is a valid user and if so logs them into the DNN portal. If it was the first time a user had logged in then a random password was used when the account was created.

In the .04 version and below: When a user manually logged in their DNN account was updated with their AD password if it was different. With .05 the user's password is only used to validate against the AD and not written to the DNN database.

Other changes that are happenind in the .05 release can be found here: http://support.dotnetnuke.com/project/RoadMap.aspx?PROJID=28

As far as DNN 5 is concerned, the provider for DNN 5 is the same as the 01.00.05 version. There will be a parallel versioning of the provider (any bug fixes or enhancements will happen in both streams) for DNN 4 and DNN 5 until such time that it's deemed unnecessary.
 
New Post
2/24/2009 2:57 AM
 
benediktas

Joined: 10/9/2007
Posts: 5

Thank you Mike for clarifying these things to me.
 
 Page 1 of 1
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationPassword and other info is not synchronized to ADPassword and other info is not synchronized to AD


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out