Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationAD Configuration (Provider version 5.0.2)AD Configuration (Provider version 5.0.2)
Previous
 
Next
New Post
2/9/2011 1:41 PM
 
Prakash Vyakaranam

Joined: 1/17/2008
Posts: 6
Hi,

I've a couple of issues/questions:

1. I've upgraded DNN from 4.8.2 to 5.6.1 (following the upgrade path 4.9.5->5.4.5->5.5.1->5.6.1) and installed AD extension 5.0.2. I've setup the configuration for local intranet as documented, including impersonate. We have existing users in the system and I added domain name in front of their user name in both Users and ASPNET users tables. Users can login successfully the first time. But, after they click on the logout button, they are no longer able to login automatically unless they clear the cookies. They have to use Windows Login on the web site and enter their domain id and password. Most of our users are using IE 8. However, when they enter the windowssignin.aspx path in the url, they can login automatically. Is there something wrong with the setup? I've followed the documentation and am using Delegation, setup Auto-login IP addresses (to see if that made a difference). Hide Login Controls is not checked. IIS is configured for Integrated Windows Authentication for WindowsSignin.aspx.

2. We've a SaaS solution hosting a lot of DNN sites. Some folks wanted their site to be integrated with their AD infrastructure. If we setup a VPN IPSec tunnel, we should be able to connect to their AD with the Active Directory provider, right? Are there any particular ports that need to be allowed to make this happen?

Thanks for your help!
Prakash
 
New Post
2/9/2011 3:51 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865
1. This is a side effect of the Windows Authentication. It writes its own cookie that doesn't expire for anywhere from a 1/2 hour to an hour. Back in .NET 1 days you could set the expiry time but this is no longer possible.

2. That one I don't know the answer to as I've never attempted a setup such as this. In my experience the computer hosting the site has to be part of the domain or it won't be allowed to talk to the AD infrastructure (ie. you don't want Joe Blow just connecting to your domain and be able to browse through it do you?).
 
New Post
2/9/2011 6:09 PM
 
Prakash Vyakaranam

Joined: 1/17/2008
Posts: 6
Thanks for the reply. We usually expire the cookie as soon as the user logs in for some of our apps to overcome certain issues like this. Guess that doesn't apply here.

On the second one, typically with SaaS becoming more and more the standard for application hosting, it is not uncommon for users asking for AD integration and not having to remember passwords for applications they use every day. Having said that, yes, there's always that fear of some one trying to login to the domain. What would they do? How can they get in? I know we want to be safe than sorry but, it usually is the customer's call. If they want us to allow querying their AD to authenticate users, perhaps they're not as concerned.

Thanks for clarifying!
 
New Post
2/9/2011 10:39 PM
 
Prakash Vyakaranam

Joined: 1/17/2008
Posts: 6
By the way, can you tell me what cookie is created? I'll try to look around too. I was wondering if auto-login works if I expire the cookie once the user clicks on the logout button. Or, are there any side effects to that?

Thanks,
Prakash
 
New Post
2/10/2011 10:29 AM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865
You could modify the code so that it's reset immediately but then nobody would ever be able to logout period. That would mean that if there's ever a time when you needed to login as someone else (say the DNN Admin or Host account) you wouldn't be able to.
 
 Page 1 of 2
12Next 
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationAD Configuration (Provider version 5.0.2)AD Configuration (Provider version 5.0.2)


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out