Currently running: DNN 6.01.05, DNN_ActiveDirectory 5.0.4, Server 2008, IIS 7.5, Classic pipeline, App Pool uses Network Service and all permissions set for that user.

We moved our DNN install (then v5) to Server 2008/IIS7.5.  Found out that new users added to Active Directory weren't being added to DNN causing them to get in a redirect loop.  If you added them manually to DNN everything was fine.

I upgraded DNN thinking this might be a solution, but I'm still having the issue where a new user cannot login causing a 302 redirect loop. This has been well covered but no solution has worked for me.  I've read the documentation so many times I have it memorized.

I want the website to prompt for a username/pass through IIS where they enter their domain credentials and the user automatically gets added to DNN and they are logged in.  This worked before on Server 2003 and DNN 5.

I currently have IIS set up to do Windows Authentication on the entire site.  Impersonation is on using a domain admin account, but it seems to not matter if this is on or off.  No forms auth is set anywhere.  I don't want it to go to WindowsSignIn.aspx as I don't want the user to have to enter credentials  
twice.

Any setting I change doesn't matter, it's almost like DNN it isn't even using the AD authentication.  IIS will prompt and you enter your credentials then if you aren't in the DNN table (and new users aren't) then it just throws them in a redirect loop to default.aspx.  I'm sure it's just some IIS7 or Server 2008 permissions or configuration that's messed up, but so far none of the solutions in the forum or documentation have worked.

Any help is appreciated, I've been working on this issue since January and manually adding every user that comes to our organization so they can access the intranet.

Thanks,

Erika

Thanks for your response Mike.

It is a company policy that we use IIS authentication on this server since it is publicly accessible so the site has always been set up that way.  It has been working for 3 years now and just stopped when we moved to server 2008/IIS7.

I guess I'll have to see if we can get around our security protocols and set it up per the documentation. I just thought there might be a permissions thing to make this work with 2008/IIS7 like it did with 2003/IIS6.

Thanks,

Erika

Thanks for your help Mike, I ended up installing from scratch on a test server and got it working.

Apparently I can't read and was confusing Anonymous Authentication with ASP.NET Impersonation.  Once I Enabled Anonymous Authentication on the site and removed the location piece from web.config 

<location path="DesktopModules/AuthenticationServices/ActiveDirectory/WindowsSignin.aspx">

    <!-- Disable Forms Authentication -->
    <formsAuthenticationWrapper enabled="false" />
    <system.webServer>
      <security>
        <!-- Enable IIS Windows authentication for the login page -->
        <authentication>
          <windowsAuthentication enabled="true" />
          <anonymousAuthentication enabled="false" />
        </authentication>
      </security>
    </system.webServer>
  </location>

it's all working as expected.

Erika