Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationInternet/Intranet DNN ConfigurationInternet/Intranet DNN Configuration
Previous
 
Next
New Post
5/9/2007 6:59 PM
 
renor321

Joined: 9/14/2006
Posts: 3

Hi,

I'm attempting to configure DNN for my company to use as a portal, and I'm trying to use AD authentication.  I've followed the steps that KimberlyRox posted, and am able to get users to automatically login to DNN using windows authentication.  The problem I'm having is that this auto authentication only works if the user enters the Netbios name of the server when going to the portal.  That is, I have our DNN server (let's call it DNNBOX) in our DMZ, with an external IP address.  The address for that dnn server is "DNNBOX.myco.mycompany.com".  If the user who is authenticated against myco.mycompany.com types in "DNNBOX" in the address bar, they're automatically logged into our DNN instance.  If the same user tries to type in "DNNBOX.myco.mycompany.com" or "DNNBOX.mycompany.com", they're challenged to enter their Active Directory user credentials.  We want users to be challenged to enter their AD credentials when they log in from outside of our network, but when they're internal, we'd like for them to be able to type in "DNNBOX.mycompany.com" and be passed straight in to DNN.

I have tried adding DNNBOX.mycompany.com to Intranet Sites on the local IE client, and that works for users who are authenticated, but if the user is trying to hit our DNN site from the internet, they get a page cannot be found error.  Once I remove DNNBOX.mycompany.com from the list of Intranet sites, the user gets challenged and everything works fine.

We're trying to avoid any situation where users have to use two separate URLs to access the site (one for the office, one for home and travel).  We would also like to avoid adding "DNNBOX.mycompany.com" to the Intranet or Trusted sites list if possible.  If anyone has any ideas as to what I may be doing wrong, I'd greatly appreciate it. 

Thanks in advance!!
 
New Post
5/10/2007 12:41 AM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

You've run into the wall that everyone has when wanting to use authentication on an intranet/internet website. Unfortunately, at this time, if you want to run in mixed mode you have to comment the authentication line in the web.config and everyone has to log in manually. What some of us have done is created a link that points to the windowssignin.ascx that users can click when they're on the intranet and they'll automatically be logged in (you'll still need to have *.mycompany.com in the Intranet or Trusted sites). If they're external then they can log in as per normal. Check http://www.bus.nait.ca under I:Drive or Computer Problems to see what I mean.
 
New Post
5/10/2007 11:49 AM
 
renor321

Joined: 9/14/2006
Posts: 3

Thanks for the feedback Mike!

Yesterday, when I was playing around with putting dnnbox.mycompany.com in the trusted/intranet sites, whenever I tried to log in from outside of our network, it gave me a page cannot be displayed error.  It didn't give me any Windows challenge, or anything like that.  Is this because I have the authentication line uncommented in the web.config?

Thanks!
 
New Post
5/10/2007 2:02 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

Do you have the permissions set through IIS on windowssignin.aspx as per the thread you used to setup Authentication? If you do then I'm going to guess that because the site is in the trusted/intranet site that when you hit the site it's trying to pass the credentials from the outside computer to the site and failing. But it should then ask for the credentials instead of giving a page not found. I'll have to test it from my home computer to the work website.

That part out of the way, if authentication is uncommented in the web.config, the IIS permission on windowssignin.aspx doesn't allow anonymous, and the site isn't part of the trusted or intranet sites list you should get a Windows popup when you visit the site asking you to enter your credentials.
 
New Post
5/10/2007 2:20 PM
 
renor321

Joined: 9/14/2006
Posts: 3

Hi Mike,

Thanks again for getting back to me.

I did set the permissions on windowssignin.aspx to use Windows authentication, and disabled Anonymous access there.  It's strange that it should fail externally, because I was using the same laptop externally that I was using internally, meaning that my credentials were the same (though of course, being external, I hadn't been authenticated against our DC).

Overall, my setup seems to be what you indicated: Authentication is uncommented in the web.config, windowssignin.aspx is using Windows authentication only, and the site isn't in my trusted/intranet sites anymore.  When I'm internal and use the FQDN, I get challenged.  External and using the FQDN or one of our DNS aliases, I get challenged.  Internal and just using the simple NETBIOS name, I get passed right through.  But, as soon as I add the site to my trusted/intranet, I get passed through perfectly fine internally, and then get the Page Cannot Be Displayed externally (with no AD challenge dialog box).

Thanks again!
 
 Page 1 of 1
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationInternet/Intranet DNN ConfigurationInternet/Intranet DNN Configuration


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out