Hello,
I could find a way to automatically import AD groups into DNN roles: is this possible?
Preamble: I'm developing an Intranet portal, using ADSI authentication; I enabled "synchronize role", and can see users get assigned their AD roles at logon, but this only if I previously created an equivalent DNN role. Since I want to use AD groups (as DNN roles) to configure permissions, and I have many AD groups, I'd like to understand how roles sync works.
Example: the AD domain holds a "Users" group. User "user1" is member of that group. If I create a role named "Users" in DNN, and configure it as public and auto-assignment, users get assigned (if they are member of that group in AD), and I can use that role to assign permissions. If I do not create the role in DNN, I cannot see/use it.
I also tried writing code for that, but with strange result: I can create roles (see code below) and see them in the database, but they're not visible under roles management. But I can see them under users' management, assigned to users - even if then permissions based on one of these are not recognized (access denied).
Can anybody point me to the right direction?
Code snippet:
Dim rc As New DotNetNuke.Security.Roles.RoleController
Dim nr As New DotNetNuke.Security.Roles.RoleInfo
nr.RoleName = "MyRole"
nr.PortalID = 0
nr.Description = "MyRole"
nr.IsPublic = True
nr.AutoAssignment = True
nr.RoleID = -1
nr.RoleGroupID = -1
nr.TrialPeriod = -1
nr.TrialFrequency = "N"
nr.BillingPeriod = -1
iRC = rc.AddRole(nr)
Thanks,
al.