Products

Solutions

Resources

Partners

Community

Blog

About

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen

HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationActive Directory 01.00.04 Beta Active Directory 01.00.04 Beta
Previous
 
Next
New Post
5/1/2008 7:42 PM
 
 
New Post
5/1/2008 10:40 PM
 

This is happening on all groups, with or without spaces.  I performed an uninstall through the portal interface and did an re-install of 1.00.03 using the interface. 

You are correct, the groups are not being pulled when the users sign in.  As a test, I added a new group that we have in AD in the portal, with myself being a member of it in AD.  I left "sync roles" on and logged out and back in.  When I checked the group for members, I was not in there.  When I create a group in the portal named "Domain Users" one test account that I use gets put into the group, another one does not.  No strange errors in the event viewer.

I will take a look at LDAP Browser, but what exactly will this tell me?


CISSP
 
New Post
5/2/2008 11:54 AM
 

It's a utility that allows you to browse the AD objects and will show you exactly what's pulled in (group memberships, etc.). Just another way of being able to see from the server what it can see on the AD. I use it when I'm debugging the provider and am not sure if the info being returned is correct or not.

EDIT: If you did an uninstall and went back to a version that's working then is there a chance something changed network security wise that's preventing the provider from getting the info it's looking for?

 
New Post
5/2/2008 4:36 PM
 

Anything is possible I guess.  I just did another test, though, and this is what I found...

With the old provider, when a new user logs in for the first time, it throws that error and it appears as if the user account is not created, when in fact it was.  It also adds that user to all the groups that match what it finds in AD and the portal.  (I can live with that for now)

Existing users with the old provider sometimes do get put in, sometimes not, automatically.  Again, in some cases they are removed from the matching groups.  It looks as if users that are members of more groups in AD have the hang up.   I'm in 38 groups in AD and it is not adding me.  The test account that I'm using is only a member of 10 groups and that works great.  Is that a known issue?


CISSP
 
New Post
5/2/2008 5:56 PM
 

Hmmmm it may be. The way the group search works is it takes the groups from DNN and goes through them. So say there's a DNN group called Staff. That group is taken and the AD is checked to see if there's a group called Staff and if the user is a member of it or of any sub-groups of Staff. Are there a boatload of groups belonging to groups? I think it may be "timing" out when it's trying to search the nested groups. So, you were probably having this happening before and just didn't notice it.

This is something I hope to fix at the same time I fix the problem with nested group searching and W2K servers.

 
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationActive Directory 01.00.04 Beta Active Directory 01.00.04 Beta


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out