Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationTrying to setup Groups (Automatically Add Security Roles)...I need helpTrying to setup Groups (Automatically Add Security Roles)...I need help
Previous
 
Next
New Post
4/22/2008 6:33 PM
 
Jobhater

Joined: 10/11/2006
Posts: 33

I tried to setup the AD to utilize the current groups (I think).  Its not working.  (4.8.2)  Can you help? 

1) Do you know of any good instructions online for doing this? 
2) How do I find out all of the availalbe groups within AD?
3) Also, can you explain to me what this does?  This might not be what I want to do.  I want a user to come to the website, get logged in automatically (which is already working), and depending on a group role, be allowed to see a certain module or page available.

 
 
New Post
4/22/2008 10:55 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

1) I need to add this section to the documentation and don't know of any sites that cover this but will do a quick synopsis at the end of the post.
2) You're not going to be able to do this through DNN but you could look at installing Administrative Tools onto your computer. This will give you access to Active Directory Users and Computers. My advice is to try not to add every group in your AD. This will significantly slow down your login time.
3.) You've got pretty much the idea. Your AD user gets logged in and gets added to the correct role. After that the role permissions are as normal for any DNN role.

Adding AD Groups as DNN Security Roles:

  1. I find that the Active Directory Users and Computers mmc that's part of the Administrative Tools Pack (http://www.microsoft.com/downloads/details.aspx?FamilyID=c16ae515-c8f4-47ef-a1e4-a8dcbacff8e3&displaylang=enis) handy and saves the pain and suffering of either logging into a domain controller or remoting into one.
  2. Log in with either admin or host credentials on your DNN install and go to Admin->Security Roles.
  3. Select Add New Role
  4. This is the important part. Enter the role name exactly as the pre-Windows 2000 group name is in the AD. This can be found by right clicking on the group in Active Directory Uses and Computers and going to the properties. Quite often they are the same but not always.
  5. Click Update in DNN and that's it. Users belonging to that AD group should automatically be added to the DNN role the next time they login.

 
 
New Post
4/23/2008 12:01 PM
 
Jobhater

Joined: 10/11/2006
Posts: 33

Thanks for the great info.  I was able to get the Groups listing on my own and found that the "Logon Name (pre-Windows 2000)" was different for my group names.  I have added several groups, but still cannot get it to work.  I am having a new user login.  He is able to login ok with his username showing up as it should (from AD), but his security roles do not get populated.  In the Event Viewer, I'm getting this General Exception error:

AssemblyVersion: 04.08.02
PortalID: 0
PortalName: MyPortal
UserID: -1
UserName:
ActiveTabID: 36
ActiveTabName: Home
RawURL: /GeoConsole/DesktopModules/AuthenticationServices/ActiveDirectory/WindowsSignin.aspx?tabid=36
AbsoluteURL: /GeoConsole/DesktopModules/AuthenticationServices/ActiveDirectory/WindowsSignin.aspx
AbsoluteURLReferrer:
UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 1.1.4322; InfoPath.2)
DefaultDataProvider: DotNetNuke.Data.SqlDataProvider, DotNetNuke.SqlDataProvider
ExceptionGUID: 8fa7809d-963e-4103-96cc-42a0e6906c52
InnerException: Object reference not set to an instance of an object.
FileName:
FileLineNumber: 0
FileColumnNumber: 0
Method: DotNetNuke.Authentication.ActiveDirectory.ADSI.Utilities.SearchNestedGroups
StackTrace:
Message: System.NullReferenceException: Object reference not set to an instance of an object. at DotNetNuke.Authentication.ActiveDirectory.ADSI.Utilities.SearchNestedGroups(DirectoryEntry group, String DistinguishedName) at DotNetNuke.Authentication.ActiveDirectory.ADSI.Utilities.SearchNestedGroups(DirectoryEntry group, String DistinguishedName) at DotNetNuke.Authentication.ActiveDirectory.ADSI.Utilities.SearchNestedGroups(DirectoryEntry group, String DistinguishedName) at DotNetNuke.Authentication.ActiveDirectory.ADSI.Utilities.SearchNestedGroups(DirectoryEntry group, String DistinguishedName) at DotNetNuke.Authentication.ActiveDirectory.ADSI.ADSIProvider.IsAuthenticationMember(GroupInfo AuthenticationGroup, UserInfo AuthenticationUser) at DotNetNuke.Authentication.ActiveDirectory.UserController.AddUserRoles(Int32 PortalID, UserInfo AuthenticationUser)
Source:

1) Do you have any ideas of what I can check for?

2) Do I need to have the domain\groupname?

3) Would the "Public Role" or "Auto Assignment" Checkboxes need to be checked? 
 
New Post
4/23/2008 12:44 PM
 
Mike Horton


Joined: 7/16/2003
Posts: 4865

It looks like your domain controllers are running Windows 2000 and this is a bug that just really became apparent in the last couple of weeks. I haven't had a chance to look for a fix for it yet (day to day work/real life have gotten in the way).
 
 Page 1 of 1
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationTrying to setup Groups (Automatically Add Security Roles)...I need helpTrying to setup Groups (Automatically Add Security Roles)...I need help


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out