Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...ADS Authentication Problems After Primary Domain ChangeADS Authentication Problems After Primary Domain Change
Previous
 
Next
New Post
12/15/2010 1:58 PM
 
Don Langkamp


Joined: 1/16/2009
Posts: 34
Hello, I'm posting this question after almost 2 weeks of attempting to resolve (what appears to be) an ADS authentication problem that has begun right after our organization made a change to its network.  Perhaps someone can offer a suggestion or idea - something that might spark my looking at this another way.

What happened, and the timing of it, is quite simple at least.  On one night a planned change was made to our network; the primary domain was changed.  The next morning, our intranet DNN Website was working fine - both performance-wise and in it's ability to authenticate (I think, based on looking over the Site Log later). 

But, since we are using ADS Authentication, I recalled that on the Host-->Admin-->Authentication page, there is a User Name and password supplied (under "Active Directory Settings") and that user name no longer existed in our new domain, so I figured I better change that to a valid one.  I changed the user name and clicked "Update Settings", it polled the LDAP and indicated everything was successful, saying:

Accessing Global Catalog:
OK
Checking Root Domain:
OK
Accessing LDAP:
OK
Find all domains in network:
1 Domain(s):
aimco.alberta.ca (AIMCo)

My settings for the Active Directory Settings are:

Enabled?  checked
Hide Login Controls?  checked
Syncronize Role?  checked
Provider:  ADSIAuthenticationProvider
Authentication Type:  Delegation
Root Domain:  <blank>
User Name:  <a user name for admin rights and a non-changing password assigned to it>
Password:  <the proper password for the user name>
Confirm Password:  <again, the same password>
Email Domain:  @aimco.alberta.ca
Auto-login IP Address:  <blank>

Timing-wise (looking at the Site Log later), that is precisely when things started going downhill, it appears.  The CPU on the Web Server has been regularly pinning at 100% and staying there for long periods (5 to 10 minutes) - forcing me to reset IIS periodically.  In addition, when I look at the Site Logs now, I see about 30 to 50 percent of the browser visits are not authenticated against ADS.

I can force a browser to authenticate by clearing its cookies, shutting down the browser and then restarting.  Interestingly, it appears to take a very long time to authenticate, once I do so; the first time only.  This leads me to suspect the problem may be related to authentication, but I am not absolutely positive.  Perhaps the authentication fails because of the CPU pinning, but it doesn't seem to be the case, timing-wise.  I am quite sure the problem (at least on the authentication front) began immediately after I changed the user name in the Active Directory Settings. 

Well, that's basically the situation we are in here.  We have looked through the IIS logs, event logs and investigated everything we can think of for the last 2 weeks and have not come up with anything.  We have even moved the Website to a new server to no avail.  If anyone has a suggestion on what to suspect (and looking into more closely) or if you have an idea for best diagnosing this problem, I would very much appreciate hearing your thoughts.

Don
 
 Page 1 of 1
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...ADS Authentication Problems After Primary Domain ChangeADS Authentication Problems After Primary Domain Change


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out