1-888-365-2779
+1-888-365-2779
Try Now
More in this section

Forums / Developing with Sitefinity / Issues integrating Active Directory with Sitefinity

Issues integrating Active Directory with Sitefinity

2 posts, 0 answered
  1. aster
    aster avatar
    12 posts
    Registered:
    08 Dec 2009
    03 Feb 2010
    Link to this post
    Hi,

    I would like to integrate Active Directory authentication for our intranet. I would like to use the Sitefinity role provider for role management. The authentication has to happen in two places. When a user loads the site, they should be asked their domain credentials to authenticate to view the site. Also, a user should be able to use their domain credentials to login to the administration section of the site.

    I looked at the webinar at http://tv.telerik.com/sitefinity/webinar/sitefinity-membership-role-providers and also http://www.sitefinitywatch.com/notes/09-07-20/Membership_and_Role_Providers.aspx.

    I followed along and updated the web.config like the webinar suggested, however I am not able to login to the admin section of the site using my domain credentials, the administration credentials, I setup when I first created the site do not work either. I am totally confused.

    My web.config changes are as follows -
    the connection string section
    <connectionStrings>
       <add name="Sitefinity" connectionString="data source=localhost\SQLEXPRESS;UID=adtest;PWD=adtest;initial catalog=ADTest" providerName="System.Data.SqlClient" />  
       <add name="ADService" connectionString="LDAP://connectionstring/DC=test,DC=test" />
     </connectionStrings>

    the membership provider
    <membership defaultProvider="Sitefinity" userIsOnlineTimeWindow="15" hashAlgorithmType="">
      <providers>
        <clear />
            <add name="Sitefinity" connectionStringName="ADService" enableSearchMethods="true" type="Telerik.Security.ActiveDirectory.TelerikADMembershipProvider, Telerik.Security" />
      </providers>
    </membership>

    As, I am not providing a username and password in the membership provider, I set the impersonate to true. As mentioned in the developer manual at http://www.sitefinity.com/help/developer-manual/active-directory.html.

    <identity impersonate="true" />

    the security section
    <security defaultProvider="DefaultSecurityProvider" cmsProvidersName="ADService">
          <roles>
            <clear />
            <add name="Administrators" permission="Unrestricted" />
          </roles>
          <providers>
            <clear />
            <add name="DefaultSecurityProvider" connectionStringName="DefaultConnection" type="Telerik.Security.Data.DefaultSecurityProvider, Telerik.Security.Data" membershipProvider="Sitefinity" roleProvider="Sitefinity" />
          </providers>
        </security>

    The authentication settings on the IIS server for the site are as follows:
    Anonymous Authentication is Enabled
    ASP.NET Impersonation is Enabled
    Forms Authentication is Enabled
    Windows Authentication is Disabled.

    After doing all these changes when I pull up the administration section of the site it pops up the login control and when I use my domain credentials, it just says "Your login attempt was not successful. Please try again".

    Could anyone please tell me what I am doing wrong?

    Thanks!
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    16 Jun 2017
    03 Feb 2010
    Link to this post
    Hello aster,

    To use AD with sitefinity you need to has AD roles and users that belong to these roles. First you have to login to the backend using Sitefinity's Memebership provider and grant access to the proper roles from your AD provider. Then switch the backend provider in the web.config to AD provider. you could aslo create groupMaps for the AD roles you have.

    Sincerely yours,
    Ivan Dimitrov
    the Telerik team

    Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
    Follow the status of features or bugs in PITS and vote for them to affect their priority.
2 posts, 0 answered