+1-888-365-2779
Try Now
More in this section

Forums / General Discussions / Integration with ActiveDirectory

Integration with ActiveDirectory

10 posts, 0 answered
  1. Terrence
    Terrence avatar
    23 posts
    Registered:
    23 Mar 2009
    18 May 2009
    Link to this post
    Hi there

    I'd like to find out if Sitefinity can be integrated with my existing ActiveDirectory server to create the user accounts that I need for the users?

    Please advise. Thanks!
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    18 May 2009
    Link to this post
    Hi Terrence,

    Thank you for using our services.

    You can use Telerik Active Directory Membership and Telerik Active Directory Role providers to enable working with LDAP and connect to Active Directory as a data source. You can gather more information at
    Telerik Active Directory Providers

    Sincerely yours,
    Ivan Dimitrov
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Check out the tips for optimizing your support resource searches.
  3. Sanjaya Kodagoda
    Sanjaya Kodagoda avatar
    2 posts
    Registered:
    15 Mar 2006
    01 Jul 2009
    Link to this post
    hi,
    i would like to know the how would it behave in a VPN connection. does it supports for all remote network configurations other than the same local area network, like different trusted domains and interconnected domains in a VPN.

    thanks
  4. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    01 Jul 2009
    Link to this post
    Hi Sanjaya Kodagoda,

    There will not be a problem to use VPN or remote connections. It will be the same as you are using VPN or remote connection to access Sitefinity backend on your production server.

    Regards,
    Ivan Dimitrov
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Check out the tips for optimizing your support resource searches.
  5. Terrence
    Terrence avatar
    23 posts
    Registered:
    23 Mar 2009
    02 Jul 2009
    Link to this post
    Hi Ivan

    Thank you for the article. It has been quite helpful. However, in the article, it basically shows us how to authenticate the user's credentials against AD, then read the user's group in AD to map to a role in Sitefinity - is this correct?

    1. Is there a way not to map roles based on AD grouping, i.e. AD is only used as authentication source, and upon authentication, the users are assigned into Sitefinity roles, where the page and module permissions are already assigned. Please answer this urgently as it would take minimum a week for me to raise an AD change request ticket, and my launch date is next week.
    2. In the example, there is a mapping of the permission of the grouping "Sitefinity team" in the web.config to "unrestricted" as shown in the code below:
     <add name="Sitefinity team" permission="Unrestricted"/> 
    I cannot find any other permission settings documented. What are the other permission settings that we can define? Is there any way to map it to the Roles we have set up in Sitefinity?
    3. Instead of hard-coding the mapping, is there any way to dynamically do it please?
    4. The changes required to be made in the article only describe changes to the web.config file. Is this all that is required to enable authentication to AD?

    Thanks in advance.

    Best regards
    Terrence
  6. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    02 Jul 2009
    Link to this post
    Hello Terrence,

    All information provided by AD (users, roles and their relations) is readonly for Sitefinity. Operations like creating a new user/role, assigning a user to a given role can be done by the AD administrators out of Sitefinity administration. Sitefinity is just a consumer of AD users and roles. You should create a groupMaps - group of users, because in <security> node of the web.config you need to set permissions for this group.
    The available permission options are:

    Unrestricted - Full access to the resource protected by the permission.
    None - No access to the resource protected by the permission.

    Greetings,
    Ivan Dimitrov
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Check out the tips for optimizing your support resource searches.
  7. Terrence
    Terrence avatar
    23 posts
    Registered:
    23 Mar 2009
    02 Jul 2009
    Link to this post
    Dear Ivan

    Thank you for your reply.

    Perhaps I can relate what I need so that you can assist. From your explanation, you have confirmed for me that Sitefinity will only read in the AD credentials.

    What I actually wish to do is to authenticate all my Sitefinity users against AD, i.e. match their UID and PW against AD, and then log them in to Sitefinity.  This is clearly explained in the article that you have sent to me and I see that it would not be a problem.

    However, the next part is the where I have a problem: how would I assign the authenticated user to a role in Sitefinity so that the user has the proper permissions to the Pages and modules?

    I will not been given any permission nor access to modify the AD in any way due to corporate ruling, so any changes to the AD cannot be made at all.

    Thank you for your kind assistance.

    Best regards
    Terrence
  8. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    02 Jul 2009
    Link to this post
    Hello Terrence,

    When you create your AD provider it will be shown in Sitefinity. You can assign different permissions for your provider for all modules and pages. The role based groups should be created from your AD. There is no implementation in Sitefinity that will allow you to do this through the interface.

    Greetings,
    Ivan Dimitrov
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Check out the tips for optimizing your support resource searches.
  9. Terrence
    Terrence avatar
    23 posts
    Registered:
    23 Mar 2009
    02 Jul 2009
    Link to this post
    Hi Ivan

    Could you upload a Jing screencast of what you are describing for this part please:
    "When you create your AD provider it will be shown in Sitefinity. You can assign different permissions for your provider for all modules and pages."

    So I can only set permissions for ALL the AD users and not SPECIFIC users?

    Is this correct?

    Thanks and regards
    Terrence
  10. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    02 Jul 2009
    Link to this post
    Hello Terrence,

    Please take a look at the screenshot in the following KB.

    So I can only set permissions for ALL the AD users and not SPECIFIC users?

    You can set permissions per role not per user. The current provider that you are using works in the same way.

    Regards,
    Ivan Dimitrov
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Check out the tips for optimizing your support resource searches.
Register for webinar
10 posts, 0 answered