+1-888-365-2779
Try Now
More in this section

Forums / Security / Active Directory Woes - This type of page is not served

Active Directory Woes - This type of page is not served

7 posts, 0 answered
  1. Eric Wallace
    Eric Wallace avatar
    66 posts
    Registered:
    08 Oct 2009
    05 May 2010
    Link to this post
    I'm about to pull out what little hair I have remaining trying to integrate Sitefinity with Active Directory. I've followed the scattered threads and webinars, but still no dice. I'm using Windows Authentication with Impersonation. This is for an Intranet application. I know it's connecting to AD just fine because when I use the Sitefinity default provider, I can go into administration and see all the AD users. Now when I try to access the administration section, I get the (very annoying and not at all informative!) error page that says   This type of page is not served. It's an aspx page...trust me, it's served. :)

    Here's what my web.config looks like:

    <connectionStrings>
            <add name="Sitefinity" connectionString="NDBBM" providerName="System.Data.SqlClient"/>
            <add name="ActiveDirectory" connectionString="LDAP://NDBBM"/>
    </connectionStrings>
     
    <roleManager enabled="true" cacheRolesInCookie="true" defaultProvider="ActiveDirectory">
                <providers>
                    <clear/>
                    <add
              name="Sitefinity"
              connectionStringName="DefaultConnection"
              applicationName="/"          
              type="Telerik.DataAccess.AspnetProviders.TelerikRoleProvider, Telerik.DataAccess"/>
                    <add
              applicationName="/"
              description="Telerik Role Provider for Active Directory"
              name="ActiveDirectory"
              connectionStringName="ActiveDirectory"
              searchScope="subtree"
              connectionUsername="mydomain\myusername"
              connectionPassword="NDBBM"
              domainName="mydomain"
              type="Telerik.Security.ActiveDirectory.TelerikADRoleProvider, Telerik.Security"/>
                </providers>
            </roleManager>
    <membership defaultProvider="ActiveDirectory" userIsOnlineTimeWindow="15" hashAlgorithmType="">
                <providers>
                    <clear/>
                    <add
              name="Sitefinity"
              connectionStringName="DefaultConnection"
              type="Telerik.DataAccess.AspnetProviders.TelerikMembershipProvider, Telerik.DataAccess"
              enablePasswordRetrieval="false"
              enablePasswordReset="true"
              requiresQuestionAndAnswer="false"
              applicationName="/"
              requiresUniqueEmail="false"
              passwordFormat="Hashed"
              maxInvalidPasswordAttempts="5"
              passwordAttemptWindow="10"
              passwordStrengthRegularExpression=""
              minRequiredPasswordLength="1"
              minRequiredNonalphanumericCharacters="0"/>
                    <add
              name="ActiveDirectory"
              connectionStringName="ActiveDirectory"
              enableSearchMethods="true"
              connectionUsername="mydomain\myusername"
              connectionPassword="NDBBM"
              attributeMapUsername="sAMAccountName"
              type="Telerik.Security.ActiveDirectory.TelerikADMembershipProvider, Telerik.Security"/>
                </providers>
     
    <security defaultProvider="DefaultSecurityProvider" cmsProvidersName="ActiveDirectory">
                <roles>
                    <clear/>       
                    <add name="theGroupIBelongToThatShouldBeUnrestricted" permission="Unrestricted"/>
            <add name="administrators" permission="Unrestricted"/>
                </roles>
                <providers>
                    <clear/>
                    <add
              name="DefaultSecurityProvider"
              connectionStringName="DefaultConnection"
              type="Telerik.Security.Data.DefaultSecurityProvider, Telerik.Security.Data"
              membershipProvider="ActiveDirectory"
              roleProvider="ActiveDirectory"/>
                </providers>
            </security>

    Any ideas what I may be doing wrong?
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    09 Dec 2016
    05 May 2010
    Link to this post
    Hi Eric Wallace,

    Please make sure that the role you use for AD has needed permissions to access the backend. It seems that the user you use has been validated, but you do not have permissions.

    Also under security node you should only set cmsProvidersName attribute and AD roles - preferably Administrators

    <roles>
       <clear/>     
        <add name="Administrators" permission="Unrestricted"/>
      </roles>

    You should not change the providers node

    Please take a look at this article to see the correct configuration Active Directory ( note that the parsing of the web.config require using &amp; instead of &)

    sample configuration

    <roleManager enabled="true" cacheRolesInCookie="true" defaultProvider="Telerik">
          <providers>
            <clear/>
            <add name="Sitefinity"
                 applicationName="/"
                connectionStringName="ADService"   type="Telerik.Security.ActiveDirectory.TelerikADRoleProvider, Telerik.Security"    
                connectionUsername="Connection1"
                                connectionPassword="Password" 
                groupMaps="group1, group2"
                                domainName="host.com"/>
          </providers>
        </roleManager>
        <membership defaultProvider="Telerik" userIsOnlineTimeWindow="15" hashAlgorithmType="">
          <providers>
            <clear/>
           
            <add name="Sitefinity"
               connectionStringName="ADService"
               enableSearchMethods="true"
               attributeMapUsername="sAMAccountName"
                             connectionUsername="Connection1" 
               connectionPassword="Password" type="Telerik.Security.ActiveDirectory.TelerikADMembershipProvider, Telerik.Security"/>
          </providers>
        </membership>

    Once again the issue you have looks like that the role you use does not have needed permissions.

    Regards,
    Ivan Dimitrov
    the Telerik team

    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
  3. Eric Wallace
    Eric Wallace avatar
    66 posts
    Registered:
    08 Oct 2009
    05 May 2010
    Link to this post
    Hi Ivan,

    Isn't that what the unrestricted permissions entry in the security node should accomplish?

    Also, I do not understand what you mean when you say "Please make sure that the role you use for AD has needed permissions to access the backend." Where do I check that, because that role has "unrestricted" permissions set in web.config, and all permissions I can assign in the administration section have been given to that role.

    Thanks,
    Eric
  4. Eric Wallace
    Eric Wallace avatar
    66 posts
    Registered:
    08 Oct 2009
    05 May 2010
    Link to this post
    I should also note that the following appears in the source of the this type of page is not served page, so it's definitely permissions related:
    <!-- 
    [HttpException]: You have no permissions to view this page.
       at Telerik.Cms.Web.CmsHttpModule.PostAuthenticateAdminRequest(Boolean isAuthenticated, CmsHttpRequest request)
       at Telerik.Cms.Web.CmsHttpModule.context_PostAuthenticateRequest(Object sender, EventArgs e)
       at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
       at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
    -->
  5. Eric Wallace
    Eric Wallace avatar
    66 posts
    Registered:
    08 Oct 2009
    05 May 2010
    Link to this post
    I think I've narrowed down the problem to the fact that no roles are coming back in the GetRolesForUser method. I've tried the custom provider and that did not work either.

    Server Error in '/' Application.

    Object reference not set to an instance of an object.

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.

    Source Error:

    Line 18:         {
    Line 19:             SearchResult userResult = userSearcher.FindOne();
    Line 20:             userEntry = userResult.GetDirectoryEntry();
    Line 21:         }
    Line 22:         catch (System.Runtime.InteropServices.COMException)

    Source File: c:\web\telerik\Sitefinity3.7\WebSites\Employee Portal\App_Code\CustomRoleProvider.cs    Line: 20

    Stack Trace:

    [NullReferenceException: Object reference not set to an instance of an object.]
       CustomRoleProvider.GetRolesForUser(String userName) in c:\web\telerik\Sitefinity3.7\WebSites\Employee Portal\App_Code\CustomRoleProvider.cs:20
       System.Web.Security.RolePrincipal.GetRoles() +158
       Telerik.Security.Permissions.ApplicationPermission.CheckDemand() +219
       Telerik.Cms.Web.CmsHttpModule.PostAuthenticateAdminRequest(Boolean isAuthenticated, CmsHttpRequest request) +47
       Telerik.Cms.Web.CmsHttpModule.context_PostAuthenticateRequest(Object sender, EventArgs e) +745
       System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +68
       System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75
    


    Version Information: Microsoft .NET Framework Version:2.0.50727.3603; ASP.NET Version:2.0.50727.3082
  6. Eric Wallace
    Eric Wallace avatar
    66 posts
    Registered:
    08 Oct 2009
    05 May 2010
    Link to this post
    Issue resolved. I had an organizational unit in the connection string which prevented any roles being returned.
  7. Gary
    Gary avatar
    91 posts
    Registered:
    19 Jul 2007
    06 Aug 2010
    Link to this post
    This thread was helpful to me, and I thought I'd add to it for future visitors:

    I had the exact same error, and it was for the same reason. I suspect others may encounter this when following the instructions in Gabe's video about Sitefinity Membership and Role Providers. In Gabe's example, he did not have the users in a separate OU, so when he selected the search string from within Softerra's LDAP Browser to paste into his connection string, it was fine. When I used the same approach it didn't work, because in my case the search string contained the OU field as well.

    My original attempt, which didn't work:

        <add name="ActiveDirectory" connectionString="LDAP://MYSERVER/OU=GOIT,DC=goit,DC=local" />

    And the modified version, which did work:

        <add name="ActiveDirectory" connectionString="LDAP://MYSERVER/DC=goit,DC=local" />

    Regards,
    Gary
Register for webinar
7 posts, 0 answered