I am trying to set up the DNN Active Directory module to use the auto login process. I followed the intructions on the github wiki page but I am either missing some key elements of instructions on how to get this operational or my quarantine time has far eceeded my sanity level :-)
I am running: DNN 08.00.03 DNN Active Directory 6.1.2
First I would like to understand the initial process. What is required of the user to gain automatic website access and auto create the DNN account? Do they have to tap three times on their monitor? or just navigate to the website? or find that hidden login page?
Nothing I have tried is allowing the user to access the website.
Hi,
in DNN 8 you have to go to Admin :: Extensions and click the pencil near the AD Authentication Provider.
In DNN 9 this is found under Settings :: Extensions, select "Authentication Systems" in the dropdownlist and then click the Edit pencil, and select the Site Settings tab.
I am using DNN Active Directory Authentication 7.0.0, so there might be some small differences. I have checked "Activate" and "Auto Login", selected the "ASDIAuthenticationProvider", and the "Delegation" type. Root Domain is "dc=intranet,dc=local" (the domain is "intranet.local", this is also the value of Default Domain), then you need a user that can access the AD, in my case this is a service user in the domain ("INTRANET\ADServiceUser"), and the email domain ("@mycompany.org"). In the Auto-Login IP Addresses field I entered some IP ranges, I realized that the CIDR notation ("192.168.0.0/25" for 192.168.0.0 to 192.168.0.127) did not work, therefore I used the notation "192.168.0.0-192.168.0.127". If you need multiple ranges, separate them by a semicolon (e.g. "192.168.0.10-192.168.0.50;192.168.0.120-192.168.0.160"). I am not synchrizing roles, but check the box if you need this. Some versions ago, it was not necessary to enter any IP address, when everyone should be automatically logged in, or when you entered an IP range you did not need to check auto login, but now it seems neecessary to provide both. So if you need the full IP address range you should enter 192.168.0.0-192.168.255.255 or 172.16.0.0 – 172.31.255.255 or 10.0.0.0-10.255.255.255 (whatever is your IP range).
That should be it.
The other thing necessary is that you have to enable Windows Authentication and disable Anonymous Authentication for the file "WindowsSignin.aspx" (in DesktopModules/AuthenticationServices/ActiveDirectory). This is described in the Wiki.
An alternative could be the Glanton AD-Pro provider, this is not for free but offers more possibilities.
Happy DNNing! Michael
Michael TobischDNN★MVP
I am having also this issue. How do I use a PowerShell script built using the Windows Active Directory module as an Active Roles Server Script Module? I am trying this I am getting an error that "GEt-ADGroupMember" is not recognized. I think this is because it does not recognize the cmdlet without the ActiveDirectory module.
PowerShell requires special module to work with Active Directory. Put following code snippet before your commands: Import-Module ActiveDirectory
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.