DNN 4.8.4. + ADProvider 1.0.3.(1.0.4.) > Forum

Language:

DNN Modules Forum

Unanswered Active Topics

Forums Search

Subject: DNN 4.8.4. + ADProvider 1.0.3.(1.0.4.)

You are not authorized to post a reply.

Author

Messages

pps

Posts:1

08/06/2008 12:31 AM
Hi! Please, help! AD Provider was established without problems. A name of the domain: test.domain.net. In authentication settings: Root Domain: dc=test, dc=domain, dc=net. It has found two domains: test.domain.net и test2.domain.net. Mistakes at connection was not. But at attempt to be authorized on a site gives out a mistake: Login Failed, remember that Passwords are case sensitive. DNN logs: DefaultDataProvider: DotNetNuke.Data.SqlDataProvider, DotNetNuke.SqlDataProvider ExceptionGUID: 9c463a97-ed45-4c7b-8fa6-6d2879b39322 InnerException: Object reference not set to an instance of an object. FileName: FileLineNumber: 0 FileColumnNumber: 0 Method: DotNetNuke.Authentication.ActiveDirectory.ADSI.ADSIProvider.GetUser StackTrace: Message: System.NullReferenceException: Object reference not set to an instance of an object. at DotNetNuke.Authentication.ActiveDirectory.ADSI.ADSIProvider.GetUser(String LoggedOnUserName, String LoggedOnPassword) I shall be authorized by the domain user: test\user To test\user has given the right the full rights to the catalogue with DNN Also I use impersonation in my web.config: In what there can be a problem?

rkfoster485 User is Offline

Posts:3

08/28/2008 1:45 PM
I've got the same issue as well. I noticed that you will also get the message in red if you enter a domain user/password in Standard authentication. This seems to indicate that when you have Hide Login Controls checked that authentication for a new domain user (new to the dnn site, that is), goes through dnn authentication and dies. So the repro: Given dnn 4.8.4, AD Provider 01.00.04 Given domain user u1, who is not registered with the dnn site Check Hide Login Controls Attempt login with u1 Receive the error in red above. Uncheck Hide Login Controls Pick Windows Login Attempt login with u1 Success Check Hide Login Controls Attempt login with u1 Success On a personal note: I don't mind if the login controls are shown. The only reason I am hiding the controls is I want the Windows Login to be the default, since this is an intranet site. I suppose I should go whine on the dnn site for this...

mikeh

Posts:114

08/28/2008 2:22 PM
Ummm I'm trying to figure out where the bug is. If you check Hide Login Control then it only hides the AD provider login. Not anything else. So if you then attempt to login with a new AD user that doesn't exist in the database it's trying to use the Standard DNN login control and failing (as it should because the user doesn't exist). If you don't want the DNN standard controls to appear then disable it under Admin->Authentication.

rkfoster485 User is Offline

Posts:3

08/28/2008 2:36 PM
Man - I wish our developers responded that fast! So, this is an existing AD user, but new to the DNN site. Was that your understanding? Here is the desired flow (Perhaps 1 & 2 are switched, I don't know.): 1) If standard DNN auth does not work then 2) check AD auth. If that does not work then 3) check if this is an AD user. If yes then register the user. Currently this does not happen. The only way a new AD user can get registered is if they explicitly pick Windows Login. That is what I am posing as a defect. So that's what I want. If it's tough love for me, then so be it. I'm nervous about disabling DNN Standard controls. Would I completely lock out my standard accounts, like admin and host? (Ah hah! You just discovered I'm a noob! You don't have to answer this question, since I'm going to exercise due diligence and try it out right now. : ) Thanks for the quick reply.

mikeh

Posts:114

08/28/2008 4:25 PM
Yep that was my understanding. I understand how you desire it to work but the providers (the DNN Standard login is a stand-alone provider just like LiveID, OpenID, AD, etc) are all separate and don't talk to each other. Theoritically you could have as many different authentication providers as you wanted (change the namespaces and recompile and I've suddenly got antoher AD provider) so it could potentially cause a lock-up if the standard provider tried to call each and every other provider installed to see if the user's credentials worked there. Yes if you disable the standard controls then standard accounts can't log in. I've gotten around this in the past by manually changing the selected user account's IsSuperUser value to True in the Users table in the database.

rkfoster485 User is Offline

Posts:3

08/29/2008 6:34 AM
I did indeed make my AD account super user and then disabled Standard login. End result: Exactly the behavior I was looking for. Thank you very much for your assistance! Rick

You are not authorized to post a reply.

Forums > Modules > DNN AD Fix > DNN 4.8.4. + ADProvider 1.0.3.(1.0.4.)