I am hoping someone can shed light on this!  I have the AD authentication working fine with Windows Authentication activated.  The problem is when a new windows user hits my test site the user detail information i.e (first name, last name, etc) are blank.  Any clues as to why????  I also created a role that I know that I am a member of and I was not assigned to that role.  Does this feature only work when your account doesn't exist and is created for the first time?

One last thing!  It would be nice to have an import utility for AD authentication that would import a list of available groups in AD that can then be chosen from to import into DNN.  This would also be nice for users as well and their detail information.

Thanks in advance!

I hate to ask, but I'm working on adding AD to my intranet.  But, I don't have a clue how.  I'm starting on a fresh 3.2 installation and cannot find any documentation on where to even start.  I did find the older version Module and tried to use some of that information, but it didn't help.  Can you point me in the right direction, please?  I posted previously, asking what the AD integration did and was told that it fit what I'm trying to perfectly, but the person didn't let me know how to get started.  Thanks for any help that you can provide.

For most users following these steps will get Authentication using AD working.

1. Do you normal 3.2 upgrade and verify it works.
2. Open IIS Settings, change security setting Admin\Security\WindowsSignin.aspx depends on your Authentication type
3. Open Web.config, remove the comment of Authentication httpmodule to enable Windows Authentication automatic logon
4. Login to your portal and click on ADMIN > Authentication
5. Check ON "Windows Authentication?" and "Synchronize Role?>" and leave the Authentication Type as Delegation (for most users)
6. Leave the other fields blank and click on UPDATE
7. You will get a message similar to this:
   __________________________________
   Accessing Global Catalog:
   OK
   Checking Root Domain:
   OK
   Accessing LDAP:
   OK
   Find all domains in network:
   2 Domain(s):
   yourdomain.com
   ad.yourdomain.com
   __________________________________
   
   If you get any FAILS then fill out the other options like ROOT DOMAIN, USERNAME, PASSWORD etc.. and click UPDATE (Figure out how to fix your particular AD settings before moving on)
8. Now close all instances of your browser
9. Open your portal up and it should be working. If your AD has your information your name should show up (depending on your skin) and by clicking on it all the relevant information from your AD will be displayed
10. You should then go to the Security Roles section and add the Groups from the AD you want to use on the portal. If the names line up exactly the user will automatically be added to this group when they sign in.

NOTE: The users are assigned a random password in the database, not their AD password, so they cant login manually without using their password assigned to them- they can get it through the password reminder capability though.
PS Some of these instructions were taken from one of TAM's post - the creator of the this feature.

Can anyone answer my "ORIGINAL" post.  I have seen this answer and don't have this issue.  "ksbecker" had a question that this would have answered.  I don't mind the post but it doesn't help to answer my post.

programmer17 wrote:

The problem is when a new windows user hits my test site the user detail information i.e (first name, last name, etc) are blank.  Any clues as to why????

Does your AD have that information?? Cause it can only grab what fields are field out in the AD.  If your AD does have it then I would believe your Authentication isn't setup with the correct settings or you dont have a typical case.

programmer17 wrote:

I also created a role that I know that I am a member of and I was not assigned to that role.  Does this feature only work when your account doesn't exist and is created for the first time?

NO it should work as long as you have Sync Roles checked ON.

programmer17 wrote:

One last thing!  It would be nice to have an import utility for AD authentication that would import a list of available groups in AD that can then be chosen from to import into DNN.  This would also be nice for users as well and their detail information.

Yah it is being worked on last I heard.

programmer17 wrote:

One last thing!  It would be nice to have an import utility for AD authentication that would import a list of available groups in AD that can then be chosen from to import into DNN.  This would also be nice for users as well and their detail information.

FYI: I have created this module, it needs some more testing with 3.2 and will be released as custom module.

Tam

Ok our Activdirectory is setup in multiple domains.  I use a user that can see all of them.  I plugin my information in the settings of the Authentication and receive ok on all items that is checks.  I see all the domains as their names are returned.  I have windows Authentication turned on so that the user does not have to log in to DNN.  The new user record gets created with the correct domain\username.  It just doesn't populate any other information.  And my users don't get syncronized with ther appropriate roles either.  I am still playing with settings to come up with the appropriate combination.

Thanks Tam,

I could create this myself but was hoping that you might be working on upgrading the piece that you did.  Thanks for the feedback.