DotNetNuke

Re: Windows Authentication for DNN3.0

DanBall — Thu, 19 Jan 2006 14:05:18 GMT

DanBall wrote:
djbaldwin wrote:
DanBall wrote:
Now, if I can figure out how to redirect users to different start pages depending if they are Internet or Intranet, I'll have most of the small quirks worked out....
LOGON_USER will give you the NT Account the user is logged into.
Response.Redirect(iif(Request.ServerVariables("LOGON_USER")="", "Internet.aspx", "Intranet.aspx"))

I hope this is of some help to you.

It might if I could figure out how to use it... *grin* Is this something I can put in at the ascx or aspx level? I don't have any way to compile source code here, not to mention I haven't taught myself .Net programming yet.

I never did see a response to this post, and am really curious of how it would work... Where would I put such a line? It looks like something that could go in an .aspx file, but I'm not sure.

Re: Windows Authentication for DNN3.0

DanBall — Thu, 19 Jan 2006 14:00:28 GMT

lrhenry wrote:

Thanks Dan, I have been scratching my head all day on this one and of the several solutions on the net your was the only one that worked.

Thanks a million.

Not sure which solution you're talking about, I haven't posted in this thread for a long time.

Although, it was good I read back through all this, as I had completely forgot about a couple of the posts.

Re: Windows Authentication for DNN3.0

lrhenry — Thu, 19 Jan 2006 00:04:41 GMT

Thanks Dan, I have been scratching my head all day on this one and of the several solutions on the net your was the only one that worked.

Thanks a million.

Re: Windows Authentication for DNN3.0

munozj — Mon, 02 Jan 2006 03:47:47 GMT

Does this work with DNN4.0's native windows authentication?

I looked in the dotnetnuke/admin/security directory (and everywhere else) but couldn't find AuthenticationSignin.ascx

I found: AuthenticationSettings.ascx ; signin.ascx ; WindowsSignin.aspx but not AuthenticationSignin.ascx

Is the file structure different in DNN 4.0 ?

Re: Windows Authentication for DNN3.0

SnoMan — Wed, 02 Nov 2005 11:55:26 GMT

When implementing Caelen98's script I had troubles with logging into the site as admin or host. The process kept trying to login the admin and host as "domain"\admin or "doamin"\host (neither of which exist in our domain of course.) . In order to preserve the admin and host accounts as they are I added the following ElseIf statements to Caelen98's original script;

<script runat="server">

Sub change(sender As Object, e As EventArgs)

if txtUsername.Text="admin" then
txtUsername.Text="admin"

elseif txtUsername.Text="host" then
txtUsername.Text="host"

else txtUsername.Text="yourdomain\" & txtUsername.Text

end if

end sub

</script>

This works like a charm.

I want to thank Tam for the wicked module and Caelen98 for the script.

Way to go!!!!!

Re: Windows Authentication for DNN3.0

hfournier — Thu, 13 Oct 2005 21:16:57 GMT

caelen98 wrote:
Hopefully, now that I have tried to be helpful, someone can answer my silly question that I can't find the answer to. I know this has been asked, but I don't see a good answer. I am getting the error: "Error while processing Windows Authentication". What am I supposed to change in permissions to get this to go away. By the way, I am also having problems with trying to get the system to automatically login the user.

Well... here you go, hope it helps. I had a couple of issues that caused me grief when trying to get the authentication to work in mix mode.

1. After many attempts and playing around with all kinds of options, I found that I had left one of the authentication lines commented out in the web.config. So double/triple check your web.config, even if you think it's OK.

2. We had intermittent problems with some users not auto-logging on or getting the AD login prompt. Turns out one of our IT guys had removed the "Users" group access from the root drive. By default, the "Users" group as read access to the drive. Since we're using mixed mode, resource files (.css, .js, etc) were being access by the actual user's account (through impersonation). By removing the "Users" group, the user no longer had read access to the files. The funny thing is that it didn't prevent it from working all together, it just caused weird behaviour. For example, a user would visit the site and immediate get prompted for credentials, hit Cancel, and get auto-logged in, but none of the syles (CSS) would appear. Hitting Refresh would display the site properly. Some users couldn't login in at all. Like I said, weird.

Re: Windows Authentication for DNN3.0

caelen98 — Thu, 13 Oct 2005 15:53:11 GMT

>>Back to the hidden domain question, is there a way to capture the username from Tam's Authentication Login Page, set a variable up, and tack the domain\+username together and pass that on during the submission?<<

This is how I did it.... In the AuthenticationSignin.ascx, I put the following at the top of the code:

Sub change(sender As Object, e As EventArgs)

txtUsername.Text="oldplacerville\" & txtUsername.Text

End Sub

</script>

Then, I updated the following line:

(adding ontextchanged="change") which calls the top script.

This has worked well for me.

Hopefully, now that I have tried to be helpful, someone can answer my silly question that I can't find the answer to. I know this has been asked, but I don't see a good answer. I am getting the error: "Error while processing Windows Authentication". What am I supposed to change in permissions to get this to go away. By the way, I am also having problems with trying to get the system to automatically login the user.

Thanks in advance!

Caelen98

Re: Windows Authentication for DNN3.0

ccarns@ctc.com — Thu, 13 Oct 2005 15:37:33 GMT

Thank djbaldwin for your ideas! It is a child portal and I have ran into .aspx/.asmx issue before when building my module, but I am 99% sure I am not calling a .aspx/.asmx file but it is a good point to check.

I did notice though that the page it was always blowing on for some indivduals has a client side Javascript check before the postback. I took it out for now and am having the users who has the problem test again.
UPDATE: The javascript is not the problem but I did find out that the users who are having the logout issue have recently had their computer rebuilt- If I find out the cause I will post it.

UPDATE 2: Djbaldwin you know how I said 99% sure- well the 1% bit me. I was using a pop up calendar date chooser on some of the pages and it was the problem. All I had to do was send in PortalID=Num and the problem was solved. The reason this one stumped me because it seemed random - when in reality it was the fact that some users used the calendar to choose a data and some just typed it in. Thanks for help - the module has been working great in a production environment for a month now!

Re: Windows Authentication for DNN3.0

djbaldwin — Thu, 13 Oct 2005 13:44:10 GMT

This has been a gremlin for a while and there are other threads on the subject, but the most common issue is child portals and/or accessing an .aspx page that is not part of the portal.

FYI: http://forums.asp.net/567799/ShowPost.aspx

I honestly don't know if this problem has been resolved in 3.1.1.

Re: Windows Authentication for DNN3.0

ccarns@ctc.com — Wed, 12 Oct 2005 18:12:45 GMT

I have the Auth Module running in production (Intranet only). It works great for some but for some users they get logged off randomly - then if you clear out the cookies it works again. Has anyone else experienced this issue?

A more severe case is that some users are getting logged off everytime when clicking on certain page links. I know what you are thinking- the security is not set up correctly - but I can assure you that is not the issue.

Any ideas or suggestions would be helpful! Thanks in advance

UPDATE: See the 2nd post after this for the answer!

NOTE: Please NO negative posts about this module (you know who you are) - I need constuctive help only!

Re: Windows Authentication for DNN3.0

mcoulter — Wed, 28 Sep 2005 16:50:24 GMT

Thanks for the quick response Nathan.

One thing that I probably should have mentioned is that I really want this to work as an Extranet as well. So I am trying to capture the authentication from the login (Tam's login module) since I want it to operate remotely from the network and domain. An example of something I would like to authenticate is a WebDav page that we use for a "briefcase/backup" solution. I would like for users to log into DNN and then hit a link (or IFrame) that would go directly to their backup folder without having to reauthenticate, which is the current scenerio.

Back to the hidden domain question, is there a way to capture the username from Tam's Authentication Login Page, set a variable up, and tack the domain\+username together and pass that on during the submission?

Regardless I will play with the other ideas Nathan has shared. Thanks again.

Re: Windows Authentication for DNN3.0

nitro001 — Wed, 28 Sep 2005 16:13:59 GMT

To help answer,

1) I don't think there is a way to have them tack on a domain in the front. What I have done for our intranet users is place the site in the
trusted hosts list in Intenet Explorer and it passes the credentials through without any users needing to enter a username/password.

2) Once authenticated, you can work with the user like any other local user for authentication in modules or pages.
Most of my pages are external aspx pages hooked in from an IFRAME module modification of the Links module I wrote, however I reference the dotnetnuke dll and use the authentication. one of the things I use most is:
Dim WebUser As DotNetNuke.Entities.Users.UserInfo = DotNetNuke.Entities.Users.UserController.GetCurrentUserInfo
then you can reference the WebUser object to grab user information, such as email address in WebUser.membership.email.

As for passing credentials to OWA,that's Outlook Web Access right? If the OWA site is a trusted site, it should pick up the AD Authenticaion is that is the method you use, other than that passing on query string. but it has to be something that OWA can interpret on its end.

Nathan

Re: Windows Authentication for DNN3.0

DanBall — Wed, 28 Sep 2005 16:02:55 GMT

mcoulter wrote:
Seeing some days of dormancy I thought I would chime in to see if anyone has some suggestions/solutions for the following...
I am using Tam's Auth tools for a company Intranet. They are working fine in my testing stage but for them to be perfected I need at least two things to happen: 1) I am only getting the login to work with domain\username. I only have one domain and would prefer to "tack on" the domain so that the user doesn't have to add it. 2) I am wanting to pass on the logged credentials to other modules I will work with. Any ideas on an easy way to do that? Does anyone know a way to pass the creditials safely to a link of OWA to have it authenticate automatically?

I have scoured these lists looking for my answers and not found what I've need. So if I have been repetitive at least point me in the right direction. Thanks in advance.

1. No, sorry, the current incarnation of this module doesn't support. It is rumored to be in the next release...

2. Create a DNN Security Role with the same name as an AD group the user is in. Then, when new users log in, they're automatically part of this Security Role, and you can use this to restrict access to modules. Note: The Authentication module (current version) will ONLY populate those Security Roles for new users, it will not syncronize the group membership after the account already exists.

3. No, you cannot pass logon credentials from DNN to OWA... But, if you include the URL of the OWA in your "Local Intranet" group within IE it will log onto OWA without prompting. Of course, that only applies to "Intranet" users...

Re: Windows Authentication for DNN3.0

mcoulter — Wed, 28 Sep 2005 14:23:39 GMT

Seeing some days of dormancy I thought I would chime in to see if anyone has some suggestions/solutions for the following...
I am using Tam's Auth tools for a company Intranet. They are working fine in my testing stage but for them to be perfected I need at least two things to happen: 1) I am only getting the login to work with domain\username. I only have one domain and would prefer to "tack on" the domain so that the user doesn't have to add it. 2) I am wanting to pass on the logged credentials to other modules I will work with. Any ideas on an easy way to do that? Does anyone know a way to pass the creditials safely to a link of OWA to have it authenticate automatically?

I have scoured these lists looking for my answers and not found what I've need. So if I have been repetitive at least point me in the right direction. Thanks in advance.

Re: Windows Authentication for DNN3.0

djbaldwin — Sat, 24 Sep 2005 03:08:56 GMT

sconard wrote:
There should be shame and question (and hopefully introspection) of those who would attempt to level such criticism

level and such are transposed. There is truth in any humor.

Let's get back to collaborating with our 198,393 or so registered users and conquer the planet with our DotNetNukin' efforts!!