Active Directory Membership With Identity Server Role Provider
Hi everyone,
My initial question is - Can I use an active directory membership provider for my user store with the default role provider within geocortex identity server?
The documentation doesn't explicitly say we can mix and match. I got it working as far as allowing me to search for users in AD but GE won't let me add roles to them which is why I ask the question above.
GE Version 4.0.2
Thanks for your time
-
Bumping this one with an update...
GE Version 4.1.1 - Issue persists
Extending on the earlier post the error I'm getting is "The user ('username@domain.local') was not found." I can open a role and click on a user when the autocomplete comes up but when I press "Ok" I get that error. It seems like they integrate but I can't be sure if this is a bug or something which isn't possible. I would think that it would error as bad configuration if it wasn't meant to work this way.
Any thoughts?
0 -
Hi Matt,
In response to your first question. The Default Role Provider cannot be used with the Active Directory Membership Provider. The Default Role Provider is an out-of-the-box ASP.NET component that requires the users and roles to be stored together. We added a note about this in the 4.1 Administrator Guide. You can however use the Xml Role Provider with the AD Membership Provider.
--Ryan
0 -
Thankyou Ryan,
Active directory users with XML roles works great with silverlight viewer 2.2.
It's annoying that the user has to enter their full domain login eg. (mattr@corp.local) . A lot of users need instructions on how to enter their details.
Also the remember me button doesn't work. Users are never remembered for the login page.
0 -
Hi Rayan,
I am trying to add windows security but It faild to work on my site permissions and when I tried to log in to my http://gistec-rml.gistec.com/Geocortex/IdentityServer/account/signin i got
Sign In was unsuccessful. Please correct the errors and try again. Incorrect credentials or no authorization.
and in my site I can not use the windows Integrated options as well , only local group is working.
/customer/servlet/servlet.FileDownload?file=00P6000000elznPEAQ
can you provide me with a tips to fix this issue, my current version is 4.1.2
- my connection settings I added
<add name="ADConnString" connectionString="LDAP://myserver/cn=Users,DC=gistec,DC=com"/> or I should add the myserver.gistec.com
<add name="ADRolesConnString"
connectionString="LDAP://myserver/CN=Users,DC=gistec,DC=com" />- membership I added
<add name="ActiveDirectoryMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider"
connectionStringName="ADConnString"
connectionUsername="GISTEC\myname"
connectionPassword="PWD"
attributeMapUsername="sAMAccountName"
enableSearchMethods="true" />- RoleManager
<roleManager enabled="true" defaultProvider="ActiveDirectoryRoleProvider">
<providers>
<add name="DefaultRoleProvider"
type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
connectionStringName="ProviderDB"
applicationName="/" />
<add name="XmlRoleProvider"
type="Geocortex.IdentityServer.Integration.Membership.XmlRoleProvider, Geocortex.IdentityServer.Integration"
userList="App_Data/GlobalSecurityProvider.xml" />
<add name="ActiveDirectoryRoleProvider"
type="Geocortex.IdentityServer.Integration.Membership.ActiveDirectoryRoleProvider, Geocortex.IdentityServer.Integration"
activeDirectoryUsersConnectionString="ADConnString"
activeDirectoryGroupsConnectionString="ADRolesConnString"
securityGroupsOnly="false"
groupsToUse="*team;Ad*" />
</providers>
</roleManager>my application pool to user
/customer/servlet/servlet.FileDownload?file=00P6000000elzghEAA
Thank You
Ramla
0
Please sign in to leave a comment.
Comments
4 comments