Forums

Open Support Ticket

Call Support:
Direct: (214) 420-1337
Toll Free: (877) 522-6334

Monday through Friday
8 a.m. to 6 p.m. Central (GMT-6)

Join our Community

Details

12 Replies
0 Subscribers
Postedover 6 years ago

Options

Using Forms to Authenticate against Active Directory

Posted by kwanann

on Wed, Oct 4 2006 5:35 AM

Here's what alot of people have been waiting for, using Forms authentication to login against your company's Active Directory.

Its been tested against CS 2.1, but i believe there should be no problems using it in CS 2.0.

Note that this works only if you are using .NET 2.0 Membership provider, it does not work in .NET 1.x

1. Download the zip file (http://moduleblog.nus.edu.sg/Jeffery.FormsADMemberRole.zip) and extract the dll to Community Server web/bin folder.

2. Changes to be made to config files (those in bold)

Web.config

</authentication>

<add

name="CommunityServerSqlProvider"

type="Jeffery.FormsADMemberRole.CSMembershipProvider, Jeffery.FormsADMemberRole"

connectionStringName="SiteSqlServer"

enablePasswordRetrieval="false"

enablePasswordReset="true"

requiresQuestionAndAnswer="false"

requiresUniqueEmail="true"

passwordFormat="Hashed"

applicationName="dev"

description="Stores and retrieves membership data from the local Microsoft SQL Server database"

maxInvalidPasswordAttempts = "999"

passwordAttemptWindow = "999"

minRequiredPasswordLength = "6"

minRequiredNonalphanumericCharacters = "0"

</providers>

</membership>

communityserver.config

change

<add

name = "MemberRoleProfileProvider"

type = "CommunityServer.ASPNet20MemberRole.CSMemberRoleProfileProvider, CommunityServer.ASPNet20MemberRole"

to

<add

name = "MemberRoleProfileProvider"

type = "Jeffery.FormsADMemberRole.CSMemberRoleProfileProvider, Jeffery.FormsADMemberRole"

inside <extensionModules>

add the following section

<add name="FormsADAuthentication"

extensionType="Security"

type="Telligent.CommunityServer.Security.FormsAuthentication, Telligent.CommunityServer.SecurityModules"

allowAutoUserRegistration="true"

userEmailAddressCookie="CSUserEmailAddress"

useEncryptedEmailAddressCookie="false"

adminWindowsGroup="Administrators"

adminWindowsGroupIsSystemAdministrator="true"

stripDomainName="true"

emailDomain="@nus.edu.sg"

Domains="stf.nus.edu.sg,stu.nus.edu.sg"

I believe most of the fields are self-explainatory, please feedback if there's any errors or any suggestions, thanks!

Updates on 10 May 2007:

Updated link as the server went down
Source code provided, should work for CS 2.x series

Posted by Gary McPherson

on Wed, Oct 4 2006 10:21 PM

Currently looking for a solution to allow mixed authentication against AD and the CS db. If this could work in such a scenario, then I'd be very interested.

Posted by puthuppu

on Thu, Oct 5 2006 10:58 AM

This is great! I am wondering though if it is posible to limit registration based on AD groups? That would really be ideal for me. Unauthenticated content visible to everyone and autoregistration and content editing available to certain groups.

If it is not able to do this is there any possiblity you could share you code so that we may attempt to add these features?

Thanks for this contribution!

Posted by kwanann

on Mon, Oct 9 2006 5:07 AM

Dear all,

there has been a few downloads of this component in the past few days, just keep the feedback coming, i will consolidate them and get them into the next version.

Do let me know if you encounter any bugs so that i can get them fixed

PS: this is only a trial component that i wrote to solve the ad login problem which cs inherently has. this is not the final source as yet Smile

Posted by jcarlosbo

on Mon, Oct 9 2006 8:46 PM

Hi!

This is really helpful but I was wondering if it is possible to obtain the source code for it. This would help if there is any quick fix that has to be implemented and I can review it as well.

Thanks!!

Visit my personal site

Posted by kwanann

on Tue, Oct 10 2006 11:51 PM

Hi all,

wanted to code some of the feedbacks but no time.. so here's the source codes

http://137.132.1.150/Jeffery.FormsADMemberRolesrc.zip

Updates: This link no longer works, refer to the top thread for the source code files. Users who just want the dll, its in \bin\Release\Jeffery.FormsADMemberRole.dll

Posted by smbaas@archomaha.org

on Thu, Dec 28 2006 1:59 PM

Thanks for this module kwanann, I am having a problem with users who are not in AD but have set up an account. Once they have logged off after the initial setup of there account it does not allow them to back in. It seems it only is looking to AD to authenticate the users and if that fails it does not check the CS database.

Is this supposed to allow for fallback to the CS database if the user is not found in Active Directory?

Thanks

Posted by naijacoder

on Thu, Dec 28 2006 8:46 PM

Hi kwanann,
Thanks for the interesting Assembly.
I have downloaded the Dll and i have hooked it up under the web/bin folder.And i have also
changed the configuration files as you stated.But i keep geting error

"MemberUserRoleProvider Provider Type Jeffery.FormsADMemberRole.CSMemberRoleProfileProvider, Jeffery.FormsADMemberRole could not be loaded"

Any ideas what could be wrong?
Thanks in adv.
Patrick

Posted by kwanann

on Wed, May 9 2007 8:44 PM

Dear naijacoder,

Which version of CS are you using? I've developed this for CS 2.x series. never tried on the latest 2007 version.

However i've attached the source, so if you are interested, you can modify it from there

Posted by kwanann

on Wed, May 9 2007 8:46 PM

Dear smbass,

I've attached the source code. The point in question can be found @ new public bool ValidateUser(string Username, string Password)

            foreach (string Domain in Domains)
            {
               if (LDAP.AuthenticateUser(Username, Password, Domain))
               {
                  return true;
               }
            }
            return false;

based on this code, if i'm unable to authenticate the user against any of the domains, it will return false. You can easily configure the fallback here so that it will do a cs local users check. Can't really remember the code since its almost a year back since i touched this sdk..

Posted by justindrerup

on Sat, Feb 23 2008 2:28 PM

Is this information still current?

I want to use forms authentication and authenticate against active directory. I'm under the impression that I need to purchase AD support from Telligent however the module mentioned in this post seems to be a 3rd party?

I can't find any documentation about configuring CS to use AD - when I download the 'security modules' pack there appears to be nothing mentioned about active directory?

Looking for a little bit of guidance... Thanks.

Posted by Ken Robertson

on Mon, Feb 25 2008 1:11 PM

The Active Directory integration we currently provide is through IIS as SSO. The AD authentication is done through the Windows Authentication module, since they are affectively the same thing. It doesn't provide forms auth though, since as I said, it targets SSO.

With CS 2008, we are adding support LDAP authentication, including an LDAP forms authentication module. With it, it could connect to AD through LDAP and authenticate a user that way.

Posted by gxxg

on Mon, Mar 17 2008 3:55 PM

Quite interested in the LDAP support with Form authentication in 2008. I have downloaded and installed the beta 1 but could not find anything about it though. Could any one shed light on this pls?

Forums

Community Server Add-Ons Archive (read only)

Using Forms to Authenticate against Active Directory

Web.config

communityserver.config

change

to

inside <extensionModules>