Products

Solutions

Resources

Partners

Community

About

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen

HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationServer 2008/IIS 7 IssuesServer 2008/IIS 7 Issues
Previous
 
Next
New Post
7/6/2009 3:04 AM
 

 A number of people have been having issues getting the AD provider working on Server 2008 even when following the documentation. I finally go a chance to setup a 2008 server today and do some testing. Below is what I found.

  1. The IIS 6 Metabase Compatibilty needs to be installed (I installed all but the IIS 6 Management console). Otherwise an error appears on the Settings page an the provider is unable to test whether the site is running under the correct pipeline.
  2. Impersonation has to be used (see the documentation for instructions on using impersonation).
  3. The user used in the impersonation has to be part of the administators group on the server.

I'm hoping to find a way around #3 but that's what I've found so far.

[Moderator edit:] Download page has moved here.

 
New Post
7/6/2009 9:40 PM
 

Thanks Mike. It was giving me a lot of grief and now I can confirm that everything is working perfectly.

I really appreciate all the effort you put into this forum and the module.

Cheers,
Marcus

 
New Post
7/7/2009 7:18 AM
 

Hi Mike,

I have done as you instructed and it finally works fine on DNN 4.9.4 on Winows Server 2008 and IIS7. I tried the same thing on DNN 5.1.0 but it doesn`t work and the following message (as before your new instructions) appears:


This site is currently Unavailable
The Active Directory Provider requires the site to be running
under Full Trust and/or in Classic mode in IIS 7.0
Commenting out the line:
<add name="Authentication" type="DotNetNuke.Authentication.ActiveDirectory.HttpModules.AuthenticationModule, DotNetNuke.Authentication.ActiveDirectory" />
in your web.config will allow you to get the site running until it meets the above requirements.

Could you please try to test with DNN 5.1.0?

Thank you very much,

Marko

 
New Post
7/7/2009 7:40 AM
 

Hi Mike,

my bad. I was to quick by setting new portal so I forgot to modify impersonation in web.config.

Sorry again,

Marko

 
New Post
8/11/2009 2:14 PM
 

Mike,

I tried to disable User Account Control, and then I was able to use the AD Provider by only installing IIS 6 Metabase Compatibility. The user account who runs the AppPool (eg. NETWORK SERVICE) needs write access to the C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files folder, but impersonation and admin privileges are not required.

Is there anyone who can explain, why UAC should be enabled on a server in an Intranet environment, where nobody but (local) administrators may access the server console (directly or remote)?

Best wishes
Michael


Michael Tobisch
DNN★MVP

dnn-Connect.org - The most vibrant community around the DNN-platform
 
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationServer 2008/IIS 7 IssuesServer 2008/IIS 7 Issues


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out