Products

Solutions

Resources

Partners

Community

About

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen

HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationUsing DNN with Windows Server 2008 R2 w/AD AuthenticationUsing DNN with Windows Server 2008 R2 w/AD Authentication
Previous
 
Next
New Post
1/5/2011 1:43 PM
 
I searched for days on this topic myself and never found an answer, so I wanted to post my findings here to help someone else out.

Almost a year ago, people were talking about Server 2008, and how AD authentication didn't work properly.  So, I set up a new 2008 R2 server, installed DNN, it worked good.  So, I then installed the Active Directory Authentication Provider, and that too worked flawlessly.  I did that to prove a point that you didn't need all the fancy configurations that set the server back in IIS6 mode, and you didn't need the kludge of Impersonation to get it working.

So far, so good.  I deleted that server after awhile, because we were still running DNN on another server and I wasn't prepared to migrate over...

Last week, I finally did the change over to an 2008 R2 server.  Since our DNN install was on a seperate SQL server, I was able to just copy over the files and it started working.    I had to do a litlte bit of configuring with the AppPools and and permissions, but all-in-all I got it over and running on the new server pretty quickly. 

All was working that is, except the AD authentication, which was quite annoying because I had it working a few months earlier.  I played around with it a bit, and discovered that I could log into the server manually, so I knew it was configured properly.  I tried the WindowsSignIn.aspx link, and was able to log in that way, but I could not get it to automatically log in no matter what I did.  I searched all over the Internet, in this forum, etc.  Nobody had a good answer on this.  I tried every suggested configuration, even the impersonation, nothing helped.  Finally, I noticed that every time I made a change in IIS, it modified the web.config file with the changes.  I didn't realize that IIS did that, so I played around with it a bit with various settings, and got it all working.

So, to get it working...
-No impersonation is needed.
-You don't need to use the .Net Classic or Default AppPool, you can create your own if you want (must the v2.0 or higher framework)
-The AppPool can be set to use any identity you want, as long as that identity has proper permissions to the DNN folder.
-The AppPool "has" to be set on Classic Mode (not Integrated) to have auto-login work properly.

Summary: The reason I could not get these settings working was because IIS kept modifying my web.config file!   It didn't seem to matter what setting I had, even if they were the right ones, because the web.config file was modified.  Those changes never took effect, or conficted with other changes, leaving the web.config in a big mess.   To fix it, I had to change the IIS settings first, and then copy over a clean copy of the web.config file to get it working.

Hope this post helps someone else that runs into this same problem...
 
New Post
1/5/2011 5:58 PM
 
I'll so some testing myself to see if I can also get it to work this way.
 
New Post
2/8/2011 10:46 PM
 
Finally got a chance to test this Dan. Worked like a charm for me. Thanks.
 
New Post
2/11/2011 3:26 PM
 
Good to hear!
 
New Post
9/23/2011 2:26 PM
 
Mike,

I am sure you saw my other post from earlier. This is me poking away at it more. I found this and it initially seemed promising. I did reinstall DNN and reconfigured everything. Like the other poster here indicates, I can manually login using Windows Authentication from the home page's Login link or using desktopmodules/authenticationservices/activedirectory/windowssignin.aspx. Like the other guy, I know AD Auth works. I took his advice and changed the app pool to Classic.net at the web site level (basic settings) but when I go to the main site, I get a DNN page telling me the site is unavailable. When I go to /windowssignin.aspx I get a 401 Unauthorized. Changing the app pool back to 'Default Web Site' brings me back to normal.
What am I missing here?

Thanks,

Mike S
 
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationUsing DNN with Windows Server 2008 R2 w/AD AuthenticationUsing DNN with Windows Server 2008 R2 w/AD Authentication


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out