Setting up Dotnetnuke (DNN) to work with Active Directory

By -

Setting Up Active Directory Integration with DotNetNuke

Seems like enough people ask, and the information is hidden enough around the DNN AD forum that this information could be posted in one place.  These are the steps I take to get my DNN AD integration to work every time.  I have never had it fail.  I hope you find it helpful.  Now if you are setting up your AD in Mixed-Mode most likley this little write up isn't for you.

The setup process is a three step process.  The first step is done from within DNN.  The second step takes place in DNN’s web.config file.  The final step takes place in IIS.

  1. Within the DNN Website
    1. Login as Admin or Host to your DNN website.
    2. After login go to
                                                              i.   the Admin tab
                              ii.  and then select Authentication
    1. You will now see the Active Directory Setup Screen.
    2. Fill out the screen as follows.
                                                              i.            Windows Authentication?
A.      Check the Box
                                                            ii.            Synchronize Role?
A.      If you want your users AD Roles to synchronize with DNN then check this box.  In order for the synchronization to occur you must create the AD Roles you want synchronized in Dotnetnuke.
                                                          iii.            Provider
A.      I always use ADSIAuthenticationProvider
                                                           iv.            Authentication Type
A.      I always use Delegation
                                                             v.            Root Domain:
A.      Type
a)      DC=Domain_Name
b)      Where Domain_Name equals the name of your Active Directory Domain.
                                                           vi.            User Name:
A.      The User Name is the name that DNN will use to query Active Directory with.  I generally use a special account that I created that has Administrator level access to Active Directory.
B.      Type
a)      Domain_Name\Domain_Access_User
b)      Domain_Name is equal the name of your Active Directory Domain.
c)      Domain_Access_User is equal to the Active Directory account user that will be used to query Active Directory by Dotnetnuke.
                                                         vii.            Password:
1.      The password for the Domain_Access_User account.
                                                       viii.            Email Domain:
1.      I always put the Domain Name for my email.
2.      Example
a.      google.com, acme.org, etc
    1. Click Update
    2. After you click Update text will appear at the top of the screen letting you know if you have everything setup correctly.


  1. Within the Web.config file
    1. Use your Windows Explorer to locate the root install of your Dotnetnuke website files.
    2. Open web.config in a text editor.  Notepad works well.
    3. Find the line that looks like this
                                                               i.     
    1. Change the above line of code to look appear as follows
                                                               i.      < add name="Authentication" type="DotNetNuke.HttpModules.AuthenticationModule, DotNetNuke.HttpModules.Authentication" />
    1. Save the file

  1. Within IIS
    1. Go to the IIS server that is running your Dotnetnuke installation.
    2. Manage your IIS server.
                                                              i.      Right-click “My Computer”
                                                            ii.      Left-click “Manage”
                                                          iii.      In the “Computer Management” window click the “+” next to “Services and Applications”.
                                                           iv.      Click the “+” next to “Internet Information Services (IIS) Manager”
                                                             v.      Click the “+” next to “Web Sites”
                                                           vi.      Click the “+” next to the name of your Dotnetnuke Installation
                                                         vii.      Click the “+” next to “Admin”
                                                       viii.      Click on the folder named “Security”
                                                           ix.      In the right hand window right-click “WindowsSignin.aspx”
                                                             x.      Left-click properties.
    1. In the properties Window of WindowsSignin.aspx click on the “File Security” tab.
    2. In the frame titled “Authentication and access control” click the “Edit” button.
    3. Make sure that “Enable anonymous access” is NOT checked.
1.      If it is checked, uncheck it.
    1. Make sure that a check appears next to
1.      “Integrated Windows Authentication”
    1. Click the “OK” button.
    2. Click the “OK” button on the “WindowsSignin.aspx Properties” window.
    3. Close the “Computer Management” window.
  1. Testing
    1. Open up Internet Explorer on a computer that can access your Dotnetnuke website and is on your Active Directory domain.
    2. Accessing the website should log you in.
    3. Congratualtions!
  1. Troubleshooting
    1. If you are not automatically logged into IIS you might try the following.
i.           Go to your IIS Server
1.           Click the “Start Button”
2.           Click “Run”
3.           Type “iis reset” to reset the IIS server.
ii.                  Try navigating your web browser to http://website_name/admin/security/WindowsSignin.aspx
1.      Where website_name equals the name of the server or DNS name that your Dotnetnuke installation is installed at.
Check out the Active Directory Forums over at Dotnetnuke.

Comments

matu said…
Hi, Does the server that DNN is installed on need to be part of the domain?
August 3, 2015 at 2:27 PM
Janet S. Campbell said…
Nice Post! Thanks for sharing this information. I tried to setup active directory but, it was too complex for me to do it. From this post I've learned it very well so thanks for that.
July 18, 2017 at 10:38 PM
Anonymous said…
I would like to say that this blog really convinced me, you give me best information! Thanks, very good post. Dotnetnuke Web Services
November 17, 2017 at 11:20 PM
James David said…
Great piece of content. I like it. Thanks for sharing with us.
December 28, 2018 at 3:43 PM
Post a Comment

Popular posts from this blog

SQL Server 2016 TDE ( Transparent Data Encryption)

By -
Image
Transparent Data Encryption is designed to protect data by encrypting the physical files of the database, rather than the data itself These physical files include the database file (.mdf), the transaction log file (.ldf) and the backup files (.bak). Its main purpose is to prevent unauthorized access to the data by restoring the files to another server.  With Transparent Data Encryption in place, this requires the original encryption certificate and master key. The protection of the database files is accomplished through an encryption key hierarchy that exists externally from the database in which TDE has been enabled. The service master key exists at the instance level. The database master key and certificate at the Master database are used to protect the database encryption key that is located at the user database The dependency upon the encryption key hierarchy in the Master database, as well as the instance, prevents the database files from being restored to an instan
Read more

jQuery Tips for DotNetNuke Developers

By -
Image
Make sure you call jQuery.noConflict();. This is necessary to not cause other client scripts and libraries to run errors. This is due to the fact that other client scripts might be using the $ designator for a JavaScript class. [jQuery.noConflict(); documentation] If manually adding jQuery, try to load the jQuery library in the header before all others. Not doing this can lead to the jQuerylibrary not being loaded before another client script or library tries to use it. This is especially true of jQuery plugins. Always call the jQuery core methods using the jQuery() format. This is related to the previous issue. Check the jQuery plugin source code. Not all jQuery plugins use the long form of calling jQuery. This can result in errors if you have called jQuery.noConflict();. In DNN 5+, register jQuery. DNN 5+ allows module developers to register jQuery to be loaded only when modules need it. Just callDotNetNuke.Framework.jQuery.RequestRegistration(). This prevents jQuery f
Read more