[FAQ]Windows Authentication without AD membership provider

APGvNext Sam
vNext Dev
  • Total Posts : 13227
  • Joined: 2001/05/23 00:00:00
  • Status: offline
2013/02/21 04:26:49 (permalink) Authentication

Windows Authentication without AD membership provider

If you wish to use Windows Authentication without Active Directory membership provider, please complete the following step:
  1. Configured IIS to enable Windows Authentication and disable Anonymous Authentication & Forms Authentication;
  2. Make sure you check "Everyone needs to be registered and logged in" under section "Registration / Login" in the Admin Control Panel.
  3. Import members to the forum db so that the membership table contains your domain users. The easiest way to import members is to use the "Batch Member Import" feature in the AdminCP. The Login value must match the users NTLM account name (e.g. domain\username), but password can be anything because it's not used in this mode.
    1. If you need to modify existing user's login to match the Active Directory, you can do so by executing the following SQL statement against your database:
      Update pgd_Members set Login = @domainAndUsername Where Mem = @memberID
    2. If you want to use simple username instead of domain\username, then add this key to ~/config/appSettings.config
      <add key="windowsAuthenticationMapUsername" value="sAMAccountName"/>
  4. Do NOT mix this method with the AD Membership Provider integration method. In other words, make sure you
    1. do NOT add any AD membership provider information in forum's ~/web.config, and
    2. do NOT set EnableMembershipIntegration key to true in ~/config/appSettings.config.
post edited by APGvNext Sam - 2013/08/06 08:52:25

Attached Image(s)

Jump to:
© 2019 APG vNext Commercial Version 5.5