Active directory group permissions

Re:Active directory group permissions (Guest)

Thu, 11 Feb 2010 12:27:56 GMT

Nevermind, I got it.

Re:Active directory group permissions (Guest)

Thu, 11 Feb 2010 12:24:46 GMT

How do I regiter my email.... I tried filling out the form but I dont have a Share number?

Re:Active directory group permissions (Samuel)

Wed, 10 Feb 2010 12:08:30 GMT

Hi,

See this page:

http://www.aspplayground....-Download-m397434.aspx

Re:Active directory group permissions (Guest)

Wed, 10 Feb 2010 11:14:43 GMT

We are definatley interested in purchasing this forum package. We would like to test it out first...Do you supply and trial or timed license that we can try first?

Re:Active directory group permissions (Samuel)

Tue, 09 Feb 2010 09:08:23 GMT

Yes, you can easily disable the Gallery as there is a setting in the Gallery section of the Admin CP to turn off all galleries.

For PM, you can set the "Max # of PM allowed" to 0 in the admin CP -> Site Wide Options -> User Features 1/2 to disable the ability to send / read PM.

Re:Active directory group permissions (Guest)

Tue, 09 Feb 2010 08:07:03 GMT

Samuel

Hi,

I can only provide limited support for Ad integration. AD integration is provided with our software's native support of the membership provider interface (by default, ASP.NET ships with 2 membership provider, SQL Membership Provider and AD Membership Provider).

To enable AD integration, the only things you need to know / do are:

The Admin username and password that has the privilege to read the AD store;
Configure the software's web.config file with essential info so that the software can read the AD store:
(beginning step 4)
There is nothing else you need to do to achieve AD integration. Most problems people have are due to insufficient privilege with their admin account.

Sounds great. Is it possible to diasble features such as PM and gallery? This will be a corporate bulletin board and I have no need for some of the features and would like to disable them.

Re:Active directory group permissions (Samuel)

Mon, 08 Feb 2010 15:46:35 GMT

Hi,

I can only provide limited support for Ad integration. AD integration is provided with our software's native support of the membership provider interface (by default, ASP.NET ships with 2 membership provider, SQL Membership Provider and AD Membership Provider).

To enable AD integration, the only things you need to know / do are:

The Admin username and password that has the privilege to read the AD store;
Configure the software's web.config file with essential info so that the software can read the AD store:
http://blogs.msdn.com/gdu...2005/08/17/452905.aspx (beginning step 4)

There is nothing else you need to do to achieve AD integration. Most problems people have are due to insufficient privilege with their admin account.

Re:Active directory group permissions (Guest)

Mon, 08 Feb 2010 12:15:30 GMT

Samuel

Hi,

Yes, when you set up Ad Membership provider in web.config, the software can authenticate against your AD store and automatically create a user record in the forum db. By default users will be seen as guests unless users log in through the forum's login page (which connects to AD to verify user identity).

So yes, what you are saying is correct.

I new to .asp. All of the forum I have set up in the past are.php based. Do you supply support for setting up the AD scenario that was supplied. I have read throw the support posts on setting it up but I am not clear on the entire process. I would need some assistance setting up the authentication. Is the something you provide?

Thanks.

Re:Active directory group permissions (Samuel)

Mon, 08 Feb 2010 10:40:32 GMT

Hi,

Yes, when you set up Ad Membership provider in web.config, the software can authenticate against your AD store and automatically create a user record in the forum db. By default users will be seen as guests unless users log in through the forum's login page (which connects to AD to verify user identity).

So yes, what you are saying is correct.

Re:Active directory group permissions (Guest)

Mon, 08 Feb 2010 08:51:50 GMT

Samuel

If you would like to enable anonymous access + AD integration, you will need to configure AD Membership provider:

And then you can configure a few forums that support Guest posting.

So your saying that when one of my users connects to a forum that is set up for guest access, they can post anonymously or have the option to sign in against AD at that point? I just want to verify that the user will browse all pages as a guest by default and then have the option to click a "login button" some where on the page and authenticate to AD if the wish to post as themselves.

TIA

Re:Active directory group permissions (Samuel)

Fri, 05 Feb 2010 13:27:31 GMT

If you would like to enable anonymous access + AD integration, you will need to configure AD Membership provider:

http://www.aspplayground..t/forum/fb.ashx?m=402243

And then you can configure a few forums that support Guest posting.

Re:Active directory group permissions (Guest)

Fri, 05 Feb 2010 11:57:53 GMT

Is it possible to have users that are logged into AD on there PC enter the forum as a guest and then manually log into the forum against AD if they choose? We really would like to have anonymous posting as the default and the option to log in against AD and post with credentials.

Re:Active directory group permissions (Samuel)

Tue, 10 Nov 2009 13:42:21 GMT

If you wish to use Windows Authentication without AD provider, the solution is to:

Configured IIS for Windows Integrated Authentication
Leave ASPPlayground configured with the default configuration. That is Forms based authentication and using the SQL Server DB as the membership store.
1. Make sure you don't use “No Action – Must Register First” option under ASPPlayground Admin Control Panel, User Features 1/2, Guest Permission
Add members to ASPPlayground so that the membership table for the forum is populated (simply use the Fast Member Import feature in the AdminCP). The Login value must match the users Active Directory (AD) account name.

Add a small section of code to the Default.aspx.vb file as follows:

 
     Protected Sub Page_PreInit(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.PreInit      
         Integer.TryParse(Request.QueryString("forumid"), RequestedForumID)      
         If Not User.Identity.IsAuthenticated Then      
             Dim strUsrNm As String      
 
             'Build a string containing the AD account name of the Windows Authenticated user      
             strUsrNm = Request.ServerVariables("LOGON_USER")      
             strUsrNm = Mid$(strUsrNm, InStr(1, strUsrNm, "\") + 1)      
             'Create the authentication ticket and add it to the cookie collection      
             FormsAuthentication.SetAuthCookie(strUsrNm, False)      
             'refresh the current page so the it displays “Welcome <username>”      
             Response.Redirect(Me.Request.Url.ToString)      
 
         End If      
     End Sub

Re:Active directory group permissions (Samuel)

Fri, 14 Aug 2009 14:42:57 GMT

It is ok. Thanks for your patience as well.

And no, it is not going to affect anything with AD membership provider. Maybe you can put it back as:

If mu IsNot Nothing AndAlso mu.IsLockedOut Then mu.UnlockUser()

See if it produces any error. This might be a better choice then commenting out the entire line.

2 questions for you: Is your SAM store on the same machine as the forum? Are you using IP address or domain name for your LDAP string?

Re:Active directory group permissions (jsereda)

Fri, 14 Aug 2009 13:21:04 GMT

Thanks, that worked. I put an # instead of a '.
Like I said, this is new stuff for me.
But again, thanks for taking the time to help me with this.
Will commenting that part out, have any effect on anything that I should be worried about?