I've succesfully added AD as provider for backoffice authentication, but right now all users in the AD can log into the backoffice. I was wondering if there's any way, I can restrict the users, who have acces to the back office to an AD group?
I have never tried it on an umbraco site, but maybe you can use the authorization section on the back-office directories/files in the web.config? So something like
I am struggling to do AD integration with umbraco.Can you help me with detail steps you followed for AD integration. I have followed the below steps, can you please point anything that is not configured correctly or needs to be added so that AD integration works.
ยทThe user from AD directory needs to be authenticated before the user logins to Umbraco CMS backoffice.
This is the structure currently in AD directroy
Y IS LDAP SERVER address
DC=A,DC=COM ou=B ou=C ou=Groups
cn=testgroup ou=Users cn=testuser
The user resides inside ou=Users with name as testuser. The user is added inside "testgroup" group under ou=Groups.
We have made the following changes in web.config of file
1)Added the following changes in <connectionStrings> of web.config file <connectionStrings> <add name="ADConnectionString" connectionString="LDAP://Y:389/OU=Users,OU=C,OU=B,DC=A,DC=com" /> </connectionStrings>
2) Added the following changes in <providers> of web.config file <membership defaultProvider="MyADMembershipProvider" userIsOnlineTimeWindow="15"> <providers> <clear /> <add name="MyADMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADConnectionString" connectionUsername="domain\username" connectionPassword="password" attributeMapUsername="sAMAccountName"/>
The issue we are facing is when the user tries to login with username: domain\username and password: password at umbraco login interface. It focus back to username and password field highlighted in red.
Back Office Active Directory integration
I've succesfully added AD as provider for backoffice authentication, but right now all users in the AD can log into the backoffice. I was wondering if there's any way, I can restrict the users, who have acces to the back office to an AD group?
My Web.config
My umbracoSettings.config
Hi Rasmus,
I have never tried it on an umbraco site, but maybe you can use the authorization section on the back-office directories/files in the web.config? So something like
Hope this works/helps.
Cheers,
Michael.
It doesn't do it. Tried a few options, but nothing really seemed to work.
Hi Rasmus,
I am struggling to do AD integration with umbraco.Can you help me with detail steps you followed for AD integration. I have followed the below steps, can you please point anything that is not configured correctly or needs to be added so that AD integration works.
ยท The user from AD directory needs to be authenticated before the user logins to Umbraco CMS backoffice.
This is the structure currently in AD directroy
Y IS LDAP SERVER address
DC=A,DC=COM
ou=B
ou=C
ou=Groups
cn=testgroup
ou=Users
cn=testuser
The user resides inside ou=Users with name as testuser. The user is added inside "testgroup" group under ou=Groups.
We have made the following changes in web.config of file
1)Added the following changes in <connectionStrings> of web.config file
<connectionStrings>
<add name="ADConnectionString" connectionString="LDAP://Y:389/OU=Users,OU=C,OU=B,DC=A,DC=com" />
</connectionStrings>
2) Added the following changes in <providers> of web.config file
<membership defaultProvider="MyADMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<clear />
<add name="MyADMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADConnectionString" connectionUsername="domain\username" connectionPassword="password" attributeMapUsername="sAMAccountName"/>
<add name="UmbracoMembershipProvider" type="umbraco.providers.members.UmbracoMembershipProvider" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="Another Type" passwordFormat="Hashed" />
<add name="UsersMembershipProvider" type="umbraco.providers.UsersMembershipProvider" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" passwordFormat="Hashed" />
</providers>
</membership>
3) Added the assembly System.Web used in MyADMembershipProvider in assemblies section of web.config.
<compilation defaultLanguage="c#" debug="false" batch="false" targetFramework="4.0">
<assemblies>
<!-- ASP.NET 4.0 Assemblies -->
<add assembly="System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
<add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<add assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Xml.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<add assembly="System.Data.DataSetExtensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<add assembly="System.Web.Extensions.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</assemblies>
Made following changes in umbracoSettings.cfg file
<providers>
<users>
<DefaultBackofficeProvider>MyADMembershipProvider</DefaultBackofficeProvider>
</users>
</providers>
The issue we are facing is when the user tries to login with username: domain\username and password: password at umbraco login interface.
It focus back to username and password field highlighted in red.
Thanks,
Azam
is working on a reply...