Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Moamen-Jamal 2 posts 22 karma points
    Oct 31, 2022 @ 19:49
    Moamen-Jamal
    0

    Active Directory BackOffice Users in Umbraco 10

    Hello everyone, Is there any way to make active directory integration in Umbraco 10 on the login screen to backOffice without using Azure, Google or any External login provider like OpenID. I searched a lot on this topic, so I found a lot of solutions and packages in the old versions of Umbraco. All I need that I want to override the login screen of backOffice and use my custom Active Directory without using third party middleware like OpenID.

    Copy Link
  • Tim Root 3 posts 71 karma points
    Jan 11, 2023 @ 21:22
    Tim Root
    0

    I created a class that extended BackOfficeSignInManager and overrode it's PasswordSignInAsync(string, string, bool, bool) function. You will also need to include System.DirectoryServices.AccountManagement from NuGet.

    public class ActiveDirectorySignInManager : BackOfficeSignInManager
{
    // there will be a couple constructors that must be present

    public override async Task<SignInResult> PasswordSignInAsync(string username, string password, bool isPersistent,
        bool lockoutOnFailure)
    {
        // umbraco admin account does not use AD.
        if (username == "admin")
            return await base.PasswordSignInAsync(username, password, isPersistent, lockoutOnFailure);

        // validate user in AD
        using var pc = new PrincipalContext(ContextType.Domain, "domain");
        using var adUser = UserPrincipal.FindByIdentity(pc, username);
        if (adUser == null || !pc.ValidateCredentials(username, password))
            return SignInResult.Failed;

        // creates a user account in Umbraco
        var user = await UserManager.FindByNameAsync(username);
        if (user == null)
        {
            var createResult = await UserManager.CreateAsync(BackOfficeIdentityUser.CreateNew(_globalSettings.Value,
                username, "[email protected]",
                "en-US", adUser.Name));

            if (!createResult.Succeeded)
                return SignInResult.Failed;

            user = await UserManager.FindByNameAsync(username);

            if (user == null)
                return SignInResult.Failed;
        }

        await base.SignInAsync(user, false);
        return SignInResult.Success;
    }
}

    Then in the Startup.cs ConfigureServices method, I added a Replace.

    public void ConfigureServices(IServiceCollection services)
{
    services.AddUmbraco(_env, _config)
        .AddBackOffice()
        .AddWebsite()
        .AddComposers()
        .Build();

    services.Replace(new ServiceDescriptor(typeof(IBackOfficeSignInManager),
        typeof(ActiveDirectorySignInManager), ServiceLifetime.Transient));
}

    It's not perfect, there's some functionality I still need to add, but it's a place to start.

    Copy Link
Please Sign in or register to post replies

Write your reply to:

Draft