Hi, Just a quick note to say this authentication package, doesn't work with users in multiple domains.
it's a bit of a pain but the .net ActiveDirectory Management libraries don't search across your global catalouge but accorss the domain. this means as hte package is written using these libraries it cannot search outside of one single domain.
I am looking at a few options to fix this, the main one being moving back to the core active directory class library to do the leg work, the only that provider doesn't "easily" work for nested groups.
If anyone has an issue with multiple domains in a forest and wants to help / test please drop us a line.
At UCSF, our actual Active Directory structure is a multiple domain environment that includes UCSFMC, CAMPUS and SOM. 75% of our BackOffice Umbraco users are in the UCSFMC domain. The rest are either are in SOM or CAMPUS domain.
We are looking at implementng AD using your back office extension. We would love to help/test a multi-domain solution out.
Here is our site specs:
System: Umbraco Version - 4.7.1 ,Windows Server 2008 – 8gb memory – 4 Zeon 2.27Ghz processors service pack 1 – 64 bit OS , IIS version 7.5.7600.16385, SQL Server 2008 R2, Stacktrace - N/A
Pls let us know when you have something for us to test.
Richard N. Barg, JD, MBA
Director of Strategic Development,
Thoracic Oncology Program
Director of Web Strategy and Development, Department of Surgery, University of California, San Francisco
We are currently working on a multiple domain solution in our office - hopefully that will be working very soon for us, and then we might do a second package. for multiple domains. I'll post an update soon.
Are you logging on users or members - so are people logging onto the umbraco backend '/umbraco/ or are you logging people onto the site ?
This package was written for the membership (so that's people logging into the website, for things like forums, and members areas). It was also written for v4 umbraco - but will probably work for v6.
if you are using the Active Directory provider stuff for the backend (/umbraco/) and you have multiple domains, then I think the standard asp.net membership providers don't work across multiple domains for certain setups. (it's all to do with one-way / two-way trusts and AD forests).
I think to login across multiple back end domains you may need to either tweak your domain setup in some way, or write a custom membership provider to work for your domains (you need to programmatically provide ways for umbraco to see all domains so it can authenticate people against any of them)
Here providing Additional information to Mukesh qustion. We have given the access to Business people on Staging environment for updating the Content and Uploading the images on Media section. Few business users are getting problem to login into the umbraco environmnet. We are providing the access based on their lan id.
With the custom user name and password they are able to login without any issue. They are unable to login, if user has created with LAN id (only for few users.)
Working with Multiple Domains
Hi, Just a quick note to say this authentication package, doesn't work with users in multiple domains.
it's a bit of a pain but the .net ActiveDirectory Management libraries don't search across your global catalouge but accorss the domain. this means as hte package is written using these libraries it cannot search outside of one single domain.
I am looking at a few options to fix this, the main one being moving back to the core active directory class library to do the leg work, the only that provider doesn't "easily" work for nested groups.
If anyone has an issue with multiple domains in a forest and wants to help / test please drop us a line.
Hi Kevin,
At UCSF, our actual Active Directory structure is a multiple domain environment that includes UCSFMC, CAMPUS and SOM. 75% of our BackOffice Umbraco users are in the UCSFMC domain. The rest are either are in SOM or CAMPUS domain.
We are looking at implementng AD using your back office extension. We would love to help/test a multi-domain solution out.
Here is our site specs:
System: Umbraco Version - 4.7.1 ,Windows Server 2008 – 8gb memory – 4 Zeon 2.27Ghz processors service pack 1 – 64 bit OS , IIS version 7.5.7600.16385, SQL Server 2008 R2, Stacktrace - N/A
Pls let us know when you have something for us to test.
Richard N. Barg, JD, MBA
Director of Strategic Development,
Thoracic Oncology Program
Director of Web Strategy and Development, Department of Surgery, University of California, San Francisco
(415) 425-1483
[email protected]
http://top.ucsf.edu/
http://www.surgery.ucsf.edu/
"If anyone has an issue with multiple domains in a forest and wants to help / test please drop us a line"
We'll be happy to help as we need this feature. You can contact me at:
Richard N. Barg, JD, MBA
Director of Web Strategy and Development,
Department of Surgery,
University of California, San Francisco
[email protected]
Hi Richard,
We are currently working on a multiple domain solution in our office - hopefully that will be working very soon for us, and then we might do a second package. for multiple domains. I'll post an update soon.
- Kevin
Hi,
I read your points above. I am having issue with two domains windows login to Umbraco.
I posted my question to Umbraco Forum but no help. here is the link https://our.umbraco.org/forum/using/ui-questions/72676-login-issue-on-umbraco-621
Please try to help me!
Hi,
Are you logging on users or members - so are people logging onto the umbraco backend '/umbraco/ or are you logging people onto the site ?
This package was written for the membership (so that's people logging into the website, for things like forums, and members areas). It was also written for v4 umbraco - but will probably work for v6.
if you are using the Active Directory provider stuff for the backend (/umbraco/) and you have multiple domains, then I think the standard asp.net membership providers don't work across multiple domains for certain setups. (it's all to do with one-way / two-way trusts and AD forests).
I think to login across multiple back end domains you may need to either tweak your domain setup in some way, or write a custom membership provider to work for your domains (you need to programmatically provide ways for umbraco to see all domains so it can authenticate people against any of them)
Kevin
I want it for Umbraco user so the login user can update the content.
Thanks
Hi Kevin,
Here providing Additional information to Mukesh qustion. We have given the access to Business people on Staging environment for updating the Content and Uploading the images on Media section. Few business users are getting problem to login into the umbraco environmnet. We are providing the access based on their lan id.
With the custom user name and password they are able to login without any issue. They are unable to login, if user has created with LAN id (only for few users.)
Thank for your support.
Regards, Krishna
is working on a reply...