Intranet Windows Authentication

Post here for help with installing or upgrading mojoPortal pre-compiled release packages. When posting in this forum, please provide all relevant details. You may also want to review the installation or upgrading documentation.

If you have questions about using the source code or working with mojoPortal in Visual Studio, please post in the Developer forum.

Post here for help with installation of mojoPortal pre-compiled release packages

When posting in this forum, please try to provide as many relevant details as possible. Particularly the following:

  • What operating system were you running when the bug appeared?
  • What database platform is your site using?
  • What version of mojoPortal are you running?
  • What version of .NET do you use?
  • What steps are necessary to reproduce the issue? Compare expected results vs actual results.

You may also want to review the installation or upgrading documentation.

If you have questions about using the source code or working with mojoPortal in Visual Studio, please post in the Developer forum.

This thread is closed to new posts. You must sign in to post in the forums.
10/29/2014 5:33:48 PM
Gravatar
Total Posts 55

Intranet Windows Authentication

Joe,

Quick question. I am wanting to deploy a build of mojoportal for use as an Intranet site. I have successfully authenticated against our LDAP Server with the web.config set to forms authentication. This however requires users to log in before they can take advantage of their roles. So here is my question.. If I change the web config from forms to windows authentication and add the <authorization> to only allow authenticated users will mojoportal take advantage of the, "First visit create DB user" feature.

  • Operating System: Windows Server 2012 R2
  • Database SQL Server 2012
  • mojoportal 2.4.0.4
  • .Net 4.5

 

10/30/2014 8:24:58 AM
Gravatar
Total Posts 18444

Re: Intranet Windows Authentication

as far as I know, yes, for windows authentication a user should be automatically created for any authenticated user that is not in the db.

However, mojoPortal roles are not windows domain roles, so you would still have to manually assign the users to roles within mojoPortal to give them any permissions.

all client machines and the web server would have to be windows domain members for windows authentication to work

10/30/2014 10:41:56 AM
Gravatar
Total Posts 55

Re: Intranet Windows Authentication

Thank Joe, That sounds exactly like I was hoping it would work. I will make the change and provide feedback on how it worked out for your reference..

 

Keep up the good work !! 

 

Joe

10/31/2014 11:34:42 AM
Gravatar
Total Posts 55

Re: Intranet Windows Authentication

Joe, It seems my request to have windows authentication set up on the server has not reached the priority level needed for action. Our site will continue running in Froms Authentication using LDAP for now until the change is made. 

 

Thanks for the support

 

Joe

10/31/2014 11:52:59 AM
Gravatar
Total Posts 18444

Re: Intranet Windows Authentication

one thing to keep in mind for whenever you make that change

the user name seen by mojoportal under windows auth may be different than the raw ldap user name. I think it will be like domain/username under windows auth rather than just username (if I recall correctly)

so it will create new users rather than match the previous existing ldap users

if that happens then you may need to remove the new users and run a query to update the loginname on existing users so it matches what is seen under windows auth

10/31/2014 3:45:14 PM
Gravatar
Total Posts 55

Re: Intranet Windows Authentication

Using LDAP authentication if a registered AD user changes their password will that persist to their matching db record? Have a couple beers.... Joe
10/31/2014 4:07:13 PM
Gravatar
Total Posts 18444

Re: Intranet Windows Authentication

ldap authentication does not use a password from the database so there is nothing to sync and we would not want to store a copy of the users ldap/ad password in the db ever.

so if the ldap password changes then the next time the user logs into the site he must use the new one since it is always talking directly to ldap server to authenticate.

we do generate a random password for the db record at the time of user creation, but that would only be used if enabling db auth in addition to ldap or if you later turned off ldap and used db auth instead

10/31/2014 4:08:13 PM
Gravatar
Total Posts 18444

Re: Intranet Windows Authentication

thanks for the beers! Much appreciated.

Cheers,

Joe

You must sign in to post in the forums. This thread is closed to new posts.