MonoX support board

Start the conversation, ask questions and share tips and solutions with fellow developers.

Non-registered users can only browse through our support boards. Please register now if you want to post your questions. It takes a second and it is completely free. Alternatively, you can log in without registration using your credentials at major sites such as Google, Microsoft Live, OpenId, Facebook, LinkedIn or Yahoo.

Problems with Active Directory Authentication  (Mono Support )

Viewed 119974 time(s), 26 post(s) 12/5/2012 4:55:21 PMby afabri73
afabri73

afabri73

12/5/2012 5:01:42 PM
Hi,
I have a problem with Active Directory Authentication.
I setup correctly the web.config file to access with AD credentials as you explain in this post
After I specified in the portal settings that domain admins can administrate the portal
I assigned to some pages the access only to domain admins, to each others only domain users and two pages are public.

Then if I try to connect with my connect with AD credentials (I tried with a domain admins user and with a simple domain user), the login succesfully...but...if I try to surf in "public" pages I see all correctly but if I try to connect to every "private" pages (frontend or administration area), I receive the attached error.
I tried also to set security to Domain admins and Domain Users to the website folder, but I have the same problem.
I have the same problem if I try to connect to Monox with Windows Authentication.

Can you help me?
I look forward to your reply
Thank you
AF
This content has not been rated yet. 
115 Reputation 19 Total posts
afabri73

afabri73

12/6/2012 9:28:29 AM
Anyone knows how to solve the issue?
This content has not been rated yet. 
115 Reputation 19 Total posts
denis

denis

12/6/2012 9:35:43 AM
The error you see is in-line with the expected behavior (I assume that you turned off the custom error pages in the web.config, so that formatted error page does not get displayed), if the page you are trying to reach is not having the current user's role in the list of allowed roles. I would have to know more details about your scenario, and the best way to do this would be to organize the remote support session via TeamViewer or a similar tool. Would this be OK with you?
This content has not been rated yet. 
7207 Reputation 956 Total posts
afabri73

afabri73

12/6/2012 10:21:48 AM
Hello Denis,
ok...you are right CustomErrors was set to off.
Now I configured it to on and when I try to connect to private page I received an "Access Denied" page.

You can help me to setup correctly the roles?
I try to explain our scenario:
web.config: correctly configured following your post (this post) - OK It function properly
Administration Area: I connected as default admin user (aspnet membership) and i configured portal with these settings:
- Portal settings...assign administrative roles to Administrators and Domain Admins
- Portal settings...assign default role for new users to Users and Domain Users
- Page settings...assign all correct permissions to page and navigation (I add Domain Admins and Domain Users to all page)
- Users...assign Domain Admins role to my Admin Account
- Users...assign Domain Users role to my User Account
- Disabled registration for AD users
Fise System:
- Assign to all website folder:
- Domain Admins: Full control permissions
- Domain Users: Read & Execute permissions

When I try to connect with my Domain Admin account I don't enter in any "private" page

Do you think I forgot something?
In the meantime, I requested the permit to use TeamViewer

Adriano
This content has not been rated yet. 
115 Reputation 19 Total posts
afabri73

afabri73

12/6/2012 9:19:19 PM
Hi Denis, Tomorrow i think i'll can use teamviewer. In the meantime can you answer to my last post with the details on my scenario? Thank you in advance Adriano
This content has not been rated yet. 
115 Reputation 19 Total posts
denis

denis

12/6/2012 9:34:06 PM
If everything is set as described, your domain controller for some reason simply does not recognize the user account you are using as a member of the Domain Admins group. Is your username displayed correctly when you log in via AD? Please sure that you log off after using the Forms authentication, delete cookies, and than try to log in as AD user after you change the web.config settings.
This content has not been rated yet. 
7207 Reputation 956 Total posts
afabri73

afabri73

12/7/2012 2:36:41 PM
Hello Denis,
I can't resolve the issue.
All settings would be correct.
If you want, now you connect with teamviewer

If you have skype or google chat started I can tell you the ID and password to connect.

I look forward to your reply
Thank you
Adriano
This content has not been rated yet. 
115 Reputation 19 Total posts
denis

denis

12/7/2012 5:32:58 PM
Sorry for the late answer, I was out of the office for the better part of the day. Please send me your details via e-mail or message utility on this site.
This content has not been rated yet. 
7207 Reputation 956 Total posts
afabri73

afabri73

12/11/2012 11:47:15 AM
Sorry for delay,
How can send you details via message utility?
There are two "denis" account. The first one is only the name, but the second one is the name with a number.
What is your? The simple name?

Thank you
Adriano
This content has not been rated yet. 
115 Reputation 19 Total posts
khorvat

khorvat

12/11/2012 1:01:30 PM
Hi, yes his username is only "denis", please CC this to me too - "khorvat", we will schedule a meeting soon.

Thanks
This content has not been rated yet. 
15993 Reputation 2214 Total posts
1 2 3