MonoX support board

Start the conversation, ask questions and share tips and solutions with fellow developers.

Non-registered users can only browse through our support boards. Please register now if you want to post your questions. It takes a second and it is completely free. Alternatively, you can log in without registration using your credentials at major sites such as Google, Microsoft Live, OpenId, Facebook, LinkedIn or Yahoo.

Active Directory: Roles from ADUC Groups; not all showing up?  (Mono Support )

Viewed 23972 time(s), 10 post(s) 5/7/2012 3:14:49 PMby erin0201
erin0201

erin0201

5/7/2012 3:14:49 PM
I am trying to integrate with active directory and control my page views and editing via Active Directory security groups.

However, not all of my groups are showing up when I click on page properties in the page administration area of MonoX.
There are a lot of groups in our Active Directory. Is there a limit on how many groups are shown in MonoX page administration?

Thanks!
Erin
This content has not been rated yet. 
453 Reputation 61 Total posts
denis

denis

5/7/2012 3:44:45 PM
Hi Erin,
MonoX uses only AD security groups - distribution groups are not imported (for more details, see http://technet.microsoft.com/en-us/library/cc781446(v=ws.10).aspx ). Apart from that, it will also skip the groups that are placed in the groupsToIgnore attribute of the ActiveDirectoryRoleProvider in the web.config.
Rated 5.00, 1 vote(s). 
7207 Reputation 956 Total posts
erin0201

erin0201

5/7/2012 3:51:33 PM
Hi Denis,

I've tried placing some groups in the groupstoignore section of web.config. Will they disappear from the listing in page properties if I put them there?
Also how should I format them.

I've tried:
groupsToIgnore="Group1;Group2;Group3;"
For example and these groups still show up in the page properties as options to use.
Should I be using commas, or certain spacing in there..?
This content has not been rated yet. 
453 Reputation 61 Total posts
erin0201

erin0201

5/7/2012 4:12:40 PM
Also, do you need to have roles created already in MonoX with the same name as roles coming in from Active Directory for them to work?
This content has not been rated yet. 
453 Reputation 61 Total posts
denis

denis

5/8/2012 10:18:29 AM
Please use commas (',') to separate role names. As for the existing roles, it would be best ro remove them before switching to the AD provider - you cannot use multiple providers at the same time.
This content has not been rated yet. 
7207 Reputation 956 Total posts
erin0201

erin0201

5/8/2012 12:12:56 PM
Thanks Denis!

Also, do you know how long it takes for changes to propagate from the active directory if I move users around in there? Do I have to restart the website in IIS? Or when will MonoX go out and check for user/group changes? For now to see changes, I've been renaming the web.config and replacing it with the MonoX standalone configurations, logging in with the original admin, and then logging out, and replacing the web.config with my ADUC configured one and logging in with my domain administrator account to try and see changes. Do I always have to do this to stimulate MonoX going out and refreshing/updating the changes from active directory or will it do it on its own every so often?

Thanks!
This content has not been rated yet. 
453 Reputation 61 Total posts
denis

denis

5/8/2012 12:28:21 PM
It should happen automatically after the time period specified in the cacheTime attribute in the web.config expires.
Rated 5.00, 1 vote(s). 
7207 Reputation 956 Total posts
erin0201

erin0201

5/8/2012 12:30:18 PM
Oh, excellent!

Is that cacheTime value in seconds, milliseconds, or minutes then?
This content has not been rated yet. 
453 Reputation 61 Total posts
denis

denis

5/8/2012 12:40:22 PM
Hi Erin,
these are seconds.
This content has not been rated yet. 
7207 Reputation 956 Total posts
erin0201

erin0201

5/8/2012 3:21:12 PM
Thanks for your help, Denis!
This content has not been rated yet. 
453 Reputation 61 Total posts