locked
Lightswitch windows authentication with active directory not working RRS feed

  • Question

  • Hello,

    I am using Lightswitch (VS2012 Update 3) with windows authentication with the option: Allow only users and Active Directory security groups specified in the Users screen of the application.

    My application is able to resolve users on the domain with no problem.  However, the application is not seeing any of the Active Directory security groups we have created.  I have verified that the groups are security groups with Global scope. 

    Active Directory is a requirement for this project, can someone please help?  Are there any other settings or config that needs to be done to get this working?  Any information would be appreciated. 

    I also posted to this thread but received no response, possibly because it was inaccurately marked as "answered".

    Thanks.




    • Edited by Hessc Tuesday, July 9, 2013 5:10 PM
    Tuesday, July 9, 2013 3:52 PM

Answers

All replies

  • Bug submitted: ID #793232
    Tuesday, July 9, 2013 5:10 PM
  • The scope should be either Universal or Domain Local.
    Tuesday, July 9, 2013 6:59 PM
  • Matt,

    Thank you for the response.  I will try this tomorrow and post the results.  Regards.

    Tuesday, July 9, 2013 11:24 PM
  • Matt,

    We tried using both Universal and Domain Local scope and niether will work.  It seems as if the application has a filter or is not looking for groups.  Are there any other configuration settings needed for this to work?

    Wednesday, July 10, 2013 1:45 PM
  • Please contact me via my blog contact form (http://blogs.msdn.com/b/mthalman/contact.aspx) and we can debug this offline.
    Wednesday, July 10, 2013 7:03 PM
  • Will do.  Thanks.
    Wednesday, July 10, 2013 7:20 PM
  • We solved the problem by publishing the application.  Once published, the AD security groups (Local Domain scope) became accessible to the users screen.  A big thank you to Matt Thalman for the great offline support.  Had we not gotten lucky and stumbled on to a solution, Matt would have found it with his diagnostics :)
    Saturday, July 13, 2013 3:52 AM
  • I know this was marked as answered but I am using VS 2012 update 4 and I am having the same issue.  One Domain Local group works fine, then other does not.  My app is published and still cannot get that group to be recognized as a valid security entity
    Wednesday, November 27, 2013 2:49 PM
  • I am using VS 2013 and running into a similar issue, no matter how I configure the app now, whether I turn off authentication, use windows authentication I cannot get my browse screen to load the default query. I have gone in to the administration section of the silverlight client added a role and a user which is actually a windows group of domain users. Publish the app and it says I do not have permissions even when publishing to my localhost and windows authentication is enabled on the app.

    Ken Carrier, GIS Software Engineer

    Thursday, January 23, 2014 10:40 PM
  • Any solution to this issues yet?  I'm having the same problem in VS 2013.     Thank you
    • Edited by canderson70 Monday, February 24, 2014 12:27 AM
    Sunday, February 23, 2014 11:37 PM
  • I wish I could provide more insight into exactly how we got it to work, but I had no control over the AD groups.  I was on the phone with IT and made them try every setting possible.  It took a while, but the Domain Local scope security groups showed up in the published app.  It was not possible to use distribution groups (that show up in outlook) at all.  We had to create separate groups for LS (which was not cool) and maintain them.
    Monday, February 24, 2014 4:14 AM