locked
Active Directory RRS feed

  • Question

  • User2074350342 posted

    I have finaly got Time Tracker 2 to use active directory...sort of :)

    It is at the point where it lists all user objects in AD.  However it does not populate the users table or allow you to log in with your AD account.  Does anyoneknow how I can impliment this?

    Wednesday, May 2, 2007 5:24 AM

All replies

  • User2074350342 posted

    I have pasted my web.config below and changed the username and password used in it.   As you can see it is using the Active Directory membership provider.  However as mention earlier is is only allowing Time Tracker to look at Active Directory, it is not actualy allowing you to log in with it yet. 

    <?xml version="1.0"?>
    <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
     <connectionStrings>
      <remove name="LocalSqlServer" />
      <add name="LocalSqlServer" connectionString="server=HQ01;uid=TimeTrackerUser;pwd=password;database=TimeTracker2" />
      <add name="aspnet_staterKits_TimeTracker" connectionString="server=HQ01;uid=TimeTrackeruser;pwd=password;database=TimeTracker2" />
      <add name="ADConnectionString" connectionString="LDAP://HQ01/CN=Users,DC=hq,DC=essential,DC=co,DC=uk" />
     </connectionStrings>
     <system.web>
      <authorization>
       <deny users="?" />
      </authorization>
      <membership defaultProvider="MyADMembershipProvider">
       <providers>
        <remove name="AspNetSqlMembershipProvider" />
        <add connectionStringName="ADConnectionString" connectionUsername="domain\username"
         connectionPassword="password" enableSearchMethods="true"
         attributeMapUsername="sAMAccountName" name="MyADMembershipProvider"
         type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
       </providers>
      </membership>
      <siteMap defaultProvider="AspNetXmlSiteMapProvider" enabled="true">
       <providers>
        <clear />
        <add name="AspNetXmlSiteMapProvider"
         type="System.Web.XmlSiteMapProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
         siteMapFile="web.sitemap"
         securityTrimmingEnabled="true"  />
       </providers>
      </siteMap>
      <authentication mode="Forms">
       <forms name=".ADAuthCookie" loginUrl="~/TimeTracker/login.aspx"
        timeout="10" />
      </authentication>
      <compilation debug="false" />
      <customErrors mode="RemoteOnly"/>
      <machineKey decryptionKey="AutoGenerate,IsolateApps"/>
      <roleManager enabled="true" />
     </system.web>
    </configuration>

    Wednesday, May 2, 2007 12:12 PM
  • User555306248 posted

    Just see this link ,

    Hope it will help you http://www.15seconds.com/issue/020730.htm

     

    Wednesday, May 2, 2007 11:29 PM
  • User2074350342 posted

    Update:

    Not only does my Timetracker read from AD, if I create a new user, it creates the account in AD and not the timetracker database.  I am scratching my head now.

    Thursday, May 3, 2007 10:51 AM
  • User-463612809 posted

    started with time tracker 2 today.. i'm having the same problem as you.. have you solve it?

     

    thanks

     

    Tuesday, June 19, 2007 12:59 PM
  • User555306248 posted

    Have you seen that link, I posted in the forums..?

    Tuesday, June 19, 2007 11:20 PM
  • User-16984512 posted

    Curious if you have an update on this or what you figured out?  I've looked a little at the 15 seconds article, but don't see that much relevance (also seems a little out of date)

    I'm trying to do essentially 'pass-through' authentication. The only thing I want AD to do is authenticate the user. Their info. in the TIme Trakcer DB should be used otherwise.  Currently, I can see on the AD machine with the DC, that there are 'successes' on the logins, but on the app. machine, I am still getting authorization failures.  'URL authorization failed for the request'  is the error message when looking in the event viewer >> application

    I have:

    <connectionStrings>
        <remove name="LocalSqlServer" />
        <add name="LocalSqlServer" connectionString="server=SQL;uid=IDHERE;pwd=#########,database=DBNAME" />
        <add name="aspnet_staterKits_TimeTracker" connectionString="server=SQL;uid=IDHERE;pwd=########;database=DBNAME" />
        <add name="ADConnectionString" connectionString="LDAP://DCMACHINE/CN=Users,DC=path,DC=to,DC=dc" />
    </connectionStrings>

            ... and ...

    <system.web>

    .... 

     <authentication mode="Windows" />


    <authorization>
        <deny users="?"/>
    </authorization>

    ...

    </system.web>

     

    I'll admit that I don't have my head fully wrapped around membership providers yet ... could that be my problem?

    Friday, August 10, 2007 1:59 PM
  • User-463612809 posted

    I've made the same changes, but first I've created a user with "administrative power" like this: <domain>\<username>

     Then I changed the "authentication mode" to windows and could enter with no problems.

     all the users I have to create like the example. working on a "if ( user doens't exist, then create like consultant )"

     I also need a "edit user" screen with permissions. And it would be perfect :)

    Take also a look to this thread: http://forums.asp.net/t/941943.aspx?PageIndex=1

     

    Monday, August 13, 2007 9:06 AM
  • User-16984512 posted

    Is an admin. user necessary  just for authenticating to AD?  Is there some lesser account type that will allow a compare? I don't want it creating accounts or modifying them in AD.  I did get that part working later, but the role provider was messed up still.

     And the trials and trib's thread/posting is indeed very helpful.
     

    Monday, August 13, 2007 12:42 PM
  • User-463612809 posted

    Is an admin. user necessary  just for authenticating to AD?  Is there some lesser account type that will allow a compare? I don't want it creating accounts or modifying them in AD.  I did get that part working later, but the role provider was messed up still.

     And the trials and trib's thread/posting is indeed very helpful.
     

    it hasn't to be an Admin form de AD or Workstation, just has to be an Admin in the Time Tracker, so, when you switch to Authentication= windows, You can later create more users [:)]

    At least this is how far i get till know.

     

    Monday, August 13, 2007 4:55 PM
  • User555306248 posted

    See the link for more details

    http://forums.asp.net/t/941943.aspx

    Wednesday, August 22, 2007 11:56 PM
  • User-1987530657 posted

    I have tested the active directory login for the doman user but when AD user login what is the benfits to create user if all users already exist in AD ?

    another thing is will the ActiveDirectory mebmership provider will stor the AD  user to show them when needed to add in any created project ? or its just for purpous of login and an internal user must be created ... im confusied !![:^)]

    Tuesday, May 20, 2008 10:45 AM
  • User555306248 posted

    I found one link about configuration of ActiveDirectory mebmership provider

    http://blogs.msdn.com/gduthie/archive/2005/08/17/452905.aspx

     

    Wednesday, May 21, 2008 11:25 PM
  • User-1987530657 posted

    well , finaly i was able to access the site using AD membership provider, but the qestion still rised , and i guss i have alot if modification to do to handel he user roles and to assign these users. and way here is complete help about how i configured AD :

     

    <system.web>

     

       <authentication mode="Forms">

          <forms name="ADAuthCookie" timeout="10" loginUrl="Login.aspx" defaultUrl="Default.aspx"></forms>

       </authentication>

    <authorization>

      <deny users="?"/>

       <allow users="*"/>

    </authorization>

    <membership defaultProvider="DomainLoginMembershipProvider">

    <providers>

    <add name="DomainLoginMembershipProvider"

        type="System.Web.Security.ActiveDirectoryMembershipProvider,System.Web, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"

        connectionStringName="ADConnectionString"

        attributeMapUsername="sAMAccountName"

       enableSearchMethods="true"

       connectionUsername="User@Domain.com"

       connectionPassword="Password" />

    </providers>

    </membership>

    Dont for get to add asp.net 2 login control.

     

    Thursday, May 22, 2008 3:37 AM
  • User555306248 posted

    See here http://forums.asp.net/t/1263125.aspx

     

    Thursday, May 22, 2008 11:23 PM
  • User-31526489 posted

    Create Active Directory Service using WCF – Accusing AD Functions using WCF Services – AD Services
    http://ledomoon.blogspot.com/2009/12/create-active-directory-service-using.html

    Wednesday, December 9, 2009 5:31 AM
  • User555306248 posted

    Is this compatible with Time Tracker Systems or even need this to work with AD 

    Wednesday, December 9, 2009 9:59 PM
  • User555306248 posted

    Is this automatically bind with AD Users 

    Thursday, December 10, 2009 9:55 PM
  • User555306248 posted

    Any updates on this 

    Monday, December 14, 2009 10:13 PM