amervitz
commented
6 years ago Using ADFS as an identity provider would be the approach for doing this. See Configure WS-Federation provider settings for portals.
Closed RicLund closed 6 years ago
amervitz
commented
6 years ago Using ADFS as an identity provider would be the approach for doing this. See Configure WS-Federation provider settings for portals.
RicLund
commented
6 years ago OK thanks, I'll look into that. I'm slightly surprised that I can't just enable Windows Authentication on the ASP.NET side and have flow through. Did this change since ADX Studio? The documentation here (first half of the article) seems to suggest that federation wasn't needed to just authenticate network users, or am I reading it wrong? https://community.adxstudio.com/products/adxstudio-portals/documentation/end-users-guide/portal-application-guide/starter-portals/intranet/
Bear in mind this isn't one of my strong areas... :-)
kurtnelle
commented
6 years ago Would also like a definitive answer on this. Is it that we just use the ASFS provider or does the domain have to be federated first? In my case all the users are on the intranet.
amervitz
commented
6 years ago @riclund, based on the installation media from various Adxstudio Portals versions, the intranet portal documentation and approach referenced was last relevant to v6. The intranet portal sample code was last included in v6, and removed in v7. This project is roughly equivalent to Microsoft portals v8.3, so this is an approach from 2 major versions ago.
@kurtnelle, the domain would have to be federated, ADFS is the by-product of a federated domain.
It would be advisable to use the available configuration methods in the Microsoft hosted portals documentation to keep your installation in a state that is amenable to a migration to Microsoft hosted portals.
RicLund
commented
6 years ago Thanks @amervitz. Working with the relevant resources to see if we can make this happen in our environment. Wish me luck!
Do we want to keep this open for future reference by others on this path?
amervitz
commented
6 years ago I'll close this, it'll still be visible in the closed issues list. Good luck :four_leaf_clover:
How do I configure the portal so the currently logged in Windows user is used for authentication? It seems to have changed a bit from ADX - didn't we select a System User in the Contact? I've tried tweaks to web.config to enable Windows authentication and disabled anon in IIS but with no joy.
Has anyone done this? Is it still possible with xRM Portals? I'd imagine this will be a reasonably common need so hopefully this discussion helps others in future.