server not in domain problem with LDAP authentication

[joinsaturn]

Hi I have a server that is not in domain, but I would like to use authentication provider vith LDAP configuration.

I fill the form with this information: Provider: ADSIAuthenticationProvider Authentication Type: Delegation Root Domain: LDAP://192.168.1.30 User: myuser Password: mypassword Default Domain: DOMAIN NAME

I try to connect to domain and I receive these information:

Accessing Global Catalog: FAIL Checking Root Domain: OK Accessing LDAP: FAIL Find all domains in network: Could not access LDAP to obtain domains info The specified domain either does not exist or could not be contacted. The specified domain either does not exist or could not be contacted.

Anyone have some issue with LDAP configuration? I appreciate to know what kind of test I can do on server to find out the problem.

thanks a lot Matteo

[joinsaturn]

This configuration does not seem to work. Issue: I have installed DNN 9.x on a non-domain server. I get the error above, with other module not open source works.

[sawest]

This extension is really meant to use Active Directory for authentication without a bunch of bells and whistles. I have not done much testing with your configuration but I would anticipate that the LDAP address may need tweaking. Try using LDAP://domainservername.com instead of IP and see if that helps. Also try LDAP://dc=domain,dc=com as well. Please post your results.

[roman-yagodin]

If machine is in domain, directory services will have no problem to discover the domain controller. But I've also tried to make AD authentification work on my development machine (DNN 8.0.4) which is not in domain - still without any luck. After updating configuration settings, I always see this message in the log:

Message:Указанный домен не существует или к нему невозможно подключиться (The specified domain does not exist or can not be connected to it.)
StackTrace:
   at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
   at System.DirectoryServices.DirectoryEntry.Exists(String path)
   at DotNetNuke.Authentication.ActiveDirectory.ADSI.Configuration..ctor()

I could assume that problem in my case is that my domain controller host name and root domain name are not the same:

Domain controller host: addc.something.company.com Root domain: DC=something,DC=company,DC=com

For comparison, LDAP authentication modules for Redmine and TheBugGenie both have separate configuration options for root domain name and domain controller host name.

[sawest]

I know this my sound simple, but can your non-domain computer (housing the DNN instance) connect to the domain controller? Is it on the same subnet, is there a firewall in the way, etc? Are you able to ping the domain controller? LDAP://domaincontrollerhost should get you connected if you can communicate. Have you successfully tried other software on this same machine with successful results?

[roman-yagodin]

Yes, I can ping domain controller host and can also connect to it using ldp.exe by specifying server address and port (389).

[sawest]

After some investigating, the module uses LDAP://rootDSE to poll for the available domains. This is only available to machines that are currently in a domain environment. Having an out of domain machine authenticate to a domain will need to be a feature addition.

[ddonaldsondss]

I'm having a very similar issue to this. I am on a machine hard-wired into the network, and the DNN 9.0 Site is hosted on Azure. In my case, I have the following configuration: Enabled: Yes Synchronize Role and Photo: Yes Provider: ASDIAuthenticationProvider Authentication Type: Delegation Root Domain: [IP Address of LDAP Domain]. In this field, I've also tried LDAP://[IP Address of LDAP Domain], LDAP://DC=[Domain];DC=local and com, and LDAP://[mydomain.com] and LDAP://[mydomain]:[Port] Username: [Username] Password: [Password]

I then receive the following errors: Accessing Global Catalog: FAIL Checking Root Domain: FAIL Accessing LDAP: FAIL Find all domains in network: Could not access LDAP to obtain domains info The specified domain either does not exist or could not be contacted. Access is denied.

What might need to be fixed in my configuration? Would I need to make adjustments to my web.config file?