I can't get Sync Role to work on our PROD webserver. But it works on our DEV webserver.
Details:
We are using DNN for our INTRANET. We are running DNN Community 9.6.2 using version 7.2.0 of the DNN.ActiveDirectory module. We have a PROD and a DEV server.
We have a Root domain called DOMAIN.INT with two child domains CHILD1.DOMAIN.INT and CHILD2.DOMAIN.INT. Our users are in either CHILD1 or CHILD2 domains.
Our PROD DNN server is connected to the root domain - DOMAIN.INT.
Our DEV DNN server is connected to the child domain - CHILD1.DOMAIN.INT.
When a person goes to the DNN server, the module appears to lookup the AD groups for the person in their domain. In the instance of my user account, it loosk for groups in CHILD1.DOMAIN.INT. My AD groups assigned to me are say GROUP1, GROUP2.
Then the module looks to see if the user's AD group exists in the domain the Server is connected to.
In PROD, that domain is DOMAIN.INT. Since my AD groups GROUP1, GROUP2 don't exist, I'm not added to those roles in DNN.
In DEV, that domain is CHILD1.DOMAIN.INT. Since my AD groups GROUP1, GROUP2 do exist, I am added to those roles in DNN.
Is there a way to configure the DNN module to look at the root domain and both child domains when looking for groups to synch?
Question:
I can't get Sync Role to work on our PROD webserver. But it works on our DEV webserver.
Details:
We are using DNN for our INTRANET. We are running DNN Community 9.6.2 using version 7.2.0 of the DNN.ActiveDirectory module. We have a PROD and a DEV server.
We have a Root domain called DOMAIN.INT with two child domains CHILD1.DOMAIN.INT and CHILD2.DOMAIN.INT. Our users are in either CHILD1 or CHILD2 domains.
Our PROD DNN server is connected to the root domain - DOMAIN.INT.
Our DEV DNN server is connected to the child domain - CHILD1.DOMAIN.INT.
When a person goes to the DNN server, the module appears to lookup the AD groups for the person in their domain. In the instance of my user account, it loosk for groups in CHILD1.DOMAIN.INT. My AD groups assigned to me are say GROUP1, GROUP2.
Then the module looks to see if the user's AD group exists in the domain the Server is connected to.
In PROD, that domain is DOMAIN.INT. Since my AD groups GROUP1, GROUP2 don't exist, I'm not added to those roles in DNN.
In DEV, that domain is CHILD1.DOMAIN.INT. Since my AD groups GROUP1, GROUP2 do exist, I am added to those roles in DNN.
Is there a way to configure the DNN module to look at the root domain and both child domains when looking for groups to synch?
Steps to reproduce (if needed)
Other comments or remarks