Open CEduChrOCOlOugep opened 2 months ago
saiwolf
commented
2 months ago As this is an example app, I didn't really intend on going so far as to introduce AD sync haha. I wrote the seed routine as an easy way for you to get users into the DB from the cli.
The Admin account can be anything you want it to be, so long as it has a valid username/password in Active Directory!
CEduChrOCOlOugep
commented
1 month ago I’m having trouble setting this up. Should the app use IIS or Kestrel? If my app is in a subdomain like a development domain and my AD is in a production domain, how/what should I change so password checks are successful?
saiwolf
commented
1 month ago If you look in ~/Services/Auth/AdUserService.cs, you'll see references to PrincipalContext. This is where you can specify the domain name explicitly, if auto-detection doesn't work. Your subdomain would have to have connectivity to your production domain, of course, and PrincipalContext does allow you to specify credentials.
Awesome app, btw!! Really useful. If none of my valid users are in the local app db, how can I sync what is currently in AD with the app db without using the seeding you’ve already conveniently included? Also, does can the “admin” be a service account with read access to an ADSI interface from SQL server?