Users In Tree Domain Of Forest Not Able To Create Tickets - Active Directory

Topics: Installing BugNET
May 2, 2014 at 3:20 PM
This is an odd one as we are not having a problem with the DNN install on the same server. Our IIS server is in the same forest domain as our users. Our remote offices are trees of that forest. When one of our users in a tree of that forest tries to log in, they are able to authenticate and browse into the project, but not able to see the "New Issue" button.

Their screen shows them logged in, and the project is public. Other users that are in the main forest domain are able to create new tickets with out being added to the public project.

I'm not sure what can cause this as the DNN portion of our site works find for them. I am not a network administrator so if you have suggestions, please include a description on how to do it. And our IT is working at a skill level of the mid 90's so they will probably need that too.
May 2, 2014 at 11:18 PM
SRobbins wrote:
This is an odd one as we are not having a problem with the DNN install on the same server. Our IIS server is in the same forest domain as our users. Our remote offices are trees of that forest. When one of our users in a tree of that forest tries to log in, they are able to authenticate and browse into the project, but not able to see the "New Issue" button.

Their screen shows them logged in, and the project is public. Other users that are in the main forest domain are able to create new tickets with out being added to the public project.

I'm not sure what can cause this as the DNN portion of our site works find for them. I am not a network administrator so if you have suggestions, please include a description on how to do it. And our IT is working at a skill level of the mid 90's so they will probably need that too.
Hi,

Switching the authentication to windows on BugNET will show the users as logged in, but they also need accounts created in BugNET as well for authorization (roles and permissions).

Have you uncommented the authentication module in the web.config and are users being created in BugNET?

Please refer to our documentation on this subject. https://bugnet.codeplex.com/wikipage?title=Configure%20Active%20Directory%20%2f%20Windows%20Authentication&referringTitle=Documentation
May 3, 2014 at 2:50 AM
dubeaud wrote:
Hi,

Switching the authentication to windows on BugNET will show the users as logged in, but they also need accounts created in BugNET as well for authorization (roles and permissions).

Have you uncommented the authentication module in the web.config and are users being created in BugNET?

Please refer to our documentation on this subject. https://bugnet.codeplex.com/wikipage?title=Configure%20Active%20Directory%20%2f%20Windows%20Authentication&referringTitle=Documentation
Hi dubeaud,
Thank you for the response. Yes the users are getting registered just fine when ever they are from the forest. But if they are in one of the tree domains, they seem to not be getting registered. It's very odd.
May 5, 2014 at 7:09 PM
Edited May 5, 2014 at 7:09 PM
In the authentication module, we use a directory searcher with this search filter:
(&(ObjectClass=Person)(SAMAccountName={0}))
I am not sure if that helps.
May 5, 2014 at 7:12 PM
Edited May 5, 2014 at 7:22 PM
dubeaud wrote:
In the authentication module, we use a directory searcher with this search filter:
(&(ObjectClass=Person)(SAMAccountName={0}))
I am not sure if that helps.
Hmmm, I'm not sure if that helps either. Does that mean it cant find tree domains in the forest domain?
May 5, 2014 at 7:35 PM
Actually my statement is incorrect, that was some old code that is not being used.

You might try setting a different AD path in the hostsettings.
May 6, 2014 at 10:32 PM
dubeaud wrote:
Actually my statement is incorrect, that was some old code that is not being used.

You might try setting a different AD path in the hostsettings.
A different path? Where can I find Host settings? What path do you recommend?
May 15, 2014 at 3:33 PM
Oh man... really could use some expert advice. Anyone ever seen this?

I have a feeling it's a problem with how our network is set up, but I have no clue where to go for that. Must be something in the relationship between the domains not working or not enabled. Anyone know someone I can talk to about this, please let me know.