1. Installation

Note

Objective of this chapter is to show how to install ‘AD-Pro Authentication’ module in your DNN website.

1.1. Requirements

  • DNN Platform v8+
  • .NET Framework 4.0+
  • ASP.NET Full Trust levels
  • Connection Manager a DNN module from Glanton

1.2. Security concepts

The ‘AD-Pro Authentication’ plugin connects DotNetNuke website with Active Directory through two protocols:

  • LDAP protocol (Lightweight Directory Access Protocol), that is using port number 389.
  • LDAPS that is also known as LDAP over TLS protocol. It can also utilize SSL protocol, but SSL is now obsolete. To establish the encrypted connection certificates are used. And by default following ports needs to be opened: 636, 2889.

1.3. Before you start

  1. Make all backups, including DNN database and file system.

  2. If “AD-Pro Authentication v2” (previous version of this module) exist - remove it. Previous version isn’t compatible witch v3, and it can’t be upgraded.

  3. If “DotNetNuke® Auth: Active Directory” exist in DNN Platform, disable that extension, then comment or remove following code snippet from the web.config file:

    <location path="DesktopModules/AuthenticationServices/ActiveDirectory/WindowsSignin.aspx">
        <!-- Disable Forms Authentication -->
        <formsAuthenticationWrapper enabled="false" />
        <system.webServer>
            <security>
            <!-- Enable IIS Windows authentication for the login page -->
                <authentication>
                    <windowsAuthentication enabled="true" useKernelMode="false">
                        <providers>
                            <clear/>
                            <add value=”NTLM”/>
                        </providers>
                    </windowsAuthentication>
                    <anonymousAuthentication enabled="false" />
                </authentication>
            </security>
        </system.webServer>
    </location>
    

1.4. Module installation process

  1. Sign in to the DNN website as a ‘DNN Host’.
  2. Go to ‘Settings-> Extensions’, see figure below.
_images/module-installation-1.png
  1. Click ‘Install Extension’ button, see figure below.
_images/module-installation-2.png
  1. Upload extension package (see figure below) and click ‘Next’ button few times. This will take you through all steps of module installation wizard.
_images/module-installation-3.png
  1. If package was successfully installed, following screen should appear. Click ‘Done’ button to finish this process.
_images/module-installation-4.png
  1. Now extension list contain newly added module, the module version can be vary, see figure below.
_images/module-installation-5.png

1.5. Changes made during the module installation process

At the module installation process, following modifications will be automatically done:

  1. In DNN database will be created table GS_ADProAuth_Settings

  2. In DNN file system, under the DesktopModules, will be added folder GS_ADProAuthentication.

  3. In web.config file, under node <configuration><configSections>:

    <section name="formsAuthenticationWrapper" type="Mvolo.Modules.FormsAuthConfigurationSection" />
    
  4. In web.config file, under node <system.webServer><modules>:

    <remove name="FormsAuthentication" />
    <add name="FormsAuthentication" type="Mvolo.Modules.FormsAuthModule" />
    <add name="AdProAuthenticationModule"  type="GS.ADProAuthentication. AdProAuthenticationModule, GS.ADProAuthentication" />
    
  5. In web.config file, at the end of the configuration section following node will be added:

    <location path="DesktopModules/GS_ADProAuthentication/WinAuthSignIn.aspx">
        <!-- Disable Forms Authentication -->
        <formsAuthenticationWrapper enabled="false" />
        <system.webServer>
        <security>
            <!-- Enable IIS Windows authentication for the login page -->
            <authentication>
            <windowsAuthentication enabled="true" useKernelMode="false">
                <providers>
                <clear />
                <add value="NTLM" />
                </providers>
            </windowsAuthentication>
            <anonymousAuthentication enabled="false" />
            </authentication>
        </security>
        </system.webServer>
    </location>