9. Migration from DNN.ActiveDirectory provider

9.1. Overview

“DNN.ActiveDirectory” provider is a open source plugin created in 2012 by Mike Horton. Install package as well as the source code is available in Git repository

Move to “AD-Pro Authentication” plugin will mean fewer compatibility issues in DNN v8/9/Evoq. When you do decide to move forward, Glanton recommends you migration steps below.

9.2. Settings worth to note

“DNN.ActiveDirectory” settings can be reused. Before you uninstall “DNN.ActiveDirectory” provider copy following settings because “AD-Pro Authentication” will need it:

  • Default Domain
  • Root Domain also known as LDAP
  • Username
  • Password, it’s encrypted
  • Authentication type

See figure below:

_images/migration-from-dnn-active-directory-before-you-start_01.png

In case the provider menu is not available, same settings can be found in DNN database. Execute following SQL query to display “DNN Active Directory” config:

SELECT * FROM PortalSettings WHERE SettingName LIKE 'AD_%'

9.3. Disable “DNN.ActiveDirectory”

Before you install AD-Pro plugin, the “DNN Active Directory” needs to be disabled to prevent any conflicts.

  1. In Authentication Settings set plugin into Disable mode.

    _images/migration-from-dnn-active-directory-before-you-start_02.png

  2. In web.config file comment following lines:

    <location path="DesktopModules/AuthenticationServices/ActiveDirectory/WindowsSignin.aspx">
<!-- Disable Forms Authentication -->
    <formsAuthenticationWrapper enabled="false" />
    <system.webServer>
        <security>
            <!-- Enable IIS Windows authentication for the login page -->
            <authentication>
                <windowsAuthentication enabled="true" useKernelMode="false">
                    <providers>
                        <clear/>
                        <add value=”NTLM”/>
                    </providers>
                </windowsAuthentication>
                            <anonymousAuthentication enabled="false" />
            </authentication>
        </security>
    </system.webServer>
</location>

9.4. Install “Connection Manager” & “AD-Pro Authentication” module

Now you are ready to install “Connection Manager” & “AD-Pro Authentication” module. This process is welly described in separate sections:

“DNN.ActiveDirectory” usually saves DNN usernames in format Domain\Username. To keep consistency, set in “AD-Pro Authentication” username format to Default with domain, here is more info about available username formats. Same username format allows reuse DNN identities created by “DNN.ActiveDirectory” provider. Same settings imported to “AD-Pro” plugin will look as on figure below:

_images/migration-from-dnn-active-directory-before-you-start_03.png

9.5. Summary

If you will have any troubles, Glanton will support your journey to “AD-Pro Authentication”.