0

I installed a Kentico 9.0 website and everything worked fine. Then I tried to configure Windows Active Directory authentication using this documentation: https://docs.kentico.com/display/K8/Configuring+Windows+AD+authentication. However, when I open the URL, the login popped up, I used my working login credentials and the login pops up back constantly.

I changed back the web.config and saw the event log, and there was nothing logged about my numourous login attemps.

The documentation was straight forward, so I am guessing there is a permission issue in my environment. There is one little warning in the documentation but it doesn't say how to do it:

Prerequisite For Windows authentication to work, the application must be able to access the following attributes of user objects in Active Directory (i.e. the attributes cannot be protected or confidential): memberof userAccountControl

My application is in a virtual server in a domain. And the Active Directory service is in different server in the domain. Does it mean I need to do something for my application's permission to AD? I am using NetworkServices application pool identity.

Thanks.

Jenny
  • 61
  • 6

2 Answers2

0

You (your laptop) have to be in company intranet and logged in to your laptop with your AD credentials. If you meet those conditions IE or Chrome should not even prompt you for credentials as they are already known, so browser just passes your AD account information to Kentico. Once you see the prompt continuously there is something wrong with your setup. Make sure

  • you configured everything according to documentation (Kentico + IIS)
  • server/host is in domain
  • you're in intranet and logged in with AD creds
Roman Hutnyk
  • 1,549
  • 9
  • 14
-1

Usually how Active Directory authentication works is you need to pass it a AD Username and password that has access to read the users. I would check that user's permissions.

Trevor F
  • 1,429
  • 9
  • 6