World is now on Opti ID! Learn more

Anders Hattestad
Nov 22, 2010
  6332
(1 votes)

AD RoleProvider

In a recent project of mine, we needed to get the roles from AD. The AD roles we needed was deep inside the structure of the AD. But when we sat the connection string to point to that branch of the AD tree, none of the users got any of the roles.

That's because when you specify an branch you only get roles and users in that branch. As you can see in the GetUser methods in EPiServer.Security.ActiveDirectoryRoleProvide

image

There is more than one thing wrong with this method. It seems that the design pattern i EPiServer is to always access private fields, instead of public properties. _factory points to the public  DirectoryDataFactory and that could have been change in the Initialize process. This is getting more an more annoying…

We therefore have to (again!!!) copy the whole code of ActiveDirectoryRoleProvide and make changes.

I have basicly made a copy of the ActiveDirectoryRoleProvider and made myself an tag that points to where the users are RootNodeForUsers.

Code Snippet
  1. <add name="ActiveDirectoryRoleProvider"
  2.     type="Itera.Security.ActiveDirectoryRoleProvider, Itera.Security"
  3.     connectionStringName="ADRoles"
  4.     RootNodeForUsers="DC=ccc,DC=bbb,DC=aaa"
  5.     connectionUsername="ddd@aaa.bbb.ccc"
  6.     connectionPassword="xxxx"
  7.     connectionProtection="None"
  8.     attributeMapUsername="sAMAccountName" />

You can therefore with this code add an other branch so you can show a few roles, but have access to all the users.

Code can be downloaded here

Nov 22, 2010

Comments

Please login to comment.
Latest blogs
Open Optimizely CMS in a New Tab – Instantly

Speed up your Optimizely CMS workflow with this free Chrome Extension. Instantly open the live view of the page you're editing – no right click, op...

Andy Blyth | Jul 18, 2025 |

Creating Quick Actions for ContentReference Images with a Custom Dojo Module

Credit note: This article is inspired by the  edit link in dojo  module, with extra features added. We received a request from our customer to...

Manoj Kumawat | Jul 18, 2025

Password protect your Optimizely CMS content

Want to share some private content on your website with basic password protection? You can do this with an Optimizely form and Audience based...

Brian Gerby | Jul 17, 2025 |

Importing Form Submission Data into Optimizely Forms Using DdsPermanentStorage

Recently, we needed to import a large number of records from a third-party system into Optimizely Forms . The data was available in CSV format, and...

Pawan Singh | Jul 16, 2025

Cancelling CMS Scheduled Jobs

From flags to tokens: making Optimizely CMS scheduled jobs more elegant with .NET cancellation tokens.

Damian Smutek | Jul 16, 2025 |

Optimizely Frontend Hosting: Deploy Without PowerShell Using the @kunalshetye/opticloud Package

In my last two blog posts, I walked through how to get started with deploying a headless app to Optimizely Frontend Hosting using PowerShell and th...

Szymon Uryga | Jul 15, 2025