Anders Hattestad
Nov 22, 2010
(1 votes)

AD RoleProvider

In a recent project of mine, we needed to get the roles from AD. The AD roles we needed was deep inside the structure of the AD. But when we sat the connection string to point to that branch of the AD tree, none of the users got any of the roles.

That's because when you specify an branch you only get roles and users in that branch. As you can see in the GetUser methods in EPiServer.Security.ActiveDirectoryRoleProvide


There is more than one thing wrong with this method. It seems that the design pattern i EPiServer is to always access private fields, instead of public properties. _factory points to the public  DirectoryDataFactory and that could have been change in the Initialize process. This is getting more an more annoying…

We therefore have to (again!!!) copy the whole code of ActiveDirectoryRoleProvide and make changes.

I have basicly made a copy of the ActiveDirectoryRoleProvider and made myself an tag that points to where the users are RootNodeForUsers.

Code Snippet
  1. <add name="ActiveDirectoryRoleProvider"
  2.     type="Itera.Security.ActiveDirectoryRoleProvider, Itera.Security"
  3.     connectionStringName="ADRoles"
  4.     RootNodeForUsers="DC=ccc,DC=bbb,DC=aaa"
  5.     connectionUsername="ddd@aaa.bbb.ccc"
  6.     connectionPassword="xxxx"
  7.     connectionProtection="None"
  8.     attributeMapUsername="sAMAccountName" />

You can therefore with this code add an other branch so you can show a few roles, but have access to all the users.

Code can be downloaded here

Nov 22, 2010


Please login to comment.
Latest blogs
Vulnerability in EPiServer.GoogleAnalytics v3 and v4

Introduction A potential security vulnerability was detected for Optimizely Google Analytics addon (including EPiServer.GoogleAnalytics and...

Bien Nguyen | Sep 20, 2023

Overriding Optimizely’s Content Recommendations Block to Implement Custom Recommendations

Introduction The Content Recommendations add-on for Optimizely CMS dynamically recommends content from your site tailored to the interests of each...

abritt | Sep 13, 2023 | Syndicated blog

Developer contest! Install the AI Assistant and Win Bose QC45 Headphones!

We are thrilled to announce a developer contest where you have the chance to win a pair of Bose Headphones. The goal is to be the first developer t...

Luc Gosso (MVP) | Sep 7, 2023 | Syndicated blog

Send Optimizely notifications with SendGrid API, not SMTP

If your Optimizely site already sends transaction emails through an email platform API, why not do the same with Optimizely notification emails?

Stefan Holm Olsen | Sep 6, 2023 | Syndicated blog