Anders Hattestad
Nov 22, 2010
(1 votes)

AD RoleProvider

In a recent project of mine, we needed to get the roles from AD. The AD roles we needed was deep inside the structure of the AD. But when we sat the connection string to point to that branch of the AD tree, none of the users got any of the roles.

That's because when you specify an branch you only get roles and users in that branch. As you can see in the GetUser methods in EPiServer.Security.ActiveDirectoryRoleProvide


There is more than one thing wrong with this method. It seems that the design pattern i EPiServer is to always access private fields, instead of public properties. _factory points to the public  DirectoryDataFactory and that could have been change in the Initialize process. This is getting more an more annoying…

We therefore have to (again!!!) copy the whole code of ActiveDirectoryRoleProvide and make changes.

I have basicly made a copy of the ActiveDirectoryRoleProvider and made myself an tag that points to where the users are RootNodeForUsers.

Code Snippet
  1. <add name="ActiveDirectoryRoleProvider"
  2.     type="Itera.Security.ActiveDirectoryRoleProvider, Itera.Security"
  3.     connectionStringName="ADRoles"
  4.     RootNodeForUsers="DC=ccc,DC=bbb,DC=aaa"
  5.     connectionUsername="ddd@aaa.bbb.ccc"
  6.     connectionPassword="xxxx"
  7.     connectionProtection="None"
  8.     attributeMapUsername="sAMAccountName" />

You can therefore with this code add an other branch so you can show a few roles, but have access to all the users.

Code can be downloaded here

Nov 22, 2010


Please login to comment.
Latest blogs
Customizing Property Lists in Optimizely CMS

Generic property lists is a cool editorial feature that has gained a lot of popularity - in spite of still being unsupported (officially). But if y...

Allan Thraen | Oct 2, 2022 | Syndicated blog

Content Delivery API – The Case of the Duplicate API Refresh Token

Creating a custom refresh provider to resolve the issues with duplicate tokens in the DXC The post Content Delivery API – The Case of the Duplicate...

David Lewis | Sep 29, 2022 | Syndicated blog

New Optimizely certifications - register for beta testing before November 1st

In January 2023, Optimizely is making updates to the current versions of our certification exams to make sure that each exam covers the necessary...

Jamilia Buzurukova | Sep 28, 2022

Optimizely community meetup - Sept 29 (virtual + Melbourne)

Super excited to be presenting this Thursday the 29th of September at the Optimizely community meetup. For the full details and RSVP's see the...

Ynze | Sep 27, 2022 | Syndicated blog

Preview multiple Visitor Groups directly while browsing your Optimizely site

Visitor groups are great - it's an easy way to add personalization towards market segments to your site. But it does come with it's own set of...

Allan Thraen | Sep 26, 2022 | Syndicated blog

The Report Center is finally back in Optimizely CMS 12

With Episerver.CMS.UI 12.12.0 the Report Center is finally re-introduced in the core product.

Tomas Hensrud Gulla | Sep 26, 2022 | Syndicated blog