AI OnAI Off
Have you got other AD users working fine on the website, if you can make a tempory AD group and add the user to this group then within web.config add this group to the allowed section for UI and UI/Admin then try again.
<location path="secret">
<system.web>
<authorization>
<allow roles="WebAdmins, Administrators, ADAdmins" />
<deny users="*" />
</authorization>
</system.web>
</location>
<location path="secret/CMS/admin">
<system.web>
<authorization>
<allow roles="WebAdmins, Administrators, ADAdmins" />
<deny users="*" />
</authorization>
</system.web>
</location>
The following version of EPiServer is used: 5.2.375.236.
Provider: ActiveDirectoryMembershipProvider.
I have a customer that has a problem with a recently added AD-user - the user doesn't get the correct membership in EPiServer, and therefore aren't able to log in to the web site's edit mode.
The user is added in the AD and added in an existing web editor-group. And the customer can see that a question is sent to the AD if you try to log in with the user's credentials. But in EPiServer's admin mode, you can search the user and find it. But when taking a closer look at the users' information, in the "Member of"-box you find only "Domain Users" and "Users" - not the web editor-group it should be a member of according to the information in the AD. So it's no wonder the user can't log in to the edit mode. It's as if EPiServer isn't updated with membership groups from the AD for this user.
It's not a new web, nor a new editor group. So why not doing it right this time?
Has anyone of you guys any ideas what it is that could have happened in this case?
Most grateful for help!
/ Sofie