Vulnerability in EPiServer.Forms
I've installed EPiServer for an intranet scenario. With a couple IIS changes, I have automatic login and AD integration (very cool...).
However, while this organization wants to use AD to authenticate, they want to make and manage their own groups in EPiServer. The groupings they need won't "fit" in to the existing AD group structure, and they want more control over it, since AD is managed by their IT department.
So, I changed the role provider to the multiplexing role provider. I can now create my own groups, which is good. However, I can't put any users in them. When I search for a user and click on one, eveything on the screen is disabled and I get the message "Current provider (WindowsMembershipProvider) does not support creating or registering users. "
So, how do I continue using the Windows memberhip provider for authentication, but allow managed of groups directly in EPiServer?
Have you the sql provider first in the multiplexing provider list?
If i use multiplexing provider for both role and membership I can create an sqlgrup and then create a sql user and add it to that group.
It seems that it's not possible to add a windows user to an sql group.
Whoa. That's depressing.
So, if you use AD for auth, you're really stuck with only the AD groups for role management too. Right?
It seems like that but Im no expert on the subject. Maybe some EPiServer people could shed som light on the matter.
I'm not familiar with the AD-membership provider, but we have a setup where the users and roles are in totally different places, the roles are using the SQLRoleprovider while the members are elsewhere. We have successfully used the combination together.
Basically whatever httpcontext.current.identity.name returns is queried for Roles and that's what's stored in the sqlroleprovider.
The multiplexing shouldn't be confused as a provider which merges data between providers, it's more of a list of providers which are asked in the order which they are specified.
Did anyone figure out how to do this?