I was able to get around it by setting the default roleManager and membership Provider to MultiplexingRoleProvider and MultiplexingMembershipProvider respectively.
Then I logged on using my windows account and I was able to create users and groups.
THanks!
*Edit: How do I mark this post as resolved?
You can't create Windows users using EPiServer CMS. You do that in Windows. You can however use another provider that stores the users in the database, then you can create new users (and delete). This is what Jan did when he switched to Multiplexing provider, that enabled him to log in with his Windows account AND create users. But those users will be created in the database not in Windows.
But you can't do anything to Windows users in EPiServer CMS. You'll have to manage them in Windows.
hey thanks toni,
i can get that point ..
i hope i should change that in the wen.config file..
my question is what to change/ replace ....
is thera any guidelines for that.. for example i give my settigns in web.config file below
<system.web>
<roleManager enabled="true" defaultProvider="WindowsRoleProvider" cacheRolesInCookie="true">
<providers>
<clear/>
<!-- Comment the following lines when running on oracle. -->
<add name="MultiplexingRoleProvider" type="EPiServer.Security.MultiplexingRoleProvider, EPiServer" provider1="SqlServerRoleProvider" provider2="WindowsRoleProvider" providerMap1="SqlServerMembershipProvider" providerMap2="WindowsMembershipProvider"/>
<!-- comment when running on oracle -->
<!-- Uncomment the following lines when running on oracle. -->
<!--<add provider1="OracleRoleProvider" provider2="WindowsRoleProvider"
providerMap1="OracleMembershipProvider" providerMap2="WindowsMembershipProvider"
name="MultiplexingRoleProvider" type="EPiServer.Security.MultiplexingRoleProvider, EPiServer" />-->
<!--Uncomment the lines above running oracle-->
<add name="WindowsRoleProvider" applicationName="EPiServerSample" type="EPiServer.Security.WindowsRoleProvider, EPiServer"/>
<add name="SqlServerRoleProvider" connectionStringName="EPiServerDB" applicationName="EPiServerSample" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
<!--<add name="ActiveDirectoryRoleProvider"
type="EPiServer.Security.ActiveDirectoryRoleProvider, EPiServer"
connectionStringName="ActiveDirectoryProviderConnection"
connectionUsername="DOMAIN\ADServiceAccount"
connectionPassword="password"
attributeMapUsername="sAMAccountName" />-->
</providers>
</roleManager>
<membership defaultProvider="WindowsMembershipProvider" userIsOnlineTimeWindow="10">
<providers>
<clear/>
<!-- Comment the following lines when running on oracle. -->
<add name="MultiplexingMembershipProvider" type="EPiServer.Security.MultiplexingMembershipProvider, EPiServer" provider1="SqlServerMembershipProvider" provider2="WindowsMembershipProvider"/>
<!-- comment the lines above when running on oracle -->
<!-- Uncomment the following lines when running on oracle. -->
<!--<add provider1="OracleMembershipProvider" provider2="WindowsMembershipProvider"
name="MultiplexingMembershipProvider" type="EPiServer.Security.MultiplexingMembershipProvider, EPiServer" />-->
<!--Uncomment the lines above running oracle-->
<add name="WindowsMembershipProvider" type="EPiServer.Security.WindowsMembershipProvider, EPiServer" deletePrefix="BUILTIN\" searchByEmail="true"/>
<add name="SqlServerMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="EPiServerDB" requiresQuestionAndAnswer="false" applicationName="EPiServerSample" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
<!--<add name="ActiveDirectoryMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ActiveDirectoryProviderConnection"
connectionUsername="DOMAIN\ADServiceAccount"
connectionPassword="password"
enableSearchMethods="true"
attributeMapUsername="sAMAccountName" />-->
</providers>
</membership>
<profile enabled="true" defaultProvider="SqlProfile" automaticSaveEnabled="true">
<properties>
<add name="Address" type="System.String"/>
<add name="ZipCode" type="System.String"/>
<add name="Locality" type="System.String"/>
<add name="Email" type="System.String"/>
<add name="FirstName" type="System.String"/>
<add name="LastName" type="System.String"/>
<add name="Language" type="System.String"/>
<add name="Country" type="System.String"/>
<add name="Company" type="System.String"/>
<add name="Title" type="System.String"/>
<add name="SubscriptionInfo" type="EPiServer.Personalization.SubscriptionInfo, EPiServer"/>
<add name="CustomExplorerTreePanel" type="System.String"/>
<add name="FileManagerFavourites" type="System.Collections.Generic.List`1[System.String]"/>
<add name="EditTreeSettings" type="EPiServer.Personalization.GuiSettings, EPiServer"/>
<add name="ClientToolsActivationKey" type="System.String"/>
<add name="FrameworkName" type="System.String"/>
</properties>
<providers>
<clear/>
<add name="SqlProfile" type="System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="EPiServerDB" applicationName="EPiServerSample"/>
</providers>
</profile>
<!-- DYNAMIC DEBUG COMPILATION
Set compilation debug="true" to enable ASPX debugging. Otherwise, setting this value to
false will improve runtime performance of this application.
Set compilation debug="true" to insert debugging symbols (.pdb information)
into the compiled page. Because this creates a larger file that executes
more slowly, you should set this value to true only when debugging and to
false at all other times. For more information, refer to the documentation about
debugging ASP .NET files.
-->
<compilation defaultLanguage="c#" debug="true">
<assemblies>
<add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Web.Abstractions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Web.Routing, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Web.Mvc, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<add assembly="System.Data.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
</assemblies>
</compilation>
<!-- CUSTOM ERROR MESSAGES
Set customError mode values to control the display of user-friendly
error messages to users instead of error details (including a stack trace):
"On" Always display custom (friendly) messages
"Off" Always display detailed ASP.NET error information.
"RemoteOnly" Display custom (friendly) messages only to users not running
on the local Web server. This setting is recommended for security purposes, so
that you do not display application detail information to remote clients.
-->
<customErrors mode="RemoteOnly"/>
<!-- AUTHENTICATION
!!!! IMPORTANT SECURITY NOTE !!!!!
If you enable forms authentication by uncommenting the Forms authentication information below AND
you are using Windows 2000 (any version) as web server, you must enable the "Act as part of the
operating system" user right for the ASPNET user account. If this is not done, you will not be able
to logon with windows accounts, only Extranet accounts. However this may be regarded as compromising
the security on your system since the ASPNET account should be a low-privilege account.
This section sets the authentication policies of the application. Possible modes are "Windows", "Forms",
"Passport" and "None". However only "Windows" and "Forms" are supported by EPiServer.
-->
<!-- authentication mode="Windows" / -->
<authentication mode="Forms">
<forms name=".EPiServerLogin" loginUrl="Util/login.aspx" timeout="120"/>
</authentication>
<!-- APPLICATION-LEVEL TRACE LOGGING
Application-level tracing enables trace log output for every page within an application.
Set trace enabled="true" to enable application trace logging. If pageOutput="true", the
trace information will be displayed at the bottom of each page. Otherwise, you can view the
application trace log by browsing the "trace.axd" page from your web application
root.
-->
<trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true"/>
<!-- SESSION STATE SETTINGS
By default ASP .NET uses cookies to identify which requests belong to a particular session.
If cookies are not available, a session can be tracked by adding a session identifier to the URL.
To disable cookies, set sessionState cookieless="true".
-->
<sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424" sqlConnectionString="data source=127.0.0.1;user id=sa;password=" cookieless="false" timeout="20"/>
<!-- GLOBALIZATION
This section sets the globalization settings of the application.
-->
<globalization culture="en-US" uiCulture="en" requestEncoding="utf-8" responseEncoding="utf-8" resourceProviderFactoryType="EPiServer.Resources.XmlResourceProviderFactory, EPiServer"/>
<pages validateRequest="false" enableEventValidation="true" pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<controls>
<add tagPrefix="EPiServer" namespace="EPiServer.WebControls" assembly="EPiServer"/>
<add tagPrefix="EPiServer" namespace="EPiServer.Web.WebControls" assembly="EPiServer"/>
<add tagPrefix="EPiServer" namespace="EPiServer.Web.WebControls" assembly="EPiServer.Web.WebControls"/>
<add tagPrefix="XForms" namespace="EPiServer.XForms.WebControls" assembly="EPiServer.XForms"/>
<add tagPrefix="WebParts" namespace="EPiServer.WebParts.WebControls" assembly="EPiServer"/>
<add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</controls>
<namespaces>
<add namespace="System.Web.Mvc"/>
<add namespace="System.Web.Mvc.Ajax"/>
<add namespace="System.Web.Mvc.Html"/>
<add namespace="System.Web.Routing"/>
<add namespace="System.Linq"/>
<add namespace="System.Collections.Generic"/>
</namespaces>
</pages>
<!-- Uncomment this section to enable webpart support on the site -->
<!--<webParts>
<personalization defaultProvider="EPiServerPersonalizationProvider">
<providers>
<add name="EPiServerPersonalizationProvider" type="EPiServer.WebParts.Core.EPiServerPersonalizationProvider" connectionStringName="EPiServerDB" />
</providers>
<authorization>
<allow verbs="enterSharedScope" roles="WebAdmins, WebEditors, Administrators" />
</authorization>
</personalization>
</webParts>-->
<caching>
<outputCacheSettings>
<outputCacheProfiles>
<add name="ClientResourceCache" enabled="true" duration="3600" varyByParam="*" varyByContentEncoding="gzip;deflate"/>
</outputCacheProfiles>
</outputCacheSettings>
</caching>
</system.web>
If you want to use Multiplexing provider you need to switch out the defaultProvider in both the role and membership provider section, this is currently set to Windows in your config, For example your role provider looks like this :defaultProvider="WindowsRoleProvider", change that to defaultProvider="MultiplexingRoleProvider" and do the same for your membership provider!
To get a better grasp of membership and role providers in EPiServer please read this documentation about it:
http://sdk.episerver.com/library/CMS5/Developers%20Guide/Membership%20and%20Role%20Providers.htm?id=24871
First a big thanks for your response
and a hats off for your guidelines and kindness
thanks man.
I have installed an episerver site with database successfully. I was able to login on the EPiSERVER site using my windows account.
I can't add a user because of the provider I'm currently using. I've read that I need tochange the provider but can't find a detailed step on how to do it and what login to use next.
Thanks.