Active Directory security requires a connection string to your Active Directory.
|
|
|
Active Directory security requires a connection string to your Active Directory. |
In order to access the Active Directory on your network, your application must have a connection string to the Active Directory. This connection string allows both Iron Speed Designer and your generated application to connect to your Active Directory. Your system administrator should be able to provide you with appropriate connection string information.
The Application Security Wizard populates the possible Active Directory connection strings for the root domain controller, which is sufficient to connect to Active Directory and use Active Directory security, and for the first-level domain controllers. If the Active Directory has a ‘forest’ with multiple controllers, you can configure security access separately for different controllers by adding separate strings for each controller.
The first string in the list is default and any user who logs in without specifying domain explicitly will be validated against default controller. It is a good idea to have connection string to the root controller as a default. Configured connection strings are stored in the Web.config file as a value of the ADDomainControllers key.
If the Active Directory controller is not available when configuring application security via the Application Security Wizard, no roles will be visible (populated) in the wizard except standard roles such as ‘everyone’, ‘no one’, and ‘signed-in only’. Hence, Active Directory role configuration is possible only when the Application Security Wizard can reach the Active Directory controller.
It is difficult to configure Active Directory security if Active Directory is not available in your development environment. It is also difficult to test your Active Directory security configuration because without Active Directory available, no one can be authenticated.
You can go to each HTML layout page file and manually enter the Active Directory group names with appropriate tags. This can take some time and is prone to data entry errors which are hard to catch later.
Step 1: Select Application Security Type
Step 2: Enter Active Directory Connection String
Step 3: Select the User Table (Database Security)
Step 4: Select the Roles Table (Database Security)
Step 4: Select the Policy Store Role Provider (AzMan Security)
Step 5: Assign Page Permissions
Step 6: Configure Individual Components for Role-Based Security
Administering Database Security at Run-Time
Displaying Data for Logged In Users
Active Directory and Microsoft Authorization Manager Configuration