The DotNetNuke Active Directory provider I think is one of the most important aspects of having a CMS. But, if your using the DNN Active Directory Authentication provider and work in a large organization with multiple “administrators”. This little tidbit can really help.
Issue:
Dotnetnuke is a great tool, but using it in an organization where you have entire teams of network/systems teams and developers all being in the “Administrator” Active Directory Role. – why: DotNetNuke automatically put’s anyone in the AD “Administrator” group into DNN as a site Administrator. This is not ideal in all situations.
Quick Fix:
I did not want to “modify” the core code because I needed a quick fix. I needed the site up immediately and this was the only problem facing me. So I created a Sql Server Database Trigger which checks the UserRoles table on INSERT in the INSERTED table. If the Insert will be “0” which is the admin role in dnn then it rolls back the transaction.
Prerequisites:
-
Your site must be setup and using AD & IIS authentication then you need an AD user as site admin and site host. Domain\username
-
Run this script either using the DNN sql tool or in sql server for your DNN Database
-
Modify the script for your database name etc…
Script:
-- This script will stop DNN from automatically inserting AD Administrators as
-- DNN site admins
Create Trigger Remove_Admin
On [DNNDatabase].[dbo].UserRoles
For INSERT
Begin
If Exists( select RoleID from INSERTED WHERE ROLEID=0)
BEGIN
ROLLBACK TRANSACTION
END
End
If you have any Dotnetnuke 4.3.5 Active Directory Provider updates/fixes please email them to stratcr@peoplepc.com
Other DNN Product’s which decrease development/admin time:
Charles Stratton enjoys staying on the edge of technology. his skills range from DNN to Sharepoint to Custom Development. currently working in VB.Net and C#.Net web and software. Programmers work smarter not harder. You can find many of his articles on wwwcoder.com and dotnetnuke.com
