Active Directory as the ONLY provider and setting up Administrative Roles
I'm trying out Sitefinity for use as our companies' intranet. I've connected the site to our existing Active Directory and everything works as I want.
Questions:
1. I want to make one of my Active Directory roles into the Administrator role for the site. Is there an easier way of doing this besides clicking through every permission and allowing it for that role?
2. Is there a guide for removing the default Role and Memberships once I have everything in place? I guess I could leave the single Administrator account out there, but I don't want my users to have to select "LDap" from the dropdown before logging in.
1. Go to Settings -> Advanced -> Security -> AdministrativeRoles. Click create new and fill in the Provider Name and Role Name fields. Save.
2. If you follow the steps in the documentation Setting up SSO with Windows authentication, your users will be seamlessly logged in, when on a domain computer, other wise they will see a user name and password prompt from the browser where they enter their domain credentials. Your users would never see the default Sitefinity login page. I am not sure if it is still true but I don't think it is possible to remove the default membership provider.
Hi Jimmy,
Regarding your first question, you may also refer to the following forum post where the same issue has been discussed.
You can disable the default role and membership providers from the Sitefinity backend by following the steps:
1. Go to Administration -> Settings -> Advanced -> Security -> Membership Providers -> Default and uncheck the Enabled checkbox and click Save changes.
2. Go to Administration -> Settings -> Advanced -> Security -> Role Providers -> Default and uncheck the Enabled checkbox and click Save changes.
Then please restart the application pool in order for the changes to take effect.
Regards,
Sabrie Nedzhip
Telerik