Go back to mobile site
API and Internals
Design and CSS styles
Export and Import
Newsletters and E-mails
Security and Membership
Tags and Categories
Web parts & Controls
Security and Membership
How to retrieve/reset a lost password
You can reset the password directly in the database. Find the table named
and clear the password field for appropriate user name row. Then you can log in to the CMS using blank password and change it in the
section. If you store passwords in PLAIN text and not in SHA1 format, you can see appropriate password in table above directly.
Second option how to retrieve a lost password is to use the
link. Please go to some page which requires logon and click on mentioned link, enter you e-mail address and the new password will be send to this address (if it exists for some user account).
How to authenticate user using API
You can use following sample code in Kentico CMS 4.0:
CMS.SiteProvider.UserInfo ui = CMS.SiteProvider.UserInfoProvider.AuthenticateUser(txtboxUsername.Text, txtboxPassword.Text, CMS.CMSHelper.CMSContext.CurrentSite.SiteName);
if (ui != null)
.SetCurrentUser(new CMS.CMSHelper.CurrentUserInfo(ui, true));
Functionality of "Remember me" checkbox in logon web part
If you log in and have this checkbox ticked and you stop working at all with your pages but don't log out, this feature will be useful because next time you access the pages you won't have to log in again. It’s something like persistent connection. It works like e.g. Google account - if you check it, you should stay logged into the system. You don't need to fill your credentials anymore (until you click the 'Sign out button').
Many customers think that it provides auto-filling functionality of the username and password fields so that they wouldn’t need to enter them every time they try to login to the site. It is handled by browser itself. Please take a look at the below links for more details.
Auto complete in Firefox
Auto complete in Internet Explorer
How do I set SSL for administration interface?
In Site Manager -> Settings -> <global settings> -> Security & Membership -> Administration section there is setting named “Use SSL for administration interface”. Please note: Before setting this key to true, please make sure that the SSL certificate is correctly installed in your IIS. If not, you won’t be able to login to the UI, and you will need to change this setting back to false directly in the database e.g. using this query:
SET KeyValue = 'false'
WHERE KeyName = 'CMSUseSSLForAdministrationInterface'
How to change the algorithm for password generation
If you want to generate passwords as alphanumeric strings (without special characters) or as strings which contain only special characters, you can implement your own algorithm for password generation in the
file and in the
protected void btnGenerateNew_Click(object sender, EventArgs e)
// Check modify permission
string result = ValidateGlobalAndDeskAdmin();
if (result == String..Empty)
string pswd = ...; // your own algorithm
How can I configure Kentico to use SSL?
Configuration of SSL must be handled at the IIS level, not within Kentico. Please see the following Microsoft documentation:
The feature within Kentico that uses SSL is the Document option under Properties -> Security that specifies whether a page should redirect to SSL (to use https instead of http). You can set this up per document, or you can set this in your master page and use inheritance to apply the setting to all pages.
This subject is explained in further detail in the following Kentico documentation:
How to stop CMS from deleting users automatically?
There is a web site related
Users delete non activated user”
responsible for deleting
. Its execution interval is set to
by default. This scheduled task deletes users which are
waiting for approval
based on your settings (S
ite Manager -> Settings -> Security & Membership -> Delete non-activated user after (days)
). You can either disable this scheduled task or make sure that the users which you do not want to lose are enabled and/or not waiting for approval.
How to set SSL for the logon.aspx page
To set SSL for the
page, please go to your solution in Visual Studio and open
and its code-behind file.
Now write the following code in the
How to hide the Properties tab in CMS Desk -> Content -> Edit for a specific role
Please go to
Site Manager -> Settings -> <your site> -> Content Management
and check the
Personalize user interface by permissions
check box. This allows you to specify permissions for the user interface. If you now go to
CMS Desk -> Administration -> Permissions, choose Permission type: Modules and Permission matrix: CMS User Interface
, you can uncheck the Properties tab for a particular role. This ensures that users in that role can't see the Properties tab.
Why do secured Word and Excel documents need an extra logon page?
If you secure Word and Excel documents uploaded as CMS.File-s (they require authentication) and the documents contain links to other secured documents, it always displays the logon screen if you click on the links no matter if you are already logged in. In other words, if you browse through the documents via links in the document content, you need to type the username and password every time you open a new document.
Microsoft Word and Excel applications use a special request before the standard request which should check the URL. The extra request does not include needful information for Kentico and that is why it displays the extra logon screen.
Regrettably, we cannot affect the behavior of these processors. For example Outlook and PDF reader use the standard way and it works OK.
How can I change design of Kentico logon page, use different images, styles, etc.
The Logon page is available in
within the project folder. There are following classes used for design:
padding: 80px 0 12px 0; /* width: 503px; */
background: url(Images/Dialog/LoginBox05.gif) no-repeat;
Both are defined in
file. You can change them according to your needs.
How to determine that 'Logon mini form' is hidden for authenticated user
Please go to: '
CMS Desk -> Content -> document_with_LogonMiniform -> Design
' and click on webpart configuration. Here you can select which role you want to show the logon form to. Please select only
This will enforce that logon form will be shown only to non-authenticated users.
There are users identified as guests in the summary of online users even if there is authentication required for access
This is caused by user is consider to be guest in a time after he logs out and before his session expires.
I see some users duplicated in On-line users section
This issue may happen when the user, who is already logged in, logs in again from different browser or computer.
Permission setting "Personalizing user interface" doesn't work
Site Manager -> Settings -> <your site> -> Content Management -> Personalize user interface by permissions
checkbox and check it (set it to true).
Which form control is used for user password field in forms?
It may be confusing there is standard text box specified as field type of password field in User system table. This is caused by the value specified in User system table is not actually used anywhere. There is always some particular alternative form used on live page and there is already the 'password with confirmation' form control used in alternative form. You can find source of this form control in ~\CMSFormControls\PasswordConfirmator.ascx(.cs) files.
I cannot login to site, because the "Use SSL for administration interface" option has been switched on
Sometimes it might happen that you accidentally switch on the option "
Use SSL for administration interface"
Site Manager -> Settings -> (global) -> Security
First option is generating
and configure your IIS to use it. The easiest way is using SelfSSL certificate service, you can find more info about it using
Another option is switching off this option manually in the database. Please open the database and in table
find this record:
and in column
change the value to
. Now, you need to make some change in web.config file, e.g. add some space and save it. This will force the application to restart and after this everything should be like before.
I have multiple sites running under Kentico CMS and I get notification that the SSL is from the wrong domain
The SSL certificate is set for web site in IIS. So basically you have following two options:
1) You can create separate web sites in IIS for each of the sites in Kentico CMS
2) You can have one IIS web site and buy multiple name certificate
User is not able to log in to CMSDesk even if the password is correct
This issue can be caused by a site which uses Form authentication and the user has the '
' field from the
table set to true (which works only with windows authentication, or when authenticating a user against an external DB using the
User is not able to access CMS Desk/CMS Site Manager using IE6/7
This may be solved by the following approaches.
1) Enabling cookies in the browser.
2) Try to lower your IE privacy settings and set it to "low" level.
3) Server time may be set incorrectly according the GMT time, that's why the server is sending expired cookies and the user is not able to log in. Try to set your time according to the
Content Management System
Social Networking Software
Online Marketing Solution
| Copyright © 2004-2013 Kentico Software | Powered by
Share with Friends: