Login credentials for imported AD users.

Refell Jones asked on November 24, 2019 11:10

I followed the steps described in the docs:

https://docs.kentico.com/k9/external-utilities/kentico-ad-import-utility/importing-users-and-roles-from-active-directory

The users have been imported but their AD credentials do no work when trying to login. The CMS_User table shows the UserPassword cell value as blank for these imported users.

Correct Answer

Mike Wills answered on November 25, 2019 00:29

Hi Refell,

The AD Import Tool does not import user passwords. It's intended to import user records in advance of using either Windows Authentication or Mixed-Mode Authentication. If you use Mixed-Mode Authentication, users will still use a web form to login. Additionally, Kentico users or AD users can be used. Here's information on both options:

Configuring mixed-mode authentication

Securing a website section using Windows authentication

Mike

1 votesVote for this answer Unmark Correct answer

Recent Answers

Refell Jones answered on November 25, 2019 08:29

Hi Mike, Thanks for answering.

Then what would be the login credentials for the imported user? Do I add the LDAP connection string and then those credentials would work?

0 votesVote for this answer Mark as a Correct answer

Juraj Ondrus answered on November 25, 2019 08:52

If you are using Mixed mode authentication, then you need to add the LDAP connection string. If you are using pure Windows authentication, just follow the docs and no LDAP connection string is needed. When authenticating against the AD, the user is using their AD credentials as usual. Kentico just needs to have the user account record, the user object in its DB, but the actual authentication is done against the AD. Kentico does not store any passwords in this case.

2 votesVote for this answer Mark as a Correct answer

Refell Jones answered on November 25, 2019 10:01

Thanks Mike and Juraj! That helped me understand this flow better.

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.