+ Post New Thread
Results 1 to 8 of 8
Home Access Plus+ Thread, Deny Logon to OU, Group or Single User in Projects:; Hi all, Does anyone know if it is possible to deny logons to an Active Directory OU, Group or even ...
  1. #1

    Join Date
    Apr 2013
    Location
    Birmingham
    Posts
    119
    Thank Post
    5
    Thanked 4 Times in 4 Posts
    Rep Power
    4

    Deny Logon to OU, Group or Single User

    Hi all,

    Does anyone know if it is possible to deny logons to an Active Directory OU, Group or even a single user so that when they type their logon credentials into HAP it just denies logon with a message, kind of like the message that comes up if a user typed in the wrong username or password.

    Many thanks

  2. #2

    Join Date
    Apr 2013
    Location
    Birmingham
    Posts
    119
    Thank Post
    5
    Thanked 4 Times in 4 Posts
    Rep Power
    4
    Hi all,

    Sorry to be a pain but does anyone know if the above is possible as I would like to use HAP+ for staff only and deny access to students and possibly the supply staff account?

    Many thanks

  3. #3

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,690
    Thank Post
    43
    Thanked 560 Times in 468 Posts
    Rep Power
    124
    Unfortunately it will just redirect them to the unauthorized.aspx page instead.

    You can limit access by changing line 38 of the web.config file.

    Add

    <deny roles="%Rolename%" />

  4. #4

    Join Date
    Apr 2013
    Location
    Birmingham
    Posts
    119
    Thank Post
    5
    Thanked 4 Times in 4 Posts
    Rep Power
    4
    Cheers Nick,

    I will give this a go later.

    Many thanks, as always

  5. #5

    Join Date
    Apr 2013
    Location
    Birmingham
    Posts
    119
    Thank Post
    5
    Thanked 4 Times in 4 Posts
    Rep Power
    4
    Hi Nick,

    I have tried adding the code <deny roles="%Rolename%" /> to my web.config file and I get the below error in chrome.

    Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects.

    IE just don't load the page and firefox shows the error: "The page isn't redirecting properly, Firefox has detected that the server is redirecting the request for this address in a way that will never complete."

    I have taken off my HTTP redirect in case this was causing a problem but this has not resolved the issue.

    Any ideas?

    Also would it be possible to eliminate the unauthorised page so that when a user that is not allowed to access the system using <deny roles="%Rolename%" /> it would just show a message on the homepage like the one shown for incorrect username/password?

  6. #6

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,690
    Thank Post
    43
    Thanked 560 Times in 468 Posts
    Rep Power
    124
    Hi Paul-K, it's coming in the next release. Odd that it's stuck in an infinite redirect

  7. #7

    Join Date
    Jun 2013
    Posts
    23
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by nickbro View Post
    Hi Paul-K, it's coming in the next release. Odd that it's stuck in an infinite redirect
    This is what is happening to me too. When changing the web.config to ONLY allow certain users via the allow roles option, if you try to login to HAP with an account that isnt authorized , it never displays the unauthorized.aspx page. This is with the latest 9.1 code as far as I can tell.

    JR

  8. #8

    Join Date
    Apr 2013
    Location
    Birmingham
    Posts
    119
    Thank Post
    5
    Thanked 4 Times in 4 Posts
    Rep Power
    4
    I have updated to 9.2 and this now works perfectly for <deny roles="%Rolename%" /> and <deny users="%Username%" />.

    Thanks Nick for the hard work.

  9. Thanks to Paul-K from:

    nickbro (12th July 2013)



SHARE:
+ Post New Thread

Similar Threads

  1. Moodle, How to add groups or something from AD.
    By dany2010 in forum Virtual Learning Platforms
    Replies: 0
    Last Post: 17th April 2013, 01:23 PM
  2. Exchange 2007 - Deny sending to Dist Groups.
    By steele_uk in forum Windows
    Replies: 2
    Last Post: 23rd September 2008, 06:23 PM
  3. Disable network logon for a Security Group or an OU
    By mrforgetful in forum Wireless Networks
    Replies: 10
    Last Post: 28th June 2006, 05:13 PM
  4. Replies: 12
    Last Post: 12th September 2005, 11:47 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •