+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 26
Home Access Plus+ Thread, HAP 9 non domain admin logins in Projects:; I know this is something I am doing wrong but am now stuck for ideas. I have tried HAP 9 ...
  1. #1

    Join Date
    Sep 2013
    Posts
    15
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    HAP 9 non domain admin logins

    I know this is something I am doing wrong but am now stuck for ideas. I have tried HAP 9 and HAP 9.6 under both server 2012 and 2008 R2 on both everything goes OK and I can login and see my files. Once I try and login as a standard user I get the message "Either your Username or Password was Incorrect or you do not have permission to access this site." I have tried a number of different accounts.

    This is running on a standard server so I have altered the local security policy to allow the domain users to login locally, gpupdated restarted and the usual. This makes no difference.

    Anyone any ideas as this is driving me nuts and I think HAP is a perfect fit for my school.

  2. #2

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,648
    Thank Post
    43
    Thanked 550 Times in 459 Posts
    Rep Power
    121
    Check the web.config file is set.

    I'd also double check that local logons have been enabled: Nikolay's Blog: Win 2008 R2 + Active Directory. Local Logon.

  3. #3

    Join Date
    Sep 2013
    Posts
    15
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by nickbro View Post
    Check the web.config file is set.

    I'd also double check that local logons have been enabled: Nikolay's Blog: Win 2008 R2 + Active Directory. Local Logon.
    Thanks Nick, I have performed the instructions to modify the web.conf that come up in setup.aspx. Have also tested that the account can login to the member server via the console which is can.

    Any other ideas?

  4. #4

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,648
    Thank Post
    43
    Thanked 550 Times in 459 Posts
    Rep Power
    121
    Any events in the event log

  5. #5

    Join Date
    Sep 2013
    Posts
    15
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi Nick,

    When I log in as me (Enterprise Admin Account) the following appears in the application log, though everything works perfectly:

    "An error occurred in Home Access Plus+
    Page: HAP.Web.API.MyPic


    Creating Directory Search and Searching for then current user
    Using filter: (&(objectClass=user) (sAMAccountName=Ian))
    Found 1 results, processing 1st result
    Found 0 thumnbnailPhotos"

    When I try loggin in as a standard user nothing in logged in any windows logs.

  6. #6

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,648
    Thank Post
    43
    Thanked 550 Times in 459 Posts
    Rep Power
    121
    Ok, that error can be ignored.

    Can you provide me with your web.config file please?

  7. #7

    Join Date
    Sep 2013
    Posts
    15
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi Nick,

    Below is the web.config from the server 2012 machine but the server 2008 R2 is the same with the IIS 8 lines left intact. I am sure this is me doing something really silly, but I have gone around and around now to the point where I am not sure where I am at.

    Code:
    <?xml version="1.0" encoding="utf-8"?>
    <!--
      Under IIS7.5, the application pool identity will be IIS APPPOOL\$apppool$, where $apppool$ is the application pool have is running under. You will need to grant permission to the App_Data folder to this user
    -->
    <configuration>
      <connectionStrings>
        <add name="SQLConnectionString" connectionString="Server=localhost;Database=hap;Trusted_Connection=True;" />
      </connectionStrings>
      <system.web>
        <sessionState mode="InProc" compressionEnabled="true" />
        <pages>
          <controls>
            <add assembly="HAP.Web" namespace="HAP.Web.Controls" tagPrefix="hap" />
          </controls>
        </pages>
        <compilation debug="true">
          <assemblies>
            <add assembly="System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
            <add assembly="System.DirectoryServices.Protocols, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
            <add assembly="System.DirectoryServices.AccountManagement, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
          </assemblies>
        </compilation>
        <authentication mode="Forms">
          <forms loginUrl="~/login.aspx" defaultUrl="~/" requireSSL="true" protection="All" />
        </authentication>
        <membership defaultProvider="admp">
          <providers>
            <clear />
            <add name="admp" type="HAP.AD.MembershipProvider" />
          </providers>
        </membership>
        <roleManager defaultProvider="adrp" enabled="true">
          <providers>
            <clear />
            <add name="adrp" type="HAP.AD.RoleProvider" />
          </providers>
        </roleManager>
        <authorization>
          <deny users="?" />
        </authorization>
        <customErrors mode="Off" />
      </system.web>
      <!-- 
            The system.webServer section is required for running ASP.NET AJAX under Internet
            Information Services 7.0.  It is not necessary for previous version of IIS.
        -->
      <system.webServer>
        <modules runAllManagedModulesForAllRequests="true" />
        <validation validateIntegratedModeConfiguration="false" />
        <security>
          <requestFiltering>
            <hiddenSegments>
              <remove segment="App_WebReferences" />
              <remove segment="App_LocalResources" />
              <remove segment="App_GlobalResources" />
              <remove segment="App_code" />
              <remove segment="bin" />
              <remove segment="web.config" />
              <remove segment="App_Browsers" />
            </hiddenSegments>
            <fileExtensions>
              <remove fileExtension=".vsdisco" />
              <remove fileExtension=".sdmDocument" />
              <remove fileExtension=".sdm" />
              <remove fileExtension=".sd" />
              <remove fileExtension=".refresh" />
              <remove fileExtension=".msgx" />
              <remove fileExtension=".mdf" />
              <remove fileExtension=".lsaprototype" />
              <remove fileExtension=".ldf" />
              <remove fileExtension=".lddprototype" />
              <remove fileExtension=".ldd" />
              <remove fileExtension=".exclude" />
              <remove fileExtension=".dsprototype" />
              <remove fileExtension=".dd" />
              <remove fileExtension=".compiled" />
              <remove fileExtension=".cd" />
              <remove fileExtension=".adprototype" />
              <remove fileExtension=".ad" />
              <remove fileExtension=".ssmap" />
              <remove fileExtension=".ssdgm" />
              <remove fileExtension=".dsdgm" />
              <remove fileExtension=".ldb" />
              <remove fileExtension=".jsl" />
              <remove fileExtension=".java" />
              <remove fileExtension=".vjsproj" />
              <remove fileExtension=".mdb" />
              <remove fileExtension=".resources" />
              <remove fileExtension=".resx" />
              <remove fileExtension=".licx" />
              <remove fileExtension=".webinfo" />
              <remove fileExtension=".vbproj" />
              <remove fileExtension=".vb" />
              <remove fileExtension=".csproj" />
              <remove fileExtension=".skin" />
              <remove fileExtension=".ascx" />
              <remove fileExtension=".master" />
              <remove fileExtension=".browser" />
              <remove fileExtension=".sitemap" />
              <remove fileExtension=".cs" />
              <remove fileExtension=".lsad" />
              <remove fileExtension=".asax" />
              <remove fileExtension=".config" />
            </fileExtensions>
          </requestFiltering>
        </security>
    
    
      </system.webServer>
      <!--File Upload Limits-->
      <location path="uploadh.aspx">
        <system.web>
          <httpRuntime maxRequestLength="2097151" executionTimeout="7200" />
          <!--2gb upload limit, 2 hours timeout-->
        </system.web>
      </location>
      <location path="api/myfiles-upload">
        <system.web>
          <httpRuntime maxRequestLength="2097151" executionTimeout="7200" />
        </system.web>
      </location>
      <location path="myfiles/default.aspx">
        <system.web>
          <httpRuntime maxRequestLength="2097151" executionTimeout="7200" />
        </system.web>
      </location>
      <!--End of File Upload Limits-->
      <!--Start of Override Permissions-->
      <location path="api.asmx">
        <system.web>
          <authorization>
            <allow users="*" />
          </authorization>
        </system.web>
      </location>
      <location path="api/bookingsystem/loadroom">
        <system.web>
          <authorization>
            <allow users="*" />
          </authorization>
        </system.web>
      </location>
      <location path="api/js">
        <system.web>
          <authorization>
            <allow users="*" />
          </authorization>
        </system.web>
      </location>
      <location path="api/test">
        <system.web>
          <authorization>
            <allow users="*" />
          </authorization>
        </system.web>
      </location>
      <location path="api/setup">
        <system.web>
          <authorization>
            <allow users="*" />
          </authorization>
        </system.web>
      </location>
      <location path="app_data">
        <system.web>
          <authorization>
            <deny users="*" />
          </authorization>
        </system.web>
      </location>
      <location path="bin">
        <system.web>
          <authorization>
            <deny users="*" />
          </authorization>
        </system.web>
      </location>
      <location path="favicon.ico">
        <system.web>
          <authorization>
            <allow users="*" />
          </authorization>
        </system.web>
      </location>
      <location path="kerberos.aspx">
        <system.web>
          <authorization>
            <allow users="*" />
          </authorization>
        </system.web>
      </location>
      <location path="Login.aspx">
        <system.web>
          <authorization>
            <allow users="*" />
          </authorization>
        </system.web>
      </location>
      <location path="setup.aspx">
        <system.web>
          <authorization>
            <allow roles="Domain Admins" />
            <deny users="*" />
          </authorization>
        </system.web>
      </location>
      <!--End of Override Permissions-->
      <system.serviceModel>
        <extensions>
          <behaviorExtensions>
            <add name="jsonWebHttp" type="HAP.Web.Logging.JsonErrorWebHttpBehaviorElement, HAP.Web.Logging" />
          </behaviorExtensions>
        </extensions>
        <behaviors>
          <endpointBehaviors>
            <behavior name="">
              <jsonWebHttp />
            </behavior>
          </endpointBehaviors>
          <serviceBehaviors>
            <behavior name="">
              <serviceDebug includeExceptionDetailInFaults="true" />
              <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
            </behavior>
          </serviceBehaviors>
        </behaviors>
        <bindings>
          <webHttpBinding />
        </bindings>
        <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
        <standardEndpoints>
          <webHttpEndpoint>
            <standardEndpoint name="" helpEnabled="true" automaticFormatSelectionEnabled="false" faultExceptionEnabled="true" defaultOutgoingResponseFormat="Json" />
          </webHttpEndpoint>
        </standardEndpoints>
      </system.serviceModel>
    </configuration>

  8. #8

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,648
    Thank Post
    43
    Thanked 550 Times in 459 Posts
    Rep Power
    121
    Ok, that looks all ok, can you try using the web.config file from the v9.0 release, see if that one works, compared to the v9.6 release

  9. #9

    Join Date
    Sep 2013
    Posts
    15
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi Nick,

    Still the same error and it also goes into a redirect loop when I sign is as myself.

  10. #10

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,648
    Thank Post
    43
    Thanked 550 Times in 459 Posts
    Rep Power
    121
    Ok, the redirection loop is a known issue with 2012

  11. #11

    Join Date
    Sep 2013
    Posts
    15
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I tried the v9 on Server 2008 R2 and got the same result without the looping, standard users still unable to login. Am racking my brains as to what this could be within our environment.

  12. #12

    Join Date
    Sep 2013
    Posts
    15
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Still battling with this one, if I try adding the user account as an admin on server I get the same problem, deny login. If I add the account to domain admins then everything works fine. Have run out of ideas now.

    For Home Access Plus 9 which platform is the best to run it under? Server 2008 / Server 2008 R2 / Server 2012 / Server 2012 R2 ? I have access to all of them and have a VM infrastructure so adding an additional server is not a problem.

  13. #13

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,648
    Thank Post
    43
    Thanked 550 Times in 459 Posts
    Rep Power
    121
    HAP+ works best on IIS 7+, Windows Server 2008 R2 is the version I use and code against.

    Does your HAP+ install's external access go through a reverse proxy?

  14. #14

    Join Date
    Sep 2013
    Posts
    15
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by nickbro View Post
    HAP+ works best on IIS 7+, Windows Server 2008 R2 is the version I use and code against.

    Does your HAP+ install's external access go through a reverse proxy?
    Hi nick, only testing internally at the moment so no proxying, and everything works perfectly as a domain admin. Is talking to AD as it will login any account that has domain admin rights. I am sure it is something strange in our AD but I can't think what HAP is looking for in AD. I double checked by creating a fresh student account which is a member of domain users. Domain Users have Allow Local login rights on the server. This gave the original error. I then made it a domain admin and it logged in Perfectly.

  15. #15

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,648
    Thank Post
    43
    Thanked 550 Times in 459 Posts
    Rep Power
    121
    Can you go into IIS manager, go into the Website, into the HAP folder, under IIS authentication, go into the properties of the Anon User, and check it's using Application Pool Identity

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. V9 upgrade - Domain Admin logins
    By synaesthesia in forum Home Access Plus+
    Replies: 1
    Last Post: 24th May 2013, 04:02 PM
  2. Replies: 0
    Last Post: 6th November 2012, 03:30 PM
  3. Replies: 3
    Last Post: 10th April 2007, 08:40 AM
  4. admins and domain admins
    By browolf in forum Windows
    Replies: 25
    Last Post: 1st November 2006, 03:29 PM
  5. Refusing Non domain Computers
    By BKGarry in forum Wireless Networks
    Replies: 8
    Last Post: 30th March 2006, 05:47 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •