Active Directory User Provider

Active Directory User Provider

Feedback Server comes out of the box with a full blown Active Directory user provider. Letting you connect to your enterprise Active Directory server and use its user infromation instead of Feedback Server's built-in user provider.

Once configured the provider will seamlessly redirect all built in user features of Feedback Server to Active Directory. The only features not available are features related to the users eg: password or profile management. Note that user authentication will be handled by the browser. For security reason Feedback Server is not handling the authentication mecanism with Active Directory at any time.

In order to configure the Active Directory provider you will need to make some small changes to your web.config file using a tool like Notepad.

Locate and remove following code :


<authentication mode="Forms">
<forms name="Feedback ServerWebAuth" loginUrl="~/Feedback ServerAdmin/login.aspx" protection="None" timeout="60">
</forms>
</authentication>
Locate and uncomment following code by replacing the



by


<authentication mode="Windows">
</authentication>

You might also need to activate Active Directory Authentication using the Internet Information Services Manager, select the directory you want to protect and on its directory security properties remove the Anonymous Access and enable Integrated Windows Authentication.
Locate and remove following code :


<add key="UserProviderAssembly" value="DataIllusion.Feedback Server.UserProvider" />
<add key="UserProviderClass" value="DataIllusion.Feedback Server.UserProvider.FormUserProvider" />
Locate and uncomment following two code parts by replacing the :





by


<add key="UserProviderAssembly" value="DataIllusion.Feedback Server.AdUserProvider" />
<add key="UserProviderClass" value="DataIllusion.Feedback Server.UserProvider.ADUserProvider" />


<httpModules>
<add name="ADScheduler" type= "DataIllusion.Feedback Server.UserProvider.ADSyncModule, DataIllusion.Feedback Server.AdUserProvider" />
</httpModules>
Setup following keys with your configuration :

<add key="ADUserName" value="Administrator" />
<add key="ADPassword" value="yourpassword" />
<add key="ADDomain" value= "yourdomain" /><br> <add key= "Feedback ServerAdminADUserName"value="Administrator"/><br><addkey="ADSearcherFilter"value="(&(objectCategory=person)(objectClass=user))" />
<add key="ADToDBSyncTimeOut" value="1440" />

ADAdministrator is the username required to connect to your Active Directory server.
ADPassword is the password of the username that has rights on your Active Directory server.
ADDomain is the domain of your Active Directory infrastructure.
Feedback ServerAdminADUsername is the Active Directory Username that will always have administrator privileges in Feedback Server.
ADSearcherFilter is the Active Directory filter that is used to retrieve the user list in the user management interface of Feedback Server. You can change the LDAP query based on your personal needs. It returns by default all users.
ADToDBSyncTimeOut is the time in minutes after which the local Feedback Server user database is resynchronized with your remote Active Directory server. It is recommended to keep the value hight to avoid network traffic, especially on high volumes Active Directory servers.

Once you have configured the new user provider, you may access Feedback Server using any administration page of Feedback Server. You do not need to access Feedback Server administration pages through the default Feedback Server login page as Active Directory authentication is handled by the browser.