Version Sitefinity 14.3
Sitefinity 14.4 Sitefinity 14.3 Sitefinity 14.2 Sitefinity 14.1 Sitefinity 14.0 Sitefinity 13.3

Topics

All topics

Configure Windows authentication

To use Windows authentication, you need to use a separate application – WindowsAuthWebHost.

Perform the following:

  1. From Sitefinity GitHub, download the WindowsAuthWebHost application and build it.
  2. In the IIS, host the WindowsAuthWebHost application in the root directory.
  3. In Sitefinity CMS configure Windows authentication provider in the following way:
    1. Navigate to Administration » Settings » Advanced.
    2. In the left pane, expand Authentication » SecurityTokenService » AuthenticationProviders » WindowsAuthentication.
    3. In field Metadata Address, enter your WindowsAuthWebHost address.
      For example, enter https://localhost:893
    4. Configure the callback path.
      For example, enter /Sitefinity/signin-custom
      This setting is mandatory for Windows authentication when you use the Default Sitefinity authentication protocol.
    5. Select Enabled checkbox and save your changes.
  4. Setup LDAP settings in the following way:
    1. Navigate to Administration » Settings » Advanced.
    2. In the left pane, expand Security » LDAP Settings » LDAP Connections » DefaultLdapConnection.
    3. Setup the configuration properties for your system.
  5. Create new LDAP Membership provider in the following way:
    1. Expand Security » Membership Providers, and click Create new.
    2. In Name, enter the name of the provider, which must be the same as the LDAP login domain.

      NOTE: The name is case sensitive.

      EXAMPLE: For example, if your LDAP login domain is MYDOMAIN, a new provider must be created with name MYDOMAIN.

    3. In ProviderTypeName, enterTelerik.Sitefinity.Security.Ldap.LdapMembershipProvider, Telerik.Sitefinity
    4. Save your changes.
  6. Restart the IIS.
  7. In Sitefinity CMS, navigate to Administration » Users.
  8. Click the newly created provider, find your domain user and assign it to the desired roles.
  9. Open the web.config of the WindowsAuthWebHost application and inside section <appSettings>, set the IdpReplyUrl property to the address of your Sitefinity CMS site in the following way:
    https://<my-site>.com/Sitefinity/signin-custom
  10. In the IIS, select the WindowsAuthWebHost application, open Authentication, enable Windows Authentication and Anonymous Authentication, and disable all others.
  11. Restart your website.

RESULT: Next time when the login screen is displayed, it will have a button that you can use to login with your Windows credentials.

Want to learn more?

Sign up for our free beginner training. Boost your credentials through advanced courses and certification.
Register for Sitefinity training and certification.

Was this article helpful?

Next article

Configure ADFS (Active Directory Federation Services)