User cannot login even when looking for the sitecore \ Sitecore Client Users role

I have a built in active directory module with sitecore, I can see users from an ad in a custom sitecore manager. Now I want to check if the ad user can log into sitecore. I assigned sitecore \ Sitecore Client Users roles to user and tried to login as

Username: domain \ username Password: pw

I see a strange error when I click the login button. Below is the error.

But when I check the "set as administrator" checkbox for this user, I can login with Username: domain \ username Password: pw

Any help is appreciated. Thank.

Server Error in '/' Application.

Creating an instance of the COM component with CLSID {080D0D78-F421-11D0-A36E-00C04FB950DC} from the IClassFactory failed due to the following error: 800401e4 Invalid syntax (Exception from HRESULT: 0x800401E4 (MK_E_SYNTAX)).

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

Exception Details: System.Runtime.InteropServices.COMException: Creating an instance of the COM component with CLSID {080D0D78-F421-11D0-A36E-00C04FB950DC} from the IClassFactory failed due to the following error: 800401e4 Invalid syntax (Exception from HRESULT: 0x800401E4 (MK_E_SYNTAX)).

Source Error: 

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace: 


[COMException (0x800401e4): Creating an instance of the COM component with CLSID {080D0D78-F421-11D0-A36E-00C04FB950DC} from the IClassFactory failed due to the following error: 800401e4 Invalid syntax (Exception from HRESULT: 0x800401E4 (MK_E_SYNTAX)).]
   System.Web.Security.DirectoryInformation.GetADsPath(String dn) +108
   System.Web.DataAccess.ActiveDirectoryConnectionHelper.GetDirectoryEntry(DirectoryInformation directoryInfo, String objectDN, Boolean revertImpersonation) +42
   System.Web.Security.ActiveDirectoryMembershipProvider.ValidateUserCore(String username, String password) +1970
   System.Web.Security.ActiveDirectoryMembershipProvider.ValidateUser(String username, String password) +39
   LightLDAP.SitecoreADMembershipProvider.ValidateUser(String username, String password) +193
   Sitecore.Data.DataProviders.NullRetryer.Execute(Func`1 action, Action recover) +394
   Sitecore.Security.SitecoreMembershipProvider.ValidateUser(String username, String password) +319
   System.Web.UI.WebControls.Login.AuthenticateUsingMembershipProvider(AuthenticateEventArgs e) +105
   System.Web.UI.WebControls.Login.AttemptLogin() +160
   System.Web.UI.WebControls.Login.OnBubbleEvent(Object source, EventArgs e) +93
   System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +84
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3804

      

+3


source to share


3 answers


I faced a similar issue for my one of my web applications. If you are still experiencing this problem, you can fix it by going to the Advanced Settings for Your Application's IIS Application Pool and set the Load User Profile option to True.



+5


source


@MattGartman is the membership and role of poviders

<membership defaultProvider="sitecore" hashAlgorithmType="SHA1">
      <providers>
        <clear />
        <add name="sitecore" type="Sitecore.Security.SitecoreMembershipProvider, Sitecore.Kernel" realProviderName="switcher" providerWildcard="%" raiseEvents="true" />
        <add name="sql" type="System.Web.Security.SqlMembershipProvider" connectionStringName="core" applicationName="sitecore" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="256" />
        <add name="switcher" type="Sitecore.Security.SwitchingMembershipProvider, Sitecore.Kernel" applicationName="sitecore" mappings="switchingProviders/membership" />
    <add name="ad" type="LightLDAP.SitecoreADMembershipProvider" connectionStringName="ADConnString" applicationName="sitecore" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" connectionUsername="domain\username" connectionPassword="pw" connectionProtection="Secure" attributeMapUsername="sAMAccountName" enableSearchMethods="true" customFilter="(memberOf=CN=RegionsComSitecore,OU=Groups,DC=c,DC=pk,DC=com)" />
      </providers>
    </membership>
    <roleManager defaultProvider="sitecore" enabled="true">
      <providers>
        <clear />
        <add name="sitecore" type="Sitecore.Security.SitecoreRoleProvider, Sitecore.Kernel" realProviderName="switcher" raiseEvents="true" />
        <add name="sql" type="System.Web.Security.SqlRoleProvider" connectionStringName="core" applicationName="sitecore" />
        <add name="switcher" type="Sitecore.Security.SwitchingRoleProvider, Sitecore.Kernel" applicationName="sitecore" mappings="switchingProviders/roleManager" />
    <add name="ad" type="LightLDAP.SitecoreADRoleProvider" connectionStringName="ADConnString" applicationName="sitecore" username=" domain\username" password="pw" attributeMapUsername="sAMAccountName" cacheSize="2MB" customFilter="(memberOf=CN=RegionsComSitecore,OU=Groups,DC=c,DC=pk,DC=com)" />
      </providers>
    </roleManager>

      

ldap.config is here



<pipelines>

  <initializeAdUserEntry>
    <!-- 
    Use the processor if all new user should have a predefiled value in a property.
    The PropertyName parameter defines the name of the property.
    The DefaultValue parameter defines the default value of the property.
    -->
    <!--
    <processor type="LightLDAP.Pipelines.InitializeAdEntry.SetPropertyValue, LightLDAP">
      <PropertyName desc="AD property name ">type the property name here</PropertyName>
      <DefaultValue desc="AD property name ">type the default property value here</DefaultValue>
    </processor>
    -->
    <!-- 
      Use the processor if all new roles should be a member of the predefined role. 
      The RoleName parameter defines the name of the main role. 
    -->
    <!--
    <processor type="LightLDAP.Pipelines.InitializeAdEntry.AddToRole, LightLDAP">
      <RoleName desc="AD group">type role name here</RoleName>
    </processor>
    -->
    <processor type="LightLDAP.Pipelines.InitializeAdEntry.CommitChanges, LightLDAP"/>        
  </initializeAdUserEntry>

  <initializeAdRoleEntry>
    <!-- 
    Use the processor if all new user should have a predefiled value in a property.
    The PropertyName parameter defines the name of the property.
    The DefaultValue parameter defines the default value of the property.
    -->
    <!--
    <processor type="LightLDAP.Pipelines.InitializeAdEntry.SetPropertyValue, LightLDAP">
      <PropertyName desc="AD property name ">type the property name here</PropertyName>
      <DefaultValue desc="AD property value ">type the default property value here</DefaultValue>
    </processor>
    -->
    <!-- 
      Use the processor if all new roles should be a member of the predefined role. 
      The RoleName parameter defines the name of the main role. 
    -->
    <!--
    <processor type="LightLDAP.Pipelines.InitializeAdEntry.AddToRole, LightLDAP">
      <RoleName desc="AD group">type role name here</RoleName>
    </processor>
    -->
    <processor type="LightLDAP.Pipelines.InitializeAdEntry.CommitChanges, LightLDAP"/>
  </initializeAdRoleEntry>

</pipelines>

<settings>
  <!-- Defines the logging level of the module. If true, dumps every action entry into the log. 
          Default is false
       -->
  <setting name="LDAP.Debug" value="true" />

  <!-- Defines if the configuration assumes indirect membership on common operations.
          This setting affects the membership verification during login and user access check.
          Default is false
     -->
  <setting name="LDAP.IncludeIndirectMembership" value="false" />

  <!-- Defines if a certain profile should be applied for each user by default.
          If the setting is not specified or is empty, no particular profile item is used.
          Default is ""
     -->

  <!-- ENABLE SORT OPERATION
         Determines whether the sorting is enabled 
    -->
  <setting name="LDAP.EnableSorting" value="false" />

  <!-- Default Sort Key-->
  <setting name="LDAP.SortKey" value="codePage" />

  <!-- LDAP GET ALL USERS SIZE LIMIT
         Determines the max number of returned users for GetAll method
    -->
  <setting name="LDAP.SizeLimit" value="1000" />

  <!-- LDAP FIND USERS SIZE LIMIT
         Determines the max number of returned users for GetAll method
    -->
  <setting name="LDAP.FindSizeLimit" value="100" />


  <!-- LDAP USER CACHE SIZE
         Determines the size of the ldap users cache.
         Specify the value in bytes or append the value with KB, MB or GB
         A value of 0 (zero) disables the cache.
    -->
  <setting name="LDAP.Caching.UserCache" value="2MB" />

  <!-- LDAP MEMBEROF CACHE SIZE
         Determines the size of the ldap users cache.
         Specify the value in bytes or append the value with KB, MB or GB
         A value of 0 (zero) disables the cache.
    -->
  <setting name="LDAP.Caching.MemberOfCache" value="2MB" />

  <!-- LDAP MEMBERS CACHE SIZE
         Determines the size of the ldap users cache.
         Specify the value in bytes or append the value with KB, MB or GB
         A value of 0 (zero) disables the cache.
    -->
  <setting name="LDAP.Caching.MembersCache" value="2MB" />

  <!--  SETTINGS PROPERTY VALUE FACTORY
        Returns an SettingsPropertyValueFactory interface that resolves the active directory properties.
    -->
  <setting name="LDAP.SettingsPropertyValueFactory" value="LightLDAP.SettingsPropertyValueFactory, LightLDAP" />

  <!-- RECONNECT PERIOD
         Determines a reconnect period for attempts to restore connection after the connection gets break.
    -->
  <setting name="LDAP.ReconnectPeriod" value="0.00:00:10" />

  <!-- TIME OUT NOTIFICATION
         Determines a timeout for notification.
    -->
  <setting name="LDAP.NotificationTimeOut" value="1.00:00:00" />

  <!-- FULL NAME PROPERTY NAME
         Determines the full name property mapping.
    -->
  <setting name="LDAP.FullName" value="ad|unicode string|displayName" />

  <!-- DELETE USER SCOPE
         Determines the scope of the "delete user" operation.
    -->
  <setting name="LDAP.DeleteScope" value="Subtree" />

  <!-- MAX VALUE RANGE
         Determines the maximal value of an AD range attribute.
    -->
  <setting name="LDAP.MaxValueRange" value="1500" />

</settings>

      

0


source


To log into AD Enabled, try logging into / sitecore / admin / ldaplogin.aspx.

0


source







All Articles