Recently we had an issue with our Sitecore AD membership provider. Details of the issue are as below.
Though this email id is registered in AD, we started getting the Sitecore user back. So, we found out that Sitecore membership provider is mapped to all domains.
So we changed our configuration as below and everything is normal now.
- We are using same AD membership provider for our DEV/TEST/QA environment by using OU level as unit of separation
- Our business requirement was to use the same email id across multiple environments for testing. So, we updated the unique email setting to false requiresUniqueEmail="false" in the AD membership provider.
- We thought the issue is resolved and moved on. But the real problem came then when some developer created a Sitecore content editor user using the same email id.
In the code we were using the membership API as below
Membership.Provider.GetUserNameByEmail("emailid@yahoo.com")
Though this email id is registered in AD, we started getting the Sitecore user back. So, we found out that Sitecore membership provider is mapped to all domains.
<switchingproviders>
<membership>
<provider domains="*" providername="sql" storefullnames="true" wildcard="%" />
<provider domains="ad" providername="ad" storefullnames="false" wildcard="*" />
</membership>
</switchingproviders>
So we changed our configuration as below and everything is normal now.
<switchingProviders>
<membership>
<provider providerName="ad" storeFullNames="false" wildcard="*" domains="ad" />
<provider providerName="sql" storeFullNames="true" wildcard="%" domains="*" />
</membership>
</switchingProviders>
In my next post I will describe how we managed to use same AD roles across various environment (DEV/QA) users all registered in same AD under various OUs.
Comments
Post a Comment