Configure Active DirectoryΒΆ

If you would like to use ActiveDirectory for authentication, follow these steps. If you are not using ActiveDirectory, you can skip to the next section.

Note

In XML, comments look <!-- like this -->.

  1. In the IIS Manager, select the site you made for Repository.

  2. Double click the Authentication icon in the Features view.

  3. Ensure that the Windows Authentication item is set to Enabled.

  4. In the main deployment directory, open the Web.config file.

  5. Ensure the following line is uncommented:

    <bindings configSource="Config\Bindings.WindowsAuth.config"/>
    
  6. Ensure the following is commented out:

    <!-- <bindings configSource="Config\Bindings.UsernameAuth.config"/> -->
    
  7. Find the service behaviour section and ensure that the WindowsAuth Behavior is uncommented and the Username Behavior is commented out as seen below:

    <!--
         SERVICE BEHAVIOR
    -->
    <!-- Select the behaviorConfiguration based on your authentication method -->
      <service name="Algenta.Colectica.Repository.RepositoryService" behaviorConfiguration="RepositoryService.WindowsAuth.Behavior">
      <!--<service name="Algenta.Colectica.Repository.RepositoryService" behaviorConfiguration="RepositoryService.UsernameAuth.Behavior">-->
    
  8. Open the RepositoryDir\Config\Repository.Settings.config file.

  9. To authorize ActiveDirectory users or groups to have the ColecticaAdministrator role, add elements in the following area:

    <setting name="ColecticaAdministratorRoles" serializeAs="Xml">
      <value>
        <ArrayOfString xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xmlns:xsd="http://www.w3.org/2001/XMLSchema">
          <string>ColecticaAdministrator</string>
          <string>JohnDoe</string>
          <string>domain\Administrators</string>
        </ArrayOfString>
      </value>
    </setting>
    

    Add or remove the <string>...</string> lines as appropriate. Contents inside the <string> element can be either an Active Directory user name or group name.

  10. To authorize Active Directory users or groups to have the ColecticaUser role, follow the above instructions, but look for the following element:

    <setting name="ColecticaUserRoles" serializeAs="Xml">
    
  11. To authorize Active Directory users or groups to have the ColecticaGuest role, follow the above instructions, but look for the following element:

    <setting name="ColecticaGuestRoles" serializeAs="Xml">