Company Wide Active Directory Integration

I've been trying to configure LDAP integration in BuildMaster. When I do a search for a user on the domain that the server is hosted, the user appears in the list. If I search for a user outside of the domain, I am unable to find the user. I've tried adding the domain in the format domain\user and user@domain, but still no luck. What can I do to add the global users?

Product: BuildMaster
Version: 4.1.2

hi Chris, is BuildMaster running as a domain account that has privileges to query the domain? So long as there's a trust between the domains, the user should be able to be found via LDAP/AD.

Yes, the two domains are children of the root domain and they have two-way trust between them. If I change the account the service is running under to a different domain, I can find the users in that domain only.

Thanks for the clarification; while there is nothing that can handle this that is built in, the Directory Provider is actually extensible -- so it's quite possible to design or modify the existing LdapDirectoryProvider to support this functionality.

Otherwise, we won't be able to ship changes to this until 4.2, b/c it's such a large behavioral change.

let us know if you'd like assistance creating a custom directory provider.

I created a new library with a class that implements the abstract UserDirectoryProviderBase --> A hacky workaround since LdapUserDirectoryProvider is sealed:

    public class MyCompanyDirectoryProvider : UserDirectoryProviderBase
    {
            private provider LdapUserDirectoryProvider;
            
            public MyCompanyDirectoryProvider()
                :base()
            {
                provider = new LdapUserDirectoryProvider();

                provider.SearchRootPath = BuildLdapServerName();
            }
            
            private string BuildLdapServerName()
            {
                var defaultServer = new DirectoryEntry("GC://rootDSE");
                
                var LDAPServerName = (string)defaultServer.Properties["rootDomainNamingContext"].Value;

                var LdapGc = string.Format("GC://{0}", LDAPServerName);

                return LdapGc;
            }
    }

I implemented the base class methods to return the base provider.Method(Parameters)

It seems to work, even though there might be an easier way. Regardless, how do I add this provider to BuildMaster?

The CAPTCHA verification system is horrible. You would be more likely to verify the person posting the message is human if they type in the WRONG answer. I'm all for Google's mission, but I think monkeys with typewriters would be more likely to come up with the answer than an IT person. Also, it doesn't make sense. If the computer can't read the text, how does it know what I am typing is valid? I can't read the text and the spoken letters sound like an EVP.

Directory Providers are a little trickier to integrate. If you'd like to create a "Inherits by Clipboard" LdapProvider, then we can send the Ldap source code.

First, make sure it shows up on the Extension Details page; this requires a ProviderPropertiesAttribute to be placed on your class.

Next, go to the url /administration/providers?providerTypeCode=D to get a list of directory providers. You should be able to add your own.

Finally, go to all settings and change the DirectoryPRoviderId to the ID of whichever one you created. You may need to peek at the URL or database (Providers table) to see this ID.

You can undo this change with the admin tool, or by setting the appropriate values in the Configuration table.

--

Also, regarding the CAPTCHA -- we're using ReCaptcha by Google, which can act weird depending on your IP.

I like the "Inherits by Clipboard" idea as it would probably be the cleanest way to implement our requirement. I'll send back the modifications I make for your review.

Sorry about the CAPTCHA rant. I was a bit tired and tried to post my response at least three times before expressing my displeasure, then another two times to post the entire answer. Normally, it only takes me two tries to guess the correct phrase. It would clearly take a lot of monkeys to successfully guess the characters.

Thought I'd mention, we're going to be fixing some LDAP things in BuildMaster 4.1.3, which is scheduled to ship ASAP (expected date was 2/21).

This may or may not fix things, but we're hoping it allows for multiple domain authentication.

According to the site I'm running, it is version 4.1.3 (Build 10)... But if there is another release that may fix it, we'll take it.

Sorry for the confusion Chris - that was supposed to say 4.1.4 instead of 4.1.3. However, we are in the process of integrating this feature into ProGet first, then will be migrating the changes into BuildMaster. In the meantime we may release 4.1.4 before it's fully integrated into BuildMaster. I'm thinking 4.1.5 will be more likely, just check the release notes when a new release comes out.

Well, nothing in the release notes for 4.1.5 about the additional integration. What is cool, though, is that I can't test the new version to see if it has the feature because it gives me a server error that says: "Value cannot be null. Parameter name: activationCode."

This is a known installer issue; the problem is, when you enter your existing license key on a new installation. The easiest way to solve this is to run the sql command, DELETE LicenseKeys

Sorry to resurrect my old post, but I'm trying to use LDAP in ProGet and am running into the same issue. Users and groups that are in the domain of the server running ProGet are found, but users in a different domain are not.