• 401 error using Windows Authentication and SSL when accessing form reports in the workarea

    You're suddenly seeing a 401 error while trying to access the form reports functionality in the workarea when using Windows Authentication and SSL.  Error transforming XML with XSLT. Error Message: An error occurred while loading document 'https://www.mydomain.com:443/WorkArea/controls/forms/FormReportsManifest.xml'. The remote server returned an error: (401) Unauthorized. Resolution So why is this happening? The server is not authorized to get a file from i...

  • Adding Active Directory Users to SQL Role Groups

    Description When trying to add an Active Directory User to a SQL Role Group the groups from SQL do not show in the list. Resolution Ektron does not support mixing SQL roles and Active Directory Users or vice-versa. When using Active Directory for your user management you will also need to use it for your role management as well.

  • Application Pool Recycling Causes Session Loss

    Description This article describes the steps needed to help prevent sessions loss due to application pool recycles. Resolution Ektron supports sticky sessions as seen in the min site web.config. <!--  SESSION STATE SETTINGS          By default ASP.NET uses cookies to identify which requests belong to a particular session.           If cookies are not available, a session can be tracked by adding a session identifier to the URL.           To disable cookies, set sessionState...

  • Configuring Single Sign On (SSO) with Active Directory - Documentation Supplement

    DescriptionThis article supplements the product documentation to provide better understanding of the settings in configuring SSO with Active Directory.ResolutionTo better understand what Ektron is requesting for settings, it is important to understand the ASP.NET Architecture of how client requests are being made. Refer to the image below, taken from this Microsoft article. The important thing is that Web clients communicate with ASP.NET through Microsoft Internet Information Services (IIS)...

  • Connectivity issue with search, notification service or DXH?

    DescriptionAre you running into a connectivity issue with search, notification service or DXH? Do you receive a 403 forbidden error?If so, this is likely as a result of securing the Ektron WebServices without deliberate and specific measures taken to expose them based on IP.ResolutionPlease follow the directions found here  to allow access to the WebServices and subsequently allow your search, notification service or DXH to communicate correctly. After you have allowed the IP of the server i...

  • Enabling NTLM Authentication (Automatic logon)

    DescriptionNTLM (NT Lan Manager) is a Microsoft authentication protocol that enables a user on a Windows domain to authenticate with a website through the browser. NTLM passes the credentials of the user currently logged-in on the machine, on the Windows domain, to the browser to authenticate with the site. When Integrated Windows Authentication is enabled on a site or page, a request for authentication credentials is passed to the user so the site can authenticate the user on the server. Wi...

  • Failed Ektron Login Attempts Being Logged In Event Viewer

    Description This article discusses the default logging for failed Ektron login attempts and what control a site admin has in that specific logging information on the server. The default behavior when a failed attempt happens is that this message will be logged in the Event Viewer. Message: Exception thrown from: /Login/?returnURL=%2f That username and password combination is not correct. Enter a valid username and password and make sure that your Caps Lock key is not on or off by mistak...

  • How to re-enable Active Directory

    After changing and saving a license key, you may have to re-enable Active Directory. Resolution Go to Workarea > Settings > Configuration > Active Directory .Inside the active directory folder, click Edit on Setup.Check Enable Active Directory Authentication . Also enable any other settings you need for your system.

  • How To Reset The Builtin User

    DescriptionUnable to login to the workarea with any CMS user account including the builtin user.  ResolutionNote: We strongly recommend that after resetting the builtin account and solving your log in issue that you update and change (at least) the builtin account password to help secure your environment.To reset the builtin account, you have two options.1. Every CMS is bundled with a Builtin Reset utility which you can use to reset the account. The application can be found through the ...

  • Invalid username or password error in event viewer

    Description In the event viewer you may see numerous occurrences of the following error.  Timestamp: 8/23/2017 6:22:34 PM Message: Exception thrown from: /login.aspx?ReturnUrl= Invalid username or password.   at Ektron.Cms.EkException.ThrowException(Exception ex, EventLogEntryType EventType)    at Ektron.Cms.EkException.ThrowException(Exception ex)    at Ektron.Cms.User.EkUser.logIn(String username, String Password, String ServerName, String Domain, String Protocol, Boolean autologin, A...

  • The remote server returned an error: (401) Unauthorized

    You're seeing the following error messages: The remote server returned an error: (401) Unauthorized. or HTTP 401.2 - Unauthorized: Logon failed due to server configuration Internet Information Services or HTTP 401.1 - Unauthorized: Logon Failed This error is often seen when using SSL (i.e., https) and Windows Integrated Authentication.   Resolution The reason this error is appearing is because the user and/or ASP.NET user account does not have authority to...

  • Unable to Login with Active Directory After License Expiration

    When an Ektron license key expires, it disables the Active Directory Integration. Resolution Request or generate a new license key to replace the expired key.Login as the builtin user account to access the workarea Settings > Configuration > Setup and replace old key.Re-enable Active Directory Integration in workarea under Settings > Configuration > Active Directory > Setup.

  • Windows Authentication users can't be deleted

    You cannot delete a user created with Windows authentication.  Resolution When a Windows user logs in, we sync that data to the database. Since the Windows membership provider cannot delete a Windows user, there is no delete functionality in the UI to delete a user.