dotnetnuke or similar experience

[Powercat]

Greetings: on shared server hosting we have a password protected
section of our web site using simple htaccess setting. We'd like to
expand significantly the number of users in the section to make more
use of this section. I'm looking for a better solution even if it
means changing hosts to one with a better method -- does anyone have
experience with dotnetnuke or similar plug-in on shared hosting?
Recommendations for other products? Moving to Full Exchange server
functionality would be overkill (both to our budget as well as
functionality) I think.

 

[Mark Rae]

does anyone have experience with dotnetnuke

You'd be well advised to stay well away from DotNetNuke, especially if
you're intending to do even the slightest customisation...

 

[Guest]

Greetings: on shared server hosting we have a password protected
section of our web site using simple htaccess setting. We'd like to
expand significantly the number of users in the section to make more
use of this section. I'm looking for a better solution even if it
means changing hosts to one with a better method -- does anyone have
experience with dotnetnuke or similar plug-in on shared hosting?
Recommendations for other products? Moving to Full Exchange server
functionality would be overkill (both to our budget as well as
functionality) I think.

What have Exchange got to do with it?

 

[Jon Paal [MSMD]]

you could use the built in Membership and roles in Asp.net 2.0

http://msdn2.microsoft.com/en-us/library/ms998347.aspx

 

[Guest]

Powercat,
You have more than one idea going on in this post. First, you do not need
DNN or any other such framework to do per-user / role authorization. You want
to look into forms authentication with roles, which is built into the ASP.NET
1.1 and 2.0 frameworks.

So that's the first idea. Your second idea sounds like you are looking for
some sort of CRM or community - based Framework. For that, there are others
besides DNN.
Peter
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
BlogMetaFinder(BETA): http://www.blogmetafinder.com

 

[Powercat]

Thanks I was keeping my post short. What got my attention with
dotnetnuke is that with a minor tweak we can force a password change
during the initial log-in. Our business manager is begging for such a
feature. We have in excess of 100 employees picking up simple
schedules by logging into a SSL-protected directory within our web
site (currently plain vanilla shared web hosting) and this is
increasingly painful using htaccess. Yes ASP.NET might be the way to
go but I don't think it alone will do that forced password change?

 

[Mark Rae]

Yes ASP.NET might be the way to go but I don't think it alone
will do that forced password change?

If you're using Windows-based security, forcing a password change via
ActiveDirectory is really very simple...

And if this is your only requirement, then a CMS (even as poor as
DotNetNuke!) is *totally* the wrong solution...

 

[Guest]

If you're using Windows-based security, forcing a password change via
ActiveDirectory is really very simple...

And if this is your only requirement, then a CMS (even as poor as
DotNetNuke!) is *totally* the wrong solution...

Mark, the app is on a shared server hosting and Active Directory
doesn't help here, I think.

Powercat, what is the reason of having a "password change"?

 

[Mark Rae]

Mark, the app is on a shared server hosting and Active Directory
doesn't help here, I think.

So where does Exchange Server fit into the equation - it's extremely rare
for an ISP to offer Exchange...

Powercat, what is the reason of having a "password change"?

Presumably so that people can change their password...???

 

[Powercat]

Our employees use several other independent systems where they set
their own passwords. We want to give them a generic password and then
on initial log-in force a password change to a self-set password
(primarily so they can be in synch with the systems over which we have
no control) to reduce the calls "what's my password?" -- since we have
100+ people, a mandatory self-set password might (might!) help.

 

[Mark Rae]

Our employees use several other independent systems where they set
their own passwords. We want to give them a generic password and then
on initial log-in force a password change to a self-set password
(primarily so they can be in synch with the systems over which we have
no control) to reduce the calls "what's my password?" -- since we have
100+ people, a mandatory self-set password might (might!) help.

OK, let me see...

1) You have some employees - presumably, then, you have a network? If so, is
it a Windows network...?

2) Assuming it's a Windows network, are you using ActiveDirectory?

3) You have a website with a restricted section - is this website on your
private intranet or on the public Internet?

 

[Guest]

Presumably so that people can change their password...???

No

 

[Mark Rae]

No

Er, yes...

"We want to give them a generic password and then on initial log-in force a
password change"

 

[Guest]

Er, yes...

"We want to give them a generic password and then on initial log-in force a
password change"

Maybe I am mistaken here, but even the OP thinks that it has to be a
"password change", it looks like he/she needs a SSO = Single Sign-On
to handle single logon access to all applications.

several other independent systems where they set
their own passwords...
we have no control)

A custom "password change" page doesn't help if you have no control to
the application. In case you have that access, you might synchronize
all passwords at once using a single sql script (and without
DotNetNuke)

 

[Mark Rae]

Maybe I am mistaken here, but even the OP thinks that it has to be a
"password change", it looks like he/she needs a SSO = Single Sign-On
to handle single logon access to all applications.

Oh indeed - I couldn't agree more! Hence the questions about network
infrastructure, ActiveDirectory etc...

A custom "password change" page doesn't help if you have no control to
the application. In case you have that access, you might synchronize
all passwords at once using a single sql script (and without
DotNetNuke)

I had originally thought that MIIS might help:
http://www.microsoft.com/technet/miis/evaluate/overview.mspx but I doubt it
now...

One thing I'm sure we can agree on, though, is that there absolutely no
requirement for DotNetNuke here...

 

[Powercat]

Let me clarify: our staff members use a system over which we have no
control (we do not own the other system -- we are basically a
contractor inside someone else's facility so SSO is not an option).
Our staff members (who are spread out all over our area) access *our*
information which is web based (since we are "distributed"). Our info
is stored (along within our public pages) on a shared hosting server
in a directory protected by SSL and htaccess userIDs and passwords.
We opted for shared hosting primarily because we did not have to
maintain a server (plus cost). Several of my users upload content
(files: assignments, schedules, etc) as well. I use a fairly
straightforward perl script which generates SSI pages with file links
-- but it requires yet another log-in by those authorized users.

This has worked adequately for almost ten years but we continue to add
people and so is rather unwieldy. So... I'm thinking hmm get shared
hosting from one of these vendors with asp.net and modules like
dotnetnuke, have my users log-in and create (force) a new password in
synch with the other system (all on their own), and set up some of my
users to have the ability to upload too. It sounds like a number of
forum members do not think much of this type of plug-in.

This is a very interesting niche thus my post in this forum. I guess
what I'm really asking is: why reinvent a solution if I can get
something close to what we need "off the shelf"? Sure I will need a
skilled programmer to help on an ongoing basis but I'd really prefer a
hosting company to be responsible for the basic software maintenance,
the redundant connectivity, and the back-up power. If what we need
demands more, like root access to the server, then I can move to
dedicated or colocated hosting.

Thanks to all for your help. It is much appreciated!

 

[Mark Rae]

This has worked adequately for almost ten years but we continue to add
people and so is rather unwieldy. So... I'm thinking hmm get shared
hosting from one of these vendors with asp.net and modules like
dotnetnuke, have my users log-in and create (force) a new password in
synch with the other system (all on their own), and set up some of my
users to have the ability to upload too.

Hmm - OK. Have a look at this: http://www.inthecage.co.uk - it's a fairly
simply band website - home page, news page, gigs page, pictures page, gig
reviews page etc. The band's manager is the site "administrator" - he can
add new users, edit users, delete users etc. The users can, according to a
configurable permissions matrix, add news items, add details of new gigs,
upload photos of gigs, add reviews etc. All actions are audit-trailed.

From the home page, click the "Login" button in the top right-hand corner.
When the administrator creates a new user, a system-generated password is
emailed to them which they must change at their initial login. The login
information is stored in encrypted form in SQL Server, but I could change
everybody's password if I was asked to...

Is this the sort of thing you have in mind?

 

[Guest]

Let me clarify: our staff members use a system over which we have no
control (we do not own the other system -- we are basically a
contractor inside someone else's facility so SSO is not an option).
Our staff members (who are spread out all over our area) access *our*
information which is web based (since we are "distributed"). Our info
is stored (along within our public pages) on a shared hosting server
in a directory protected by SSL and htaccess userIDs and passwords.
We opted for shared hosting primarily because we did not have to
maintain a server (plus cost). Several of my users upload content
(files: assignments, schedules, etc) as well. I use a fairly
straightforward perl script which generates SSI pages with file links
-- but it requires yet another log-in by those authorized users.

This has worked adequately for almost ten years but we continue to add
people and so is rather unwieldy. So... I'm thinking hmm get shared
hosting from one of these vendors with asp.net and modules like
dotnetnuke, have my users log-in and create (force) a new password in
synch with the other system (all on their own), and set up some of my
users to have the ability to upload too. It sounds like a number of
forum members do not think much of this type of plug-in.

This is a very interesting niche thus my post in this forum. I guess
what I'm really asking is: why reinvent a solution if I can get
something close to what we need "off the shelf"? Sure I will need a
skilled programmer to help on an ongoing basis but I'd really prefer a
hosting company to be responsible for the basic software maintenance,
the redundant connectivity, and the back-up power. If what we need
demands more, like root access to the server, then I can move to
dedicated or colocated hosting.

Thanks to all for your help. It is much appreciated!

If I were you I would either modify the perl script to copy users
across the site or install any of many DNN like CMS for Linux and
MySql.

 

[Powercat]

Thanks to all for your help. It looks to me like the best solution is
a dedicated (Windows) server residing at a hosting service with root
access to edit Active Directory. If this is a budget-buster for us
then we opt for shared hosting with a management system like
DotNetNuke pre-installed even though this means less customization is
possible. Are there other plug-ins y'all like better?

"Off the shelf" sounds virtuous to me even though it will still
require a programmer and some customization. Software that is more
widespread is safer from a business manager standpoint.

Again, many thanks.