AD Auth with login page

How do you setup Windows authentication and display a login page where the user has to supply their credentials?

I believe I have authentication working, following the basic example on: https://docs.universaldashboard.io/security/authentication/windows. When I visit my site I see my username as the value for $user.

I removed the “-PassThru” parameter on New-UDLoginPage, thinking this would require me to have to provide my credentials. However removing this parameter made no change.

Thanks for any help!
guy

Hello @guy thanks for posting your question. I ended up using two functions one to test the credential, and another to verify if the user was in a specific security group. This may not be the best way but it works without issues to Active Directory:-


Hopefully this will help you out :smile:

Hello @psDevUK thanks for the reply. I tested using your $LoginPage variable, and the $FormLogin variable but I am still not seeing any change. When I visit the site there is no login page.

Thanks anyway,
guy

So I can have a better understanding of where to troubleshoot, if I remove the -PassThru parameter on New-UDLoginPage, I should then be presented with a page where I have to enter my credentials. Is this understanding correct?

@guy have a look at the main dashboard file I state two pages in there:-

$FormLogin = . (Join-Path $Root “Pages\FormLogin.ps1”)

$LoginPage = New-UDLoginPage -AuthenticationMethod $FormLogin -LoginFormFontColor “#ffffff” -LoginFormBackgroundColor “#305768” -PageBackgroundColor ‘#FFFFFF’ -Logo (New-UDImage -Url “http://www.pensworth.co.uk/wp-content/uploads/2015/07/pensworth-logo.png”) -Title “Pensworth Complaint System” -WelcomeText “Logon using your network credentials” -LoadingText “Please wait…” -LoginButtonFontColor “#FFFFFF” -LoginButtonBackgroundColor “#FF6666

Finally in the main dashboard file when it calls the dashboard you also specify the LOGIN form:-

$Dashboard = New-UDDashboard -Title “PENSWORTH COMPLAINT SYSTEM” -Pages @(
$HomePage,
$HelpPage,
$HistoryPage,
$NewPage,
$MyCallPage,
$AllCallPage,
$AssignedPage,
$EditPage
) -NavBarLogo (New-UDImage -Path “$Root\imgs\cm.png”) -NavbarLinks $NavBarLinks -Theme $theme -Footer $Footer -NavBarColor “#2c505f” -NavBarFontColor “#000000” -EndpointInitialization $Init -LoginPage $LoginPage -Navigation $Navigation

@psDevUK Thanks for the efforts. I understand what you are saying about having to call the $LoginPage via the “-LoginPage” parameter, and also the need to have the $FormLogin available. I was unable to get your example to work.

Here is what I have working.

$Root = $PSScriptRoot
$HomePage = New-UDPage -Name "Home" -Icon home -DefaultHomePage -Title "" -Content {
New-UDCard -Title "Card Title" -Text "Some Text to display"
}
$Page2 = New-UDPage -Name "Page2" -Icon _lock -Title "Page Title" -Endpoint {
New-UDHeading -Text "$user"
}

$Auth = New-UDAuthenticationMethod -Windows

$LoginPage = New-UDLoginPage -AuthenticationMethod $Auth 

$LogonDashboard = New-UDDashboard -Title "" -Pages @(
$HomePage
$Page2
)  -NavBarLogo (New-UDImage -Path 
"C:\Projects\LogonTest\Resources\logo255x59White.png") -LoginPage $LoginPage

Start-UDDashboard -Dashboard $LogonDashboard -Port 88 -AutoReload -Force -Wait - 
AllowHttpForLogin

However when I run this code and then visit the site I am not getting a login page. What am I missing?

Just to confirm @guy you are using a licensed version not community edition?

@psDevUK Yes that is correct. I am using the licensed version.

Windows authentication is really just single-sign on and won’t prompt you for a username\password unless the machine you are on is not domain joined. In that case, you’ll be prompted by the web browser and not a UD login page.

What @psDevUK has in his dashboard is actually forms-based authentication. In that example, he’s using an Endpoint to validate that the user is logging.

Here’s the code for that: https://github.com/psDevUK/psUniversalDashboard/blob/master/PagesGitHub/FormLogin.ps1

As you can see, New-UDAuthenticationMethod is using Endpoint rather than the -Windows switch parameter. It’s a bit more manual on the UD side but allows you to validate against whatever system you need but in this case, it’s just Active Directory.

1 Like

Thank you @adam and @psDevUK both for helping me better understand this.

1 Like

@psDevUK After I gained a better understanding of how authentication works in UD, I was able to get your FormLogin script working in my test build. It worked perfectly, and was exactly what I was looking for. Thank you so much for sharing your work! I don’t know if I would of have been able to get this working how I wanted without your help.

Thanks again,
Guy

1 Like

@guy no worries, that’s what this community is all about, helping one another and sharing ideas. Like that weird saying goes “there’s always more than one way to skin a cat” if they have that weird saying where you are from. But anyways the main thing is you got it working, and now you have a better understanding. Hopefully the next time someone posts how do I get login pages working you will be the resident to answer the question :smile: