Hello,
We're setting up an evaluation environment to examine Aras. I'm having issues with the Active Directory Authentication. We have precisely configured the server according to the Authentication Setup document and are receiving the following error upon attempting to login as Admin (as specified in the doc) to then run the Reset Authentication Passwords function:Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Xml.XmlException: There are multiple root elements. Line 16, position 2.Source Error: Line 31: ApplicationXML.preserveWhiteSpace = True Line 32: trace.write("configfile_path",configfile_path) Line 33: ApplicationXML.load(configfile_path) Line 34: Dim nodes As System.Xml.XmlNodeList = ApplicationXML.selectNodes("/Innovator/DB-Connection[@database]") Line 35: Dim node As System.Xml.XmlElement Source File: C:\Program Files\Aras\Innovator\Innovator\Client\scripts\include\utils.aspx Line: 33 Stack Trace: [XmlException: There are multiple root elements. Line 16, position 2.] System.Xml.XmlTextReaderImpl.Throw(Exception e) +76 System.Xml.XmlTextReaderImpl.Throw(String res, String arg) +126 System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res) +35 System.Xml.XmlTextReaderImpl.ParseDocumentContent() +3979424 System.Xml.XmlTextReaderImpl.Read() +151 System.Xml.XmlLoader.LoadDocSequence(XmlDocument parentDoc) +48 System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace) +129 System.Xml.XmlDocument.Load(XmlReader reader) +108 System.Xml.XmlDocument.Load(String filename) +87 ASP.default_aspx.init_application() in C:\Program Files\Aras\Innovator\Innovator\Client\scripts\include\utils.aspx:33 ASP.default_aspx.__Render__control1(HtmlTextWriter __w, Control parameterContainer) in C:\Program Files\Aras\Innovator\Innovator\Client\scripts\include\utils.aspx:278 System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children) +256 System.Web.UI.Control.RenderChildren(HtmlTextWriter writer) +19 System.Web.UI.Page.Render(HtmlTextWriter writer) +29 System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer, ControlAdapter adapter) +27 System.Web.UI.Control.RenderControl(HtmlTextWriter writer, ControlAdapter adapter) +8681814 System.Web.UI.Control.RenderControl(HtmlTextWriter writer) +25 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1266 Version Information: Microsoft .NET Framework Version:2.0.50727.3082; ASP.NET Version:2.0.50727.3082 If we undo all of the WindowsAuth configuration everything goes back to working normally. However, we really will need to use Active Directory for this to be functional in our organization. Thanks,Derek
Line 31: ApplicationXML.preserveWhiteSpace = True Line 32: trace.write("configfile_path",configfile_path) Line 33: ApplicationXML.load(configfile_path) Line 34: Dim nodes As System.Xml.XmlNodeList = ApplicationXML.selectNodes("/Innovator/DB-Connection[@database]") Line 35: Dim node As System.Xml.XmlElement
[XmlException: There are multiple root elements. Line 16, position 2.] System.Xml.XmlTextReaderImpl.Throw(Exception e) +76 System.Xml.XmlTextReaderImpl.Throw(String res, String arg) +126 System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res) +35 System.Xml.XmlTextReaderImpl.ParseDocumentContent() +3979424 System.Xml.XmlTextReaderImpl.Read() +151 System.Xml.XmlLoader.LoadDocSequence(XmlDocument parentDoc) +48 System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace) +129 System.Xml.XmlDocument.Load(XmlReader reader) +108 System.Xml.XmlDocument.Load(String filename) +87 ASP.default_aspx.init_application() in C:\Program Files\Aras\Innovator\Innovator\Client\scripts\include\utils.aspx:33 ASP.default_aspx.__Render__control1(HtmlTextWriter __w, Control parameterContainer) in C:\Program Files\Aras\Innovator\Innovator\Client\scripts\include\utils.aspx:278 System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children) +256 System.Web.UI.Control.RenderChildren(HtmlTextWriter writer) +19 System.Web.UI.Page.Render(HtmlTextWriter writer) +29 System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer, ControlAdapter adapter) +27 System.Web.UI.Control.RenderControl(HtmlTextWriter writer, ControlAdapter adapter) +8681814 System.Web.UI.Control.RenderControl(HtmlTextWriter writer) +25 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1266
Version Information: Microsoft .NET Framework Version:2.0.50727.3082; ASP.NET Version:2.0.50727.3082
If we undo all of the WindowsAuth configuration everything goes back to working normally. However, we really will need to use Active Directory for this to be functional in our organization.
Thanks,Derek
Hi dizn0g, and welcome. I'm not sure how much help I can be with the Active Directory piece of this, but based on that error message it seems as though your InnovatorServerConfig.xml file is not well-formed. Check to make sure that file does not have more than one element (i.e. <Innovator>) at the root level. You could also try opening that file in Internet Explorer to make sure it is well-formed XML (IE will give you a similar error message if not).
Rob
Thanks Rob, that did it. At least it's not erroring out but is now not recognizing any of my entries. Do these need to be full domain or just the username?
I keep getting the Domain login screen over and over again... Or if I put the login.aspx back to anon access am always getting a NotValidUser. The instructions say to enter the user into the database and I have tried it as both <domain>\<user> and simply the username to no joy. Guessing there is something simple I'm missing here...
Was wondering if anyone can advise me here...
I am having the exact same problem enabling Active Directory authentication.
When I try to open the site in IE, I get:
Login Name: NotValidUser
Any ideas?
One more thing I noticed, if I set empty_logon_user_allow_direct to TRUE, then it gives me the normal login page where I can enter a username.
I'm not sure why it would think LOGON_USER is blank.
Please try walking through the setup process a second time using the steps outling in section 2.2 "Example Implementation with Active Directory." in the Aras Innovator - Authentication Setup document.
http://www.aras.com/support/documentation/9.1.0/Other%20Documents/Aras%20Innovator%209.1%20-%20Authentication%20Setup.pdf
I always use this process for initial setup.
-Bill
Bill,
Thanks for the info. I have tried the process two more times and I get the same result. The only area that is a bit confusing is the first part telling me to provide access to login.aspx. I am running Windows 2008 and the screens do not match the PDF manual. However, I did grant access to that specific file. I did not see a location to disable anonymous access, but I did see one for anonymous authentication. Changing that setting just disabled access completely (no Aras login screen).
Here is what I did for each step:
The server is a domain controller, so I assume it has access to the domain. Domain users can read /client/scripts/login.aspx.
1. Done
2. I have created users in the Aras system with login name, firstname, lastname, and email.
3. Not really sure where the anonymous access is in MS Windows 2008. However, there isn't any anonymous access to the login.aspx.
4. Added the following:
<ClientConfigAssemblyName="Aras.LogonHooks.WindowsAuth"AssemblyNameType="partial"TypeName="Aras.LogonHooks.WindowsAuth" /><ClientLogon allowed_domain_names="^MyDomainRemovedForThisPosting$"allowed_domain_users=".+"denied_domain_users="^admin$|^root$|^vadmin$|^PLM$"allowed_direct_users="^admin$|^root$"shared_secret="MySecretRemovedForThisPosting"empty_logon_user_allow_direct="false" />
5-10. Admin logged in fine and resetting the authentication passwords worked fine.
11. When I connect it says NotValidUser in my username field.
Am I missing something? (Obviously I am. ;)
Chris
The steps for disableing anonymous access are a little different in IIS7. We are looking to update this section to include both descriptions in the next version.
To access the login.aspx Authentication setting in IIS7 manager
1) Browse to the /Client/Scrpits folder
2) Select "Content View" from the bottom of the window pane
3) Highlight login.aspx
4) Select "Switch to Features View" from the Actions frame on the right
5) Open "Authentication" under the IIS section
6) Disable "Anonymous Authentication"
7) Enable "Windows Authentication"
Let me know if that helps.
Thanks for the steps! I don't think I would have found those steps myself. I was able to follow them all the way until #7. But, you gave me enough info to solve #7. I had to add the Windows Authentication Service Role for IIS as well.
For the forum archive and other users....
My last symptoms were:
On the screen that I can disable "Anonymous Authentication", I did not have an entry that says "Windows Authentication." I had three items on that screen: Anonymous Authentication, ASP.NET Impersonation, and Forms Authentication.
Solution:
http://weblogs.asp.net/zroiy/archive/2008/08/17/missing-windows-authentication-provider-for-iis-7-on-windows-server-2008.aspx