dizn0g - Tuesday, April 21, 2009 6:44 PM:
Hello,
We're setting up an evaluation environment to examine Aras. I'm having issues with the Active Directory Authentication. We have precisely configured the server according to the Authentication Setup document and are receiving the following error upon attempting to login as Admin (as specified in the doc) to then run the Reset Authentication Passwords function:Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Version Information: Microsoft .NET Framework Version:2.0.50727.3082; ASP.NET Version:2.0.50727.3082 If we undo all of the WindowsAuth configuration everything goes back to working normally. However, we really will need to use Active Directory for this to be functional in our organization. Thanks,
Exception Details: System.Xml.XmlException: There are multiple root elements. Line 16, position 2.
Source Error:
Line 31: ApplicationXML.preserveWhiteSpace = True
Line 32: trace.write("configfile_path",configfile_path)
Line 33: ApplicationXML.load(configfile_path)
Line 34: Dim nodes As System.Xml.XmlNodeList = ApplicationXML.selectNodes("/Innovator/DB-Connection[@database]")
Line 35: Dim node As System.Xml.XmlElement
Source File: C:Program FilesArasInnovatorInnovatorClientscriptsincludeutils.aspx Line: 33
Stack Trace:
[XmlException: There are multiple root elements. Line 16, position 2.]
System.Xml.XmlTextReaderImpl.Throw(Exception e) +76
System.Xml.XmlTextReaderImpl.Throw(String res, String arg) +126
System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res) +35
System.Xml.XmlTextReaderImpl.ParseDocumentContent() +3979424
System.Xml.XmlTextReaderImpl.Read() +151
System.Xml.XmlLoader.LoadDocSequence(XmlDocument parentDoc) +48
System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace) +129
System.Xml.XmlDocument.Load(XmlReader reader) +108
System.Xml.XmlDocument.Load(String filename) +87
ASP.default_aspx.init_application() in C:Program FilesArasInnovatorInnovatorClientscriptsincludeutils.aspx:33
ASP.default_aspx.__Render__control1(HtmlTextWriter __w, Control parameterContainer) in C:Program FilesArasInnovatorInnovatorClientscriptsincludeutils.aspx:278
System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children) +256
System.Web.UI.Control.RenderChildren(HtmlTextWriter writer) +19
System.Web.UI.Page.Render(HtmlTextWriter writer) +29
System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer, ControlAdapter adapter) +27
System.Web.UI.Control.RenderControl(HtmlTextWriter writer, ControlAdapter adapter) +8681814
System.Web.UI.Control.RenderControl(HtmlTextWriter writer) +25
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1266
Derek
Server Error in '/InnovatorServer/Client' Application.
There are multiple root elements. Line 16, position 2.
RobMcAveney - Tuesday, April 21, 2009 7:21 PM:
Hi dizn0g, and welcome. I'm not sure how much help I can be with the Active Directory piece of this, but based on that error message it seems as though your InnovatorServerConfig.xml file is not well-formed. Check to make sure that file does not have more than one element (i.e. <Innovator>) at the root level. You could also try opening that file in Internet Explorer to make sure it is well-formed XML (IE will give you a similar error message if not).
Rob
dizn0g - Wednesday, April 22, 2009 11:22 AM:
Thanks Rob, that did it. At least it's not erroring out but is now not recognizing any of my entries. Do these need to be full domain or just the username?
I keep getting the Domain login screen over and over again... Or if I put the login.aspx back to anon access am always getting a NotValidUser. The instructions say to enter the user into the database and I have tried it as both <domain><user> and simply the username to no joy. Guessing there is something simple I'm missing here...
Thanks,
Derek
dizn0g - Tuesday, April 28, 2009 12:37 PM:
Was wondering if anyone can advise me here...
kohai - Monday, June 22, 2009 12:24 PM:
I am having the exact same problem enabling Active Directory authentication.
When I try to open the site in IE, I get:
Login Name: NotValidUser
Any ideas?
kohai - Monday, June 22, 2009 12:37 PM:
One more thing I noticed, if I set empty_logon_user_allow_direct to TRUE, then it gives me the normal login page where I can enter a username.
I'm not sure why it would think LOGON_USER is blank.
Bill - Monday, June 22, 2009 2:25 PM:
Please try walking through the setup process a second time using the steps outling in section 2.2 "Example Implementation with Active Directory." in the Aras Innovator - Authentication Setup document.
I always use this process for initial setup.
-Bill
kohai - Monday, June 22, 2009 3:45 PM:
Bill,
Thanks for the info. I have tried the process two more times and I get the same result. The only area that is a bit confusing is the first part telling me to provide access to login.aspx. I am running Windows 2008 and the screens do not match the PDF manual. However, I did grant access to that specific file. I did not see a location to disable anonymous access, but I did see one for anonymous authentication. Changing that setting just disabled access completely (no Aras login screen).
Here is what I did for each step:
The server is a domain controller, so I assume it has access to the domain. Domain users can read /client/scripts/login.aspx.
1. Done
2. I have created users in the Aras system with login name, firstname, lastname, and email.
3. Not really sure where the anonymous access is in MS Windows 2008. However, there isn't any anonymous access to the login.aspx.
4. Added the following:
<ClientConfig
AssemblyName="Aras.LogonHooks.WindowsAuth"
AssemblyNameType="partial"
TypeName="Aras.LogonHooks.WindowsAuth" />
<ClientLogon allowed_domain_names="^MyDomainRemovedForThisPosting$"
allowed_domain_users=".+"
denied_domain_users="^admin$|^root$|^vadmin$|^PLM$"
allowed_direct_users="^admin$|^root$"
shared_secret="MySecretRemovedForThisPosting"
empty_logon_user_allow_direct="false" />
5-10. Admin logged in fine and resetting the authentication passwords worked fine.
11. When I connect it says NotValidUser in my username field.
Am I missing something? (Obviously I am. ;)
Chris
Bill - Monday, June 22, 2009 6:18 PM:
The steps for disableing anonymous access are a little different in IIS7. We are looking to update this section to include both descriptions in the next version.
To access the login.aspx Authentication setting in IIS7 manager
1) Browse to the /Client/Scrpits folder
2) Select "Content View" from the bottom of the window pane
3) Highlight login.aspx
4) Select "Switch to Features View" from the Actions frame on the right
5) Open "Authentication" under the IIS section
6) Disable "Anonymous Authentication"
7) Enable "Windows Authentication"
Let me know if that helps.
-Bill
kohai - Tuesday, June 23, 2009 10:41 AM:
Bill,
Thanks for the steps! I don't think I would have found those steps myself. I was able to follow them all the way until #7. But, you gave me enough info to solve #7. I had to add the Windows Authentication Service Role for IIS as well.
For the forum archive and other users....
My last symptoms were:
On the screen that I can disable "Anonymous Authentication", I did not have an entry that says "Windows Authentication." I had three items on that screen: Anonymous Authentication, ASP.NET Impersonation, and Forms Authentication.
Solution:
weblogs.asp.net/.../missing-windows-authentication-provider-for-iis-7-on-windows-server-2008.aspx
Rla - Monday, May 14, 2012 9:12 AM:
Hello,
We have installed Aras Innovator but we didn't manage to implement with Active Directory. What is the domain name and the shared secret that we have to put ?
<ClientLogon allowed_domain_names="^DOMAINNAMEHERE$"
allowed_domain_users=".+"
denied_domain_users="^admin$|^root$|^vadmin$|^PLM$"
allowed_direct_users="^admin$|^root$"
shared_secret="Your shared secret here"
empty_logon_user_allow_direct="false" />
When I connect to Aras Innovator, the following window appears :
How could I solve this problem ?
Thanks,
Rla
Jennifer - Monday, May 14, 2012 9:38 AM:
Hi Rla,
Thank you for your inquiry.
While you have found an older post detailing how to connect to Active Directory, in version 9.3 (the current open download) Active Directory is a subscriber only feature. In order to enable this feature you would need to contact your local Aras representative about subscription options.
Best,
Jennifer
tumchaaditya - Tuesday, June 19, 2012 6:04 AM:
Hello Jennifer,
I am currently testing Aras installation and I am also facing same problem as Rla.
When you say "Subscriber Only" feature, what exactly do I have to do to avail that feature? My point is why is it that I need to involve local Aras representative?
I have noticed that the service packs are also subscriber only.
What exactly is this "Subscription"?
Jennifer - Tuesday, June 19, 2012 8:17 AM:
Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4
Hi Tumchaaditya,
Thank you for your inquiry. The Aras Innovator PLM software is provided as a download at no charge to anyone across the globe that would like to use it. There is no commitment involved and no one is required to contact any local representatives to continue utilizing the Aras PLM software at no charge as an independent or open user.
However, many companies are interested in having the training and services available to them on an ad-hoc basis through local representatives or Aras direct. In addition, many companies opt to take advantage of the ongoing subscription option to help them realize their strategic PLM objectives.
