Introduction Interakting use both Open Source and proprietary products to deliver solutions for many companies. We always try to select the best tool for the job, and when it comes to Content Management it is no different. We have a range of tools we consider using including various Open Source tools (e.g. Nuxeo, DotNetNuke) and also our proprietary offerings (EPiServer, ADXSTUDIO). In the context of many projects it would certainly be possible to deliver a ‘successful’ project in either a proprietary or an Open Source solution. However, when we consider budgetary, functionality, deadline, su... [More]

In my last post we discussed the DACL and how to get the Access List from a Directory Entry object. We finished the post by grabbing our (D)ACL as an AuthorizationRuleCollection. In this post we are going to look at what that collection contains; a set of AuthorizationRule objects. Just to make things a little more interesting, the AuthorizationRuleCollection can contain two types of rule - Access Rules (for the DACL) and Audit Rules (for the SACL). As we are looking at the DACL rather than the SACL we will be looking at a type that is inherited from the AuthorizationRule called an AccessRule... [More]

In my last post on creating your own AD/ADAM permissions editor I covered the basic terminology used with Active Directory and also introduced the DirectoryEntry class. In this post I will discuss how to read, filter and understand an ACL on a DirectoryEntry. The first thing we need to decide is what part of the ACL we want to read. As mentioned in the glossary on my last post, an ACL actually contains TWO types of ACL record - those to do with reading/modifying the object itself (DACL) and those to do with reading/modifying the audit settings (SACL). For the purposes of what we are doing, we... [More]

So we deployed an ADXSTUDIO site onto ADAM (see my earlier post) but the out-the-box permissions editor didn't support ADAM, only full AD. We managed however to override the default permissions editor with our own - more on how we did that with ADXSTUDIO later. For now I'd like to take our experiences and do a short blog series on writing your own permissions editor for AD or ADAM by using ONLY the DirectoryServices namespace in .NET2. The Microsoft documentation is pretty poor on the DirectoryServices side of things and badly lacking in examples and explanations. There's plenty of tidbits in... [More]

According to ADXSTUDIO, you need Active Directory when deploying ADXSTUDIO 2006, even if using ADAM. Fortunately, that doesn't seem to be ENTIRELY the case. We've successfully deployed a site using the IUSR account using a local account and still managed to deploy a site fine using ADAM - to a point. Critically, the server is on a Workgroup. Only problem is the document access and web permissions editors in the administration console. They don't like it :) We'll be seeing if we can crack that nut next!

Historically we've been seen as a Microsoft shop within the UK eBusiness division - quite rightly too. As part of the wider B&D group though we have a lot of experience in the Java/Open Source arena to bring to the party as well. For example, currently we provide solutions expertise in all the following ECM/CMS systems: SME                 /\       ADXSTUDIO (Closed Source / .NET)                         |       Pelikan (Open Source / PHP)                         |       EPiServer( Closed Source / .NET)                         |       Nuxeo (Open Source / Java) Enterprise        \/   ... [More]

Well the cram fest paid off - now the MCTS in config. and admin. of MOSS 2007 is under my belt too. Now to put this into practice, but before that I have to tie off an EPiServer project and also get stuck into an ADXSTUDIO one!

I've found a little glitch (by design?) in ADXSTUDIO 2006. The scenario is this... I want to give an 'Approvers' group access to approve across the whole site except for a 'Sensitive' folder, that can only be approved my managers. According to ADXSTUDIO, the way to do this is to explicitly GIVE permissions to the Approvers group everywhere except where I don't want them to have permissions. Yeah right. It's a big site :) You might think 'no probs, I'll just DENY them access to that one folder'. Nice, in theory... but in practive it spams out a nasty error when you try to do that. I guess it ... [More]