Is role-based security possible with ADXSTUDIO CMS?
ADXSTUDIO CMS uses Microsoft® Active Directory® for all CMS user authentication, and access control. As such, ADXSTUDIO CMS benefits from all the various security models that can be implemented within Active Directory. Most implementations that desire role-based security create a unique group for each distinct role, and then simply add or remove user accounts from the appropriate group. Testing for access privileges is then a simple test if the current user is a member of a particular group.
All access control entries on secured objects then grant specific rights (read/write/admin/…) directly to the groups. For example, for the “News” section of the website, a “News Authors” group may be created and the permissions on the “News” folder is set to “News Authors” = read/write, and adxAdmin (master admin group) = full control.
What updates will occur to my active directory when I install ADXSTUDIO CMS?
ADXSTUDIO CMS requires 2 classes with approximately 14 attributes in total. These new objects will integrate safely into your environment. Please refer to the schema modification script in the related pages section of the ADXSTUDIO CMS Installation Guide.
Does ADXSTUDIO CMS make any modifications to existing schema objects?
ADXSTUDIO CMS does not modify existing schema objects. This eliminates any risk that other vendor's tools, or future Microsoft tools will have any conflict with our extensions.
Is there any possibility of a conflict with other directory-enabled applications?
We have registered and use an officially registered Microsoft OID and use unique names to ensure that there is no possibility of conflicting with any other vendor. For example, the LDAP name of all of our classes and attributes start with the string 'appdepot-adx'.
Will there be any impact on exchange or other directory applications as a result of installing ADXSTUDIO CMS?
Extending the schema will not have any effects on your exchange or network administrators. The native Active Directory management tools (Users and Computers, Sites and Services) are not affected by our extensions, and should remain the same as before the extensions are applied.
Are there any modifications to administrative tools or extension dll’s required?
Modifications to your administrative tools or any extension DLLs are not required.
I already have a large database of membership users - do I have to use Active Directory?
ADXSTUDIO CMS requires the use of Active Directory for all CMS operations and for access control, however, custom membership systems can easily be integrated into your solution without the requirement of storing those accounts in Active Directory. We recommend integrating your membership database using an ASP.NET 2.0 Membership Provider if you do not desire to integrate your membership system in Active Directory.
The CMS requires that all content authors, administrators, and other CMS users use Active Directory accounts. You will also need Active Directory if you are implementing a complex CMS solution that includes secured content that is implemented using Access Control Lists (ACLs).
I cannot modify my Active Directory Schema (for political reasons). Can I still use ADXSTUDIO CMS?
ADXSTUDIO CMS can use Active Directory / Application Mode (AD/AM) instead of Active Directory. You will have to configure your CMS solution to use LAN authentication instead of the default container-based authentication. With AD/AM, you will have fewer capabilities for content security with the built-in security management tools, but you can still configure the content ACLs with ADSI Edit if you require content security. Another option is to use virtualization technologies such as Virtual Server 2005 R2 and create a separate Active Directory forest for your ADXSTUDIO CMS solution.
Results
