Logging In After Password Change Breaks DotNetNuke Active Directory Authentication

I've developed a few DotNetNuke 4.9.x sites that use the Active Directory authentication provider, and on the whole, it works quite well.  DotNetNuke caches the given username and password, using that to query the domain when a user attempts to log in.  On the sites in question, having both the standard DNN and Windows login was confusing to the users, so I disabled the DNN login by going to Admin -> Authentication and unchecking Enabled? under DNN Auth Settings.  This cuts out the ability to log in as host, so every time host functionality is needed, the site must be logged into using an AD user with admin privileges, DNN login must be re-enabled, and then you can log back in as host.

However, upon updating my domain password, I noticed that all of the AD-enabled sites broke.  Without being able to log in using the DNN login, and with no AD logins working, what was I to do?

Hidden In The Database

The answers are not clear from any of the DNN forums, but it turns out when you enable Active Directory integration for a portal, a module is created to store the configuration.  The DNN standard login has no settings of its own.  To re-enable DNN login from the database, look through the ModuleSettings table for a ModuleID that has entries prefixed with AD_.  There are two other settings for the same module, prefixed with DNN_.  The setting we're looking for is DNN_Enabled, which, if you had DNN login disabled, should be false.  Simply changing that back to true should give you back your DNN login ability and get you back onto your site.

Avoiding This Issue In The Future

The best way to avoid this is to create an additional user in your AD with no rights-all it has to do is authenticate as a valid user.  I went with dotnetnuke-ad, but you could chose anything.  Give it a sufficiently difficult password, and set the password to never expire.  This way, you never have to worry about your password changes taking down your DNN site.