Hot![FAQ]Active Directory Membership Provider Integration

Author
APGvNext Sam
vNext Owner
  • Total Posts : 12842
  • Joined: 2001/05/23 00:00:00
  • Status: offline
2010/12/21 16:38:55 (permalink) Authentication
0

Active Directory Membership Provider Integration

In order to use the Active Directory Membership Provider, you need complete the following steps:
  1. Update ~/config/appSettings.config:
    <add key="EnableMembershipIntegration" value="true" /> 

    The key is already defined. You just need to set the value to "true"
  2. Provide the necessary AD connection information (info taken from http://blogs.msdn.com/b/g...2005/08/17/452905.aspx )
    1. In ~/config/sqlconnections.config, add a connection string pointing to the Active Directory store. The following example assumes that your fully-qualified domain name for the domain controller is win2k3.vstsb2.local, while the domain is vstsb2.local. The connection string section in web.config would then look like this:
      <connectionStrings>
       <add connectionString="LDAP://win2k3.vstsb2.local/CN=Users,DC=vstsb2,DC=local" name="ADConnString"/>
      </connectionStrings>
    2. Then in ~/web.config, add the following membership provider info inside <system.web> (note: the following is a very simple implementation, and omits many of the optional attributes):
      <membership defaultProvider="AspNetActiveDirectoryMembershipProvider">
         <providers>
            <add name="AspNetActiveDirectoryMembershipProvider"
               type="System.Web.Security.ActiveDirectoryMembershipProvider,
               System.Web, Version=4.0.0.0, Culture=neutral,
               PublicKeyToken=b03f5f7f11d50a3a"
               attributeMapUsername="sAMAccountName" <!--sAMAccountName or userPrincipalName-->
               connectionStringName="ADConnString"
               connectionUsername="vstsb2.local\Administrator"
               connectionPassword="password"
               enableSearchMethods="true" />
         </providers>
      </membership>
You should be able to authenticate your user via the AD now.
 
Another expert info on AD configuration: http://blogs.msdn.com/b/d...2005/10/11/479941.aspx
 
ADTester.zip - Download this tester to make sure your AD is set up correctly.
Installation: Download & unzip the files onto your forum's root dir, browse the aspx file and try logging in with the form provided by the tester.


However, if you find it impossible to implement such integration because of the Username / Password requirement, or because you want users to be logged in automatically, here is an alternative method:
 
Windows Authentication without AD membership provider
post edited by APGvNext Sam - 2013/08/06 08:51:24
#1
GREater
vNext Owner
  • Total Posts : 9
  • Joined: 2013/08/03 11:51:00
  • Status: offline
Re: Active Directory Membership Provider Integration 2013/08/06 03:15:09 (permalink)
0
Thanks. this info is very helpful.
 
One question though: should I put the connection string in web.config, or /config/sqlconnections.config?
#2
APGvNext Sam
vNext Owner
  • Total Posts : 12842
  • Joined: 2001/05/23 00:00:00
  • Status: offline
Re: Active Directory Membership Provider Integration 2013/08/06 08:47:52 (permalink)
0
You should put it in ~/config/sqlconnections.config along with your SQL server connection. Thanks for the heads up. I'll update the info right away.
#3
Jump to:
© 2014 APG vNext Commercial Version 5.0