I use the solution discussed here to authenticate users against the active directory in my ASP.NET web application. I wrote a simple ADMembershipProvider class that is used with FormsAuthentication. It works well when running a project locally, but when deploying to a server on a network, calling ValidateUser takes a very long time (about 20 seconds).
//Assumes using System.DirectoryServices.AccountManagement public override bool ValidateUser(string username, string password) { using (var context = new PrincipalContext(ContextType.Domain)) { return context.ValidateCredentials(username, password); } }
I tried to add the name and container parameters, as described in msdn , to the PrincipalContext constructor, but these parameters do not look have any effect.
using (var context = new PrincipalContext(ContextType.Domain, "MyDomain", "OU=MyCompany,DC=some,DC=stuff")) { return context.ValidateCredentials(username, password); }
We have the same problem on at least two different servers on our network. Servers are connected to AD and are running Windows Server 2003 SP2 (IIS6)
One of my ideas was that the problem could be related to the fact that our domain has some trusting relationships with other domains and that they are somehow related when checking the user. However, the users we are trying to verify exist exclusively in "our" AD.
source share