All geek questions in one place

Active Directory Membership Provider - How Can I Extend It?

I am working on how an MVC application starts and runs through the AD Membership Provider, and I am having some problems with this. I have a basic configuration setting and it works when I log in as the password foo@my.domain.com +.

   <connectionStrings>
      <add name="MyConnString" connectionString="LDAP://domaincontroller/OU=Product Users,DC=my,DC=domain,DC=com" />
   </connectionStrings>

  <membership defaultProvider="MyProvider">
     <providers>
        <clear />
        <add name="MyProvider" connectionStringName="MyConnString"
             connectionUsername="my.domain.com\service_account"
             connectionPassword="biguglypassword"
             type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
     </providers>
  </membership>

However, I would like to do something else, and I'm not sure how to get around it.

  • Log in without typing the domain (ie "@ my.domain.com"). I understand that this can only work if I restrict myself to only one domain - that’s fine.
  • N . , Product Users. OU . ?
  • , Active Directory . AD , SQL, , -, - ?

!

+3
3

№ 1 . attributeMapUsername="sAMAccountName"

    <add name="MyProvider" connectionStringName="MyConnString"
         attributeMapUsername="sAMAccountName"
         connectionUsername="my.domain.com\service_account"
         connectionPassword="biguglypassword"
         type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
+1

2:

I had the same problem, so I did remove the OU from the connection string. Something like that:

<add name="MyConnString" connectionString="LDAP://domaincontroller/DC=my,DC=domain,DC=com" />

Now I can authenticate users in all of these different departments.

0
source

Source: https://habr.com/ru/post/1745224/

More articles:


All Articles