Solved

Username issue with Forms Authentication against Active Directory

Posted on 2011-02-28
2
301 Views
Last Modified: 2012-05-11
I'm using forms authentication against active directory for my site and I have a small problem with the username. If I enter "username@domain" it works perfect, if I use "username" it fails. How can I resolve this so the "@domain" isn't required?

I used the steps found at:
http://msdn.microsoft.com/en-us/library/ff650308.aspx

Here is my config information:
 
<connectionStrings>
		<add name="ADConnectionString" connectionString="LDAP://mydomain.local/DC=mydomain,DC=local" />
	</connectionStrings>

	  <authentication mode="Forms">
		  <forms name=".ADAuthCookie" timeout="2880" />
	  </authentication>

	  <membership defaultProvider="MyADMembershipProvider">
		  <providers>
			  <clear/>
			  <add 
				  name="MyADMembershipProvider"
					type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
					connectionStringName="ADConnectionString"
					connectionUsername="username with read access (i.e. not an admin)"
					connectionPassword="password"/>
		  </providers>
	  </membership>

Open in new window


I assume I'm missing something really simple somewhere, since I can't seem to find anyone else with this problem.
0
Comment
Question by:_valkyrie_
2 Comments
 
LVL 29

Accepted Solution

by:
Paul Jackson earned 500 total points
ID: 35001517
The format of the user name depends on the attributeMapUsername attribute of the <membership> element. The default configuration for the ActiveDirectoryMembershipProvider uses User Principal Names (UPNs) for name mapping as shown in the following example.

attributeMapUsername="userPrincipalName"
  Because of this, all user names must have the format UserName@DomainName; for example: mary@testdomain.com or steve@testdomain.com.

You can change the name mapping so that it uses simple user name format by setting the following attribute in the Membership Provider configuration in the Web.config file.

attributeMapUsername="sAMAccountName"
  With this configuration, you can use simple user names, for example: Mary or Steve.


...
<membership defaultProvider="MyADMembershipProvider"> 
                  <providers> 
                          <clear/> 
                          <add  
                                  name="MyADMembershipProvider" 
                                        type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
                                        connectionStringName="ADConnectionString" 
                                        connectionUsername="username with read access (i.e. not an admin)" 
                                        connectionPassword="password"
                                        attributeMapUserName="sAMAccountName"/> 
                  </providers> 
          </membership>

Open in new window

0
 
LVL 2

Author Closing Comment

by:_valkyrie_
ID: 35001594
Thanks for the quick and simple solution. I knew I had to be missing something!
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IntroductionWhile developing web applications, a single page might contain many regions and each region might contain many number of controls with the capability to perform  postback. Many times you might need to perform some action on an ASP.NET po…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question