Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 319
  • Last Modified:

Username issue with Forms Authentication against Active Directory

I'm using forms authentication against active directory for my site and I have a small problem with the username. If I enter "username@domain" it works perfect, if I use "username" it fails. How can I resolve this so the "@domain" isn't required?

I used the steps found at:
http://msdn.microsoft.com/en-us/library/ff650308.aspx

Here is my config information:
 
<connectionStrings>
		<add name="ADConnectionString" connectionString="LDAP://mydomain.local/DC=mydomain,DC=local" />
	</connectionStrings>

	  <authentication mode="Forms">
		  <forms name=".ADAuthCookie" timeout="2880" />
	  </authentication>

	  <membership defaultProvider="MyADMembershipProvider">
		  <providers>
			  <clear/>
			  <add 
				  name="MyADMembershipProvider"
					type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
					connectionStringName="ADConnectionString"
					connectionUsername="username with read access (i.e. not an admin)"
					connectionPassword="password"/>
		  </providers>
	  </membership>

Open in new window


I assume I'm missing something really simple somewhere, since I can't seem to find anyone else with this problem.
0
_valkyrie_
Asked:
_valkyrie_
1 Solution
 
Paul JacksonSoftware EngineerCommented:
The format of the user name depends on the attributeMapUsername attribute of the <membership> element. The default configuration for the ActiveDirectoryMembershipProvider uses User Principal Names (UPNs) for name mapping as shown in the following example.

attributeMapUsername="userPrincipalName"
  Because of this, all user names must have the format UserName@DomainName; for example: mary@testdomain.com or steve@testdomain.com.

You can change the name mapping so that it uses simple user name format by setting the following attribute in the Membership Provider configuration in the Web.config file.

attributeMapUsername="sAMAccountName"
  With this configuration, you can use simple user names, for example: Mary or Steve.


...
<membership defaultProvider="MyADMembershipProvider"> 
                  <providers> 
                          <clear/> 
                          <add  
                                  name="MyADMembershipProvider" 
                                        type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
                                        connectionStringName="ADConnectionString" 
                                        connectionUsername="username with read access (i.e. not an admin)" 
                                        connectionPassword="password"
                                        attributeMapUserName="sAMAccountName"/> 
                  </providers> 
          </membership>

Open in new window

0
 
_valkyrie_Author Commented:
Thanks for the quick and simple solution. I knew I had to be missing something!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now