?
Solved

Username issue with Forms Authentication against Active Directory

Posted on 2011-02-28
2
Medium Priority
?
309 Views
Last Modified: 2012-05-11
I'm using forms authentication against active directory for my site and I have a small problem with the username. If I enter "username@domain" it works perfect, if I use "username" it fails. How can I resolve this so the "@domain" isn't required?

I used the steps found at:
http://msdn.microsoft.com/en-us/library/ff650308.aspx

Here is my config information:
 
<connectionStrings>
		<add name="ADConnectionString" connectionString="LDAP://mydomain.local/DC=mydomain,DC=local" />
	</connectionStrings>

	  <authentication mode="Forms">
		  <forms name=".ADAuthCookie" timeout="2880" />
	  </authentication>

	  <membership defaultProvider="MyADMembershipProvider">
		  <providers>
			  <clear/>
			  <add 
				  name="MyADMembershipProvider"
					type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
					connectionStringName="ADConnectionString"
					connectionUsername="username with read access (i.e. not an admin)"
					connectionPassword="password"/>
		  </providers>
	  </membership>

Open in new window


I assume I'm missing something really simple somewhere, since I can't seem to find anyone else with this problem.
0
Comment
Question by:_valkyrie_
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 29

Accepted Solution

by:
Paul Jackson earned 2000 total points
ID: 35001517
The format of the user name depends on the attributeMapUsername attribute of the <membership> element. The default configuration for the ActiveDirectoryMembershipProvider uses User Principal Names (UPNs) for name mapping as shown in the following example.

attributeMapUsername="userPrincipalName"
  Because of this, all user names must have the format UserName@DomainName; for example: mary@testdomain.com or steve@testdomain.com.

You can change the name mapping so that it uses simple user name format by setting the following attribute in the Membership Provider configuration in the Web.config file.

attributeMapUsername="sAMAccountName"
  With this configuration, you can use simple user names, for example: Mary or Steve.


...
<membership defaultProvider="MyADMembershipProvider"> 
                  <providers> 
                          <clear/> 
                          <add  
                                  name="MyADMembershipProvider" 
                                        type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
                                        connectionStringName="ADConnectionString" 
                                        connectionUsername="username with read access (i.e. not an admin)" 
                                        connectionPassword="password"
                                        attributeMapUserName="sAMAccountName"/> 
                  </providers> 
          </membership>

Open in new window

0
 
LVL 2

Author Closing Comment

by:_valkyrie_
ID: 35001594
Thanks for the quick and simple solution. I knew I had to be missing something!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Just a quick little trick I learned recently.  Now that I'm using jQuery with abandon in my asp.net applications, I have grown tired of the following syntax:      (CODE) I suppose it just offends my sense of decency to put inline VBScript on a…
User art_snob (http://www.experts-exchange.com/M_6114203.html) encountered strange behavior of Android Web browser on his Mobile Web site. It took a while to find the true cause. It happens so, that the Android Web browser (at least up to OS ver. 2.…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question