I have a single-domain forest with a fresh install of Sharepoint Server 2013. I want to create a web application with FBA, so that my Active Directory users can log in using a nice friendly form. I'm having trouble understanding exactly how to do this. Microsoft's documentation http://technet.microsoft.com/en-us/library/ee806890.aspx
seems to suggest that I need to reference a single OU in the web.config files that will contain all of my users. My users are spread throughout multiple OUs in AD. Will the LDAP lookups be recursive if I simply point them to the root?
I've also read several articles claiming that you must create an ASP database in SQL and have the web app authenticate to it, rather than directly to AD. I would rather not do that, as it will just complicate things. Does anyone have any advice?