Re: ActiveDirectory authentication - more issues
- From: Dominick Baier [DevelopMentor] <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 20 Mar 2006 21:32:58 +0000 (UTC)
hi,
ok...
1) this can be mapped in web.config - both formats are supported. See in visual studio help for all varations
e.g, attributeMapUsername="SAMAccountName"
uses only the username without domain
2) no -you are doing forms authentication. NTLM would be IIS authentication and <authentication mode="Windows" /> would be set. Then you cannot use the membership providers
3) no - see 2
4) see 2. You could maybe use Protocol Transition (only for domain accounts, only on w2k3, only in w2k3 domains) to get a token or use the Win32 LogonUser API (needs to store the password on the server - not recommended).
5) still no idea
have you ordered the book already?
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
Hi;
Ok, I have ActiveDirectory authentication working but have a couple of
issues:
1) My username must be dave@xxxxxxxxxxxxxx - it does not take
windward\dave
- why?
2) The authentication type is shown as forms - shouldn't it be NTLM?
3) Since I'm running from a computer on the domain and using IE,
shouldn't
it handle this automatically?
4) I do not get a WindowsIdentity but instead a FormsIdentity. I need
a
WindowsIdentity so I can do impersonation. How do I get that?
5) Context.User.IsInRole() returns false for groups I am a member of
such as
"windward\\Domain Users" - why?
.
- Follow-Ups:
- Re: ActiveDirectory authentication - more issues
- From: David Thielen
- Re: ActiveDirectory authentication - more issues
- Prev by Date: Re: ActiveDirectory authentication - more issues
- Next by Date: Re: ActiveDirectory authentication - more issues
- Previous by thread: Re: ActiveDirectory authentication - more issues
- Next by thread: Re: ActiveDirectory authentication - more issues
- Index(es):
Relevant Pages
|
