Re: Forms Authentication against ADAM
- From: gely <gely@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 12 Sep 2006 13:19:02 -0700
Joe,
Works like a charm.
Being a newbie to ADAM, I was unaware of the userPrincipalName attribute for
users. I (only half-heartedly) looked for something similar earlier, but,
obviously, didn't find this.
Your assistance is MOST appreciated.
"I love it when a plan comes together." - George Peppard
- Thanks,
Geoff -
"Joe Kaplan" wrote:
Did you try setting the userPrincipalName attribute in ADAM? The user.
schema included with ADAM has that attribute.
It is generally a good idea to avoid using the DN syntax, as that is a lot
for a user to remember and type in and reveals a lot about your directory
structure that they don't need to know.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"gely" <gely@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B49611C9-BA9E-4FC8-813E-851DC66F7576@xxxxxxxxxxxxxxxx
Using .NET 2.0
I need to be able to authenticate against an instance of ADAM from an
internet browser. At the moment, I am assuming forms based
authentication.
Here is what I have so far:
ADAM is installed on my local workstation (XP Pro).
The web site is on a server (Win2K3).
Using web based forms authentication:
- I can successfully authenticate to the active directory (domain) using
an
appropriate membership provider (web.config)
- I am able to TRY to authenticate to the ADAM instance using an
appropriately permissioned ADAM ID in the membership provider (web.config)
- I say "TRY" because no matter what User Name I use in the forms
authentication app (login.aspx) the result is the login form reporting an
unsuccessful login attempt.
- I am pretty sure I am hitting the correct connection because:
1. the connectionUsername (in the web.config membership provider)
is NOT a member of the domain
2. a good password (for the connectionUsername in the membership
provider) results in a login form message indicating a failed login
attempt
3. a bad password (for the connectionUsername in the membership
provider) results in an application error: "Logon failure: unknown user
name
or bad password"
Additional Information:
I believe my problem is a result of not using a correctly formatted name
when trying to authenticate against ADAM. According to the MSDN developer
article "How To Use Forms Authentication with Active Directory in ASP.NET
2.0" you have to use the UserName@DomainName formatting when the
attributeMapUsername is set to "userPrincipalName". (I tried using
attributeMapUsername="sAMAccountName" but received the application error
message: "The property 'attributeMapUsername' must be mapped to
'userPrincipalName'". Not sure what's up with that.)
So. assuming I have everything else in line at this point, my current
question is:
How does one format a UserName, for forms based authentication via ADAM,
to
use the userPrincipalName setting?
Example: How do I format my test user ID (CN=Test,OU=ADAM Users,O=HR,C=US)
to fit the UserName@DomainName formatting?
Also: Is there another (better?) way to do this?
- Thanks,
Geoff -
- References:
- Re: Forms Authentication against ADAM
- From: Joe Kaplan
- Re: Forms Authentication against ADAM
- Prev by Date: Re: Forms Authentication against ADAM
- Next by Date: MCSE 2003 CCNA CCNP MCSD BOOT CAMP TRAINING @ CHEAPEST PRICES
- Previous by thread: Re: Forms Authentication against ADAM
- Next by thread: MCSE 2003 CCNA CCNP MCSD BOOT CAMP TRAINING @ CHEAPEST PRICES
- Index(es):
Relevant Pages
|
|
