Re: WindowsTokenRoleProvider & Domain Groups

Hi Craig,

Just some additional notes to the security account you mentioned, yes the
Environment.UserName means the current identity of your thread context.
However, the ASP.NET ActiveMembershipProvider do not use impersonate
context, it will always use the process's original security identity(if you
do not explicitly supply username/password credentials), you can supply a
fixed account in Membership's provider setting:

==========
<add
name="MyADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="dc\administrator"
connectionPassword="P@ssw0rd"
attributeMapUsername="sAMAccountName"
==============

this is also described in the following article:

http://msdn2.microsoft.com/en-us/library/ms998360.aspx

you can also have a try if you have interests or may use it later.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


This posting is provided "AS IS" with no warranties, and confers no rights.

.