Re: Defining Groups with AD users



Hi GeoffreyD,

For ASP.NET authentication and role based authorization, you can adopt the
Membership and RoleManager providers. Also, these two providers are
separate so that you can configure each of them to use different provider
respectively. For example, you can configure the membership to use AD
membership provider and Rolemanager to use SQL server provider. Thus, you
can make your client user be authenticated against AD database and after
they have login, their role is retrieved from SQL Server database(via the
role manager provider).

Here is a good article demonstrate using windows authentication(not AD
membership provider since membership is mainly used for forms
authentication) and SQL role manager provider. Howerver, the idea is the
same:

#Recipe: Implementing Role-Based Security with ASP.NET 2.0 using Windows
Authentication and SQL Server
http://weblogs.asp.net/scottgu/pages/Recipe_3A00_-Implementing-Role_2D00_Bas
ed-Security-with-ASP.NET-2.0-using-Windows-Authentication-and-SQL-Server.asp
x

And there are some other good reference about ASP.NET 2.0 Membershp & Role
provider:

#How To: Use Membership in ASP.NET 2.0
http://msdn2.microsoft.com/en-us/library/ms998347.aspx

#ASP.NET 2.0 Security, Membership and Roles Tutorials
http://weblogs.asp.net/scottgu/archive/2006/06/19/ASP.NET-2.0-Security_2C00_
-Membership-and-Roles-Tutorials.aspx

Hope this helps.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.










--------------------
From: "GeoffreyD" <GeoffreyD@xxxxxxxxxxxxxxxx>
References: <OFHApa0FIHA.4808@xxxxxxxxxxxxxxxxxxxx>
<1193345303.827269.191480@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Defining Groups with AD users
Date: Thu, 25 Oct 2007 22:56:40 +0200

Hey, thanks for the reply but I am doing something similar currently. I
need
a more streamlined and generalised solution due to the number of users
that
need to use the site. More importantly, users from different groups are
permitted to visit the same page (e.g. the data will be editable for some
but read-only to others) so I need to be able to check group permissions
on
a task basis as a opposed to page access basis.

"Alexey Smirnov" <alexey.smirnov@xxxxxxxxx> wrote in message
news:1193345303.827269.191480@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On Oct 25, 10:35 pm, "GeoffreyD" <Geoffr...@xxxxxxxxxxxxxxxx> wrote:
Hi

I am working on an internal ap.net site and am wanting to assign
permissions
to users using their AD account to authenticate against, but am not
wanting
to setup the actual groups within AD. At the moment is it seems that my
only
answers are ADAM and AzMan. does anyone have any suggestions as to what
I
could use from a pure programmatic perspective?

Thanks

for a page based permissions you can use the web.config file

<authorization>
<allow users="user1,user2"/>





.



Relevant Pages

  • RE: Different password policies for different roles
    ... As you have found, by default, each ASP.NET membership provider has a set ... password related policy to the loosest level. ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: SQL Membership Provider Problem
    ... Roles provider. ... it seems he has registered a new membership ... ASP.NET 2.0 membership &role manager service, they use separate provider, ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet)
  • RE: MembershipProvider and ADAM
    ... membership provider has choosed to use SSL connection to access AD server. ... following article which has mentioned the AD connectionstring and provider ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: MembershipProvider and ADAM
    ... membership provider has choosed to use SSL connection to access AD server. ... following article which has mentioned the AD connectionstring and provider ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Defining Groups with AD users
    ... For ASP.NET authentication and role based authorization, ... you can configure the membership to use AD ... membership provider and Rolemanager to use SQL server provider. ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.security)