RE: Password reset configuration with ActiveDirectoryMembershipProvide
- From: stcheng@xxxxxxxxxxxxxxxxxxxx ("Steven Cheng")
- Date: Wed, 20 Feb 2008 03:38:55 GMT
Hi Charlotte,
Regarding on the AD membership reset password problem, I've checked the c
onfiguration fragment, it seems you've added all the necessary
configurations based on some existing reference about password management
for AD membershpi provider:
http://msdn2.microsoft.com/en-us/library/ms998360.aspx
http://blogs.msdn.com/dansellers/archive/2005/11/09/491152.aspx
Also, I found that someone else met such similar issue that was caused by
some typing error in the configuration file(some attribute value spelled
incorrectly):
#ActiveDirectoryMembershipProvider throws config error, but config appears
to be correct
http://forums.asp.net/p/1064878/1539598.aspx#1539598
I think you may also have a check in your configuration file to see whether
there is such mistakes that may cause this.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
From: =?Utf-8?B?Q2hhcmxvdHRl?= <charlotte.vilarem@xxxxxxxxxxxxxxxxx>
Subject: Password reset configuration with ActiveDirectoryMembershipProvide
Date: Tue, 19 Feb 2008 09:27:01 -0800
the
Hi,
I have an ASP.NET 2.0 web application, which is configured to use
Forms-based authentication and the ActiveDirectoryMembershipProvider for
membership.userIsOnlineTimeWindow="15">
The users are stored in ADAM.
Everything was working properly until I wanted to add the password reset
functionality.
I extended the user schema to add the attributes necessary, and my
web.config is:
<connectionStrings>
<add name="myADAMConnectionString"
connectionString="LDAP://localhost:61000/OU=Users,OU=Matrix5,O=Extranet"/>
</connectionStrings>
<system.web>
<membership defaultProvider="MyCustomProvider"
<providers>PublicKeyToken=b03f5f7f11d50a3a"
<clear/>
<add
name="MyCustomProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
connectionStringName="myADAMConnectionString"tTime"
attributeMapUsername="userPrincipalName"
attributeMapEmail="mail"
connectionUsername="CN=MembershipProvider,OU=Users,OU=Matrix5,O=Extranet"
connectionPassword="DataJungle!"
connectionProtection="None"
enableSearchMethods="true"
requiresQuestionAndAnswer="true"
attributeMapPasswordQuestion="blPasswordQuestion"
attributeMapPasswordAnswer="blPasswordAnswer"
attributeMapFailedPasswordAnswerCount="blFailedPasswordAnswerCount"
attributeMapFailedPasswordAnswerTime="blFailedPasswordAnswerTime"
attributeMapFailedPassswordAnswerLockoutTime="blFailedPassswordAnswerLockou
maxInvalidPasswordAttemps="5"PublicKeyToken=b03f5f7f11d50a3a"
passwordAttemptWindow="10"
passwordAnswerAttemptLockoutDuration="30"
requiresUniqueEmail="true"
enablePasswordReset="true"
/>
</providers>
</membership>
<authentication mode="Forms">
<forms loginUrl="Login.aspx" protection="All" timeout="30"
name=".ASPXAUTH" path="/" requireSSL="false" slidingExpiration="true"
defaultUrl="matrix.aspx" cookieless="UseDeviceProfile"
enableCrossAppRedirects="false"/>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
<trust level="Full"/>
</system.web>
When I log into the application, I get a configuration error:
Description: An error occurred during the processing of a configuration
file required to service this request. Please review the specific error
details below and modify your configuration file appropriately.
Parser Error Message: Attribute schema mappings for bad password answer
tracking must be specified to enable password reset functionality.
Source Error:
Line 58: <add
Line 59: name="MyCustomProvider"
Line 60: type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
Line 61: connectionStringName="myADAMConnectionString"
Line 62: attributeMapUsername="userPrincipalName"
Source File: D:\Charlotte\web.config Line: 60
I don't understand why this doesn't work, as I can verify in ADAM-adsiedit
that the user I'm logging in as has the attributes blPasswordQuestion
(Unicode String), blPasswordAnswer (Unicode String),
blFailedPasswordAnswerCount (Integer), blFailedPasswordAnswerTime (Large
Integer/Interval), blFailedPassswordAnswerLockoutTime (Large
Integer/Interval).
Can you please help me figure out what is wrong with my configuration?
Thanks
Charlotte
.
- Follow-Ups:
- References:
- Prev by Date: Password reset configuration with ActiveDirectoryMembershipProvide
- Next by Date: Re: Membership and Roles not working when application is deployed
- Previous by thread: Password reset configuration with ActiveDirectoryMembershipProvide
- Next by thread: RE: Password reset configuration with ActiveDirectoryMembershipPro
- Index(es):
Relevant Pages
|
|
