GibboK
GibboK

Reputation: 73918

how to configure a connection string for active directory

I need to configure a connection string for a Active Directory, my web application is on the same machine where I can access the Active Directory

at the moment I'm using this string with no success

<add name="ADConnectionString" connectionString="" />

could you please point me out the right direction because this is the first time I'm doing a lookup against Active Directory.

Upvotes: 3

Views: 17185

Answers (1)

Jom George
Jom George

Reputation: 1127

Access Active Directory security requires a connection string to your Active Directory. Your system administrator should provide you with appropriate connection string information. The Application Security Wizard provides the possible Active Directory connection strings for the root domain controller and for the first-level domain controllers, which is sufficient to connect to Active Directory and use Active Directory security. This is a very powerful feature. Without Active directory available, no one can be authenticated. Configured connection strings are stored as a value of the ADDomainControllers key in your application’s Web.config file. If the Active Directory controller is not available when configuring application security via the Application Security Wizard, then no roles will be visible in the wizard except standard roles. Hence, Active Directory role configuration is possible only when the Application Security Wizard can reach the Active Directory controller.

Steps required to provide authentication against Active Directory, either for new sites with no authentication, or for existing sites using database authentication...

The Active Directory connection string is simliar to the database connection string used in ASP.NET, except that it references an LDAP address.

    <connectionStrings>
     <add name="ADConnectionString"
      connectionString="LDAP://Product.com.au/DC=Product,DC=prd,DC=au"/>
     </connectionStrings>

this in web.config file and its for entire Product. We can do this for particular,

like

<connectionStrings>
<add name="ADConnectionString"
  connectionString="LDAP://Sub.Product.com.au/CN=Sub,DC=Product,DC=prd,DC=au"/>
 </connectionStrings>

Then Configure the Membership provider

<membership defaultProvider="defaultProviderName">
<providers>
    <add name="defaultProviderName"
    type="System.Web.Security.ActiveDirectoryMembershipProvider,
    System.Web, Version=2.0.0.0, Culture=neutral,
    PublicKeyToken=b03f5f7f11d50a3a"
    connectionStringName="NmaeActiveDirConnectionString"
    attributeMapUsername="Name"/>
</providers>
</membership>

Then Configure the Authentication and Authorization parameters, This settings above require every user to authenticate before accessing your web application. ASP.NET will automatically redirect these users to a Login.aspx page.

<authentication mode="Forms">
<forms name=".ADAuthCookie" timeout="43200"/>
 </authentication>
  <authorization>
  <deny users="?"/>
  <allow users="*"/>
 </authorization>

Last step is create Login Page,

Membership.GetUser(UserName) using to get the details.

Upvotes: 2

Related Questions