All geek questions in one place

Programmatically set connectionString for ActiveDirectoryMembershipProvider

Can be used

new PrincipalContext(ContextType.Domain,null)

without providing any connection strings for Active Directory.

When using ActiveDirectoryMembershipProvider you must specify the LDAP endpoint in web.config .

The site I'm working on will be deployed to several sites, and I don’t want to fill in the details in web.config for each decentralized one.

How to use Active Directory authentication across multiple domains on MSDN defines 3 (!) Membership providers to work with 3 domains that are not impressive. However, this article is from 2005, and it is dedicated to other tasks than what I need.

Question:

Is it possible to use ActiveDirectoryMembershipProvider so that the LDAP endpoint is not hardcoded in the web.config file?

I would prefer to use ActiveDirectoryMembershipProvider instead of PrincipalContext to have (potentially) the ability to call ChangePassword , etc.

+6
source share
1 answer

No, using ActiveDirectoryMembershipProvider not possible without specifying the destination LDAP server.

The connection string must be specified and the string must contain the server (contains ADS_FORMAT_SERVER )

You must create a connectionStrings element (ASP.NET Settings Schema) entry in the Web.config file that identifies the Active Directory server, Active Directory domain, or ADAM application section. The provider will work only in the domain area or in the subseries within the domain.

If you want to maintain an active forest directory and losing authentication is an option, consider using Windows authentication. Windows Authentication will use NTLM and Kerberos to get the user ID in the forest, and you can still change the user password using impersonation. See WindowsIdentity.Impersonate() .

0
source

Source: https://habr.com/ru/post/922552/

More articles:


All Articles