Search Code Shode

Loading...

Wednesday, December 8, 2010

Active Directory Authentication for ASP.NET Website Users


ASP.NET membership provides the ability to authenticate users to your web application using forms based authentication against a database of users or directory services.  This article explains the steps required to provide authentication against Active Directory, either for new sites with no authentication, or for existing sites using database authentication.

Step 1 – Set up the Active Directory connection string
The Active Directory connection string is simliar to the database connection string used in ASP.NET, except that it references an LDAP address.  The connection string is specified in the web.config file.
The following string will authenticate users in the entire company.com.au tree:

<connectionStrings>
    <add name="ADConnectionString" 
    connectionString="LDAP://company.com.au/DC=company,DC=com,DC=au"/>
</connectionStrings>

If you want to restrict authentication to a particular OU, then you specify it in the connection string like so:

<connectionStrings>
    <add name="ADConnectionString" 
    connectionString="LDAP://dept.company.com.au/CN=dept,DC=company,DC=com,DC=au"/>
</connectionStrings>

اشتہارات