Active Directory Authentication for ASP.NET Website Users
ASP.NET membership provides the ability to authenticate users to your web application using forms based authentication against a database of users or directory services. This article explains the steps required to provide authentication against Active Directory, either for new sites with no authentication, or for existing sites using database authentication.
Step 1 – Set up the Active Directory connection string
The Active Directory connection string is simliar to the database connection string used in ASP.NET, except that it references an LDAP address. The connection string is specified in the web.config file.
The following string will authenticate users in the entire company.com.au tree:
The connectionStringName attribute should match the name of the connection string you created in Step 1.
You can configure the credentials used to access Active Directory using the connectionUserName andconnectionPassword attributes. If you leave these blank then your application's process identity is used to access Active Directory, regardless of whether your application uses impersonation.
Step 3 – Configure the Authentication and Authorization parameters
In your web.config file, create or change the following entry to configure the authentication and authorization parameters for Active Directory within the <system.web> section: