How to show domain name and user name ("domainname/username") in ASP.NET Web Site Administration Tool while using active directory membership povider?

Hi,

I'm using active directory membership provider and SQL role provider in my web application by adding these lines in my web.config file:

1    <connectionStrings>
2       <add name="SqlRoleManagerConnection" connectionString="Data Source=FX-IT-HARIS\SQLSERVER2005; Initial Catalog=ASPNETDB; UID=user; pwd=pass" />
3       <add name="ActiveDirectory" connectionString="LDAP://haris.co.id/DC=haris,DC=co,DC=id"/>
4    </connectionStrings>
5    
6    ...
7    
8    <membership defaultProvider="AspNetWindowsTokenMembershipProvider ">
9       <providers>
10   	<clear />
11   	<add connectionStringName="SqlRoleManagerConnection" applicationName="myapp" name="SqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" />
12   	<add connectionStringName="ActiveDirectory" connectionUsername="user" connectionPassword="pass" attributeMapUsername="sAMAccountName" enableSearchMethods="true" requiresUniqueEmail="true" name="AspNetWindowsTokenMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
13      </providers>
14   </membership>

 

This way, I can view users in my active directory and then associate them with application roles I've created by using ASP.NET Web Site Administration Tool. However, since I use Windows authentication, I'm encountering a problem. User names in listed ASP.NET Web Site Administration Tool does not include my domain name (only "haris" instead of "mydomain/haris"). Because of this, since the user name passed by IIS includes my domain name ("mydomain/haris"), the authenctication is always fail. How to show domain name and user name ("domainname/username") in ASP.NET Web Site Administration Tool while using active directory membership povider?

 Thanks in advance,

 Haris

0
haris101
10/20/2008 2:40:45 AM
asp.net.security 27051 articles. 1 followers. Follow

4 Replies
943 Views

Similar Articles

[PageSpeed] 3

The format of the user name depends on the attributeMapUsername attribute of the <membership> element.

Check here: http://msdn.microsoft.com/en-us/library/ms998360.aspx

although it won't store in domainname/username format.

But I don't get it why it is not authenticating ?

Is your forms authentication set correctly?

I don't see your role manager provider settings?

check this: http://weblogs.asp.net/scottgu/pages/Recipe_3A00_-Implementing-Role_2D00_Based-Security-with-ASP.NET-2.0-using-Windows-Authentication-and-SQL-Server.aspx

 

 


/GuruBhai
0
guru_sarkar
10/20/2008 6:15:03 PM

Sorry, I forgot to attach my role manager provider settings. Below is it.

		<roleManager enabled="true" defaultProvider="SqlRoleManager">
			<providers>
				<clear/>
				<add name="SqlRoleManager" type="System.Web.Security.SqlRoleProvider" connectionStringName="SqlRoleManagerConnection" applicationName="MyApp"/>
			</providers>
		</roleManager>

What I'm trying to do is to map Windows login names with my own custom roles. I don't want to use a login page for a better user convenience, so I just use Windows authentication. This means user names passed to my application is in <domain_name>/<user_name> format.

I know I can manage roles and membership easily by using the ASP.NET Web Site Administration Tool. I don't want to create my own custom adiministration tool if I don't have to. With a little trick, I can link the ASP.NET Administration Tool to my active directory. This way I can map the active directory names with my own custom roles that I created with the administration tool. However, the user names listed in the administration tool don't include my domain name but only the Windows login name (only <user_name>, not <domain_name>/<user_name>). So, eventhough I "can" map those names with my roles, the authentication is always fail, because user names passed to my application is in <domain_name>/<user_name> format, as I said earlier.

Do you know the trick so the administration tool shows user names in <domain_name>/<user_name> format? Or, how to omit domain name from user name passed to my application?

Many thanks in advance,

Haris

0
haris101
10/21/2008 2:31:04 AM

Oh, I just realized that I have used a wrong title for this topic since I think the problem has nothing to do with active directory membership provider... is it? Stick out tongue

0
haris101
10/21/2008 2:41:55 AM

I don't want to use a login page for a better user convenience, so I just use Windows authentication.

Since you have set Windows Authentication, even though you have active directory provider setup but it is not used when you login. So definitely you will get in <domain_name>/<user_name> format.

Now the link in previous post shows how you can use SqlRoleProvider with Windows Authentication. I doubt you will be able to use WAT for that.

One question? Are you having different roles than Windows Groups /AD roles  or they are the same? i.e. is it necessary for you to use SqlRoleProvider ?

If No then check 'Configuring URL Authorization' - here: http://msdn.microsoft.com/en-us/library/ms998358.aspx

 


/GuruBhai
0
guru_sarkar
10/21/2008 3:52:44 PM
Reply:

Similar Artilces:

I am trying to run a login sample, so in "Web Site Administration Tool" i clicked "Use the security Setup Wizard to configure security step by step." and got this famous error: An error was encountere
After this i have the lengthy description of the rror The following message may help in diagnosing the problem: Specified argument was out of the range of valid values. Parameter name: site at System.Web.Configuration.WebConfigurationHost.InitForConfiguration(String& locationSubPath, String& configPath, String& locationConfigPath, IInternalConfigRoot configRoot, Object[] hostInitConfigurationParams) at System.Configuration.Configuration..ctor(String locationSubPath, Type typeConfigHost, Object[] hostInitConfigurationParams) at System.Configuration.Internal.InternalConfigConfigur...

Whan can i do? make "string" data type convert to "window" data type, and use a "window" name to get it ancestor "window name", thanks! i use pb5
Rich, With a string window name, you can open a window of that type if you need to. You could, of course, query that window object for any attributes. Another option is to use the LibraryExport function to export the definition of the window which is specified by the string. You can then parse the resulting file to get information on the ancestor object. HTH Sanjiv. "Rich" <windows_ce@netease.com> wrote in message news:2Xsr1WW0AHA.178@forums.sybase.com... > > > ...

column "name" is not in table "name "
I have a problem with PB 6.5.1, and Informix 5.02 (Online) ... We receive the error above in subject.... when i tried to make a Datawindow updated. (settings) .. I`m not sute what that mean.. I have done all the testing.. and I did not find anything...Please .. help me Carlos BDT-Caracas-Venezuela Carlos, It sounds like the datawindow has a select statement that selects data from multiple tables using a SQL Join. nd perhaps when the update properties were set, columns from multiple tables were selected and marked as updateable columns. I will test this when I get a ...

META name="title" + META name="description" + META name="keywords" in MasterPage head section
Hy Guys, I've placed these META tags on the HEAD section of my MASTERPAGE of my application (used in all my webforms) Last Monday week I was on the first page of GOOGLE at the sixth position. Last Friday, I've added a script section on my head too. Something like: function .... .... .... This week, I can't even find my site even if I put on the search engine te exact site name. Did I do something wrong? Does the scrip section stop the google robots to read the META tags? Thank you in advance MarcoMarco First of all, META tags...

How can I access < input type="hidden" name="objHidden" id="objHidden" > from a .net server side function
Topic says it all..please help!! Right Click the control in the design view and select run as server control. ...

SQL: Column names, can ONLY get "name" instead of "table.name"
Hey all, When iterating through column names returned from a query, I need to get "table.name" rather than just "name" Check it out: If I have an SQL statement "SELECT table1.ID, table2.ID FROM table1, table2;" And table1 has a column name 'ID' and table2 has a column name 'ID' aswell, and i run the query, the dataset will contain column names 'ID' and 'ID' instead of 'table1.ID' and 'table2.ID' It is extremely important that I can differenciate between the 2 fields, and know where each of them come from. The same thing happen...

Using "aspnet_regiis.exe -ga" on the basis of SID instead of "user name"
aspnet_regiis.exe -ga "Network service" The above command grants "Network service" access to the IIS metabase and other directoriesused by ASP.NET. Is there any way to do using "Security Identifieir" http://en.wikipedia.org/wiki/Security_Identifier instead of user name, actually it is useful in Localized OS. Thanks, Mushq ...

Changing the "from-name" / "friendly-name" / sender
Hi, I'm not sure what's the correct designation for the object I'm talking about. In my german GroupWise it's the "Von-Name" or in some cases it's called "friendly name". I'm talking about the sender of an E-Mail which is shown in my GroupWise Mailbox, such as "Peter Briggs <p.briggs@mailman.com>"... My question is who to change it to "Peter Briggs, Mailman Inc. <p.briggs@mailman.com>" ... (adding the ", Mailman Inc.") While using GroupWise in the Caching Modus I can change it on my own in ...

Mail resending duplicates in the "from" field the (Given Name Last Name) if name contains a "-"
Hello, An other incredible behavior with client GW8.01 and GW8.01HP if you resend one of your mail and if you given name or last name contains a "-" in eDir, the from field of your email is populated with a second occurrence of (givenname lastname); if you resend this again, then you get it 2 times (givenname lastname)(givenname lastname)etc... so an example: Suppose you are Snow White, with a frenchy touch, eDir Given Name: Blanche-Neige eDir Last Name: Disney and your GW address book is updated with it in first name/last name/name according eDir, Then if...

When loading gmail must always "reload" once unless using the secure loading site. When using the secure loading site loading takes four times as long. So I don't use the secure loading site, I just
Name: Dwight Metcalfe Email: dwmet1atgmaildotco Product: Firefox Summary: When loading gmail must always "reload" once unless using the secure loading site. When using the secure loading site loading takes four times as long. So I don't use the secure loading site, I just "reload" the other site once automatically just to save time. Hmmmmmmmm. Comments: Only been doing that about a month. Browser Details: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3 From URL: http://hendrix.mozilla.org/ Note to reade...

.Net 1.1 with .Net 2.0 virtual directory using AJAX "Sys undefined"
I'm having an issue running an AJAX app I built, I think I might know what the problem might be, but if so, I am not sure how to fix it. The main site is built with 1.1 and new application is 2.0.  I have the new application configured properly (as far as I can tell) in its own app pool, etc..  The app runs just fine (I have other 2.0 apps that run along side the main 1.1), but I am getting an error: "Sys undefined...."  I've checked to enusre the mappings for the .axd extension for this particular VD are pointing to the correct place as ...

"Please enter a different user name" error when the user name is unique
I am using a blank CreateUserWizard and am getting this error when using unique usernames that should work. In the configuration i checked and the user is actually being added, and can login after this but the error message shouldn't be there. Does anyone know what might be causing this? <asp:CreateUserWizard ID="CreateUserWizard1" runat="server"> <WizardSteps> <asp:CreateUserWizardStep ID="CreateUserWizardStep1" runat="server"> </asp:CreateUserWizardStep> <asp:CompleteWizardStep ID="CompleteWizardStep1" ...

Naming conventions
This may be off topic. Couldn't seem to find a good forum... The discussion where I am working regards naming objects in the tree, especially server objects. There are several schools of thought given: Server name = SalesServer Some possibilities are SalesServer Sales_Server Sales-Server... One concern is that the use of an underscore "_" in the name might possibly cause DNS issues and problems with Unix/Linux hosts (This is currently a Netware environment). As I understand it, Unix/Linux interprets the underscore character as a <Space> and depending...

Got a problem on "Using the Web Site Administration Tool" -- Unable to connect to SQL Server
Hi, I'm trying the tutorial for Visual Web Developer 2005 Express. I did everything like the tutorial told me, then I reach the step of "Using the Web Site Administration Tool". In the Administration Tool, it showed: ------------------------------------------------- Application:/Authors Current User Name:RADISHJDESKTOP\RADISHJ ---------------------------------------------------------- After I click the "Security" folder label, it showed: ---------------------------------------------------------- There is a problem with your selected data store. This can be caused by an invalid server name or...

Using "net user" to add local win2k user
Hi list, I'm trying via a nal object to add a user, as part of our antivirus package for workstations. I'm trying to create a user who never will expire with the syntax: net user username password /expires:never /add However, the "password never expires" tick never gets set, when viewing the user properties afterwards? Anybody got a soloution for this? Thanks On Tue, 27 Apr 2004 12:45:24 GMT, donk wrote: > However, the "password never expires" tick never gets set, when viewing the > user properties afterwards? so when you are doi...

Web resources about - How to show domain name and user name ("domainname/username") in ASP.NET Web Site Administration Tool while using active directory membership povider? - asp.net.security

Resources last updated: 12/25/2015 9:29:38 PM