Home/ Questions/Q 7949581
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-04T02:02:23+00:00

I’m trying to allow users to login with either forms authentication or their AD

  • 0

I’m trying to allow users to login with either forms authentication or their AD account but having some problems. I’m logged into an AD accountno,w but Page.User.Identity.Name is blank. I have this in my web.config:

<connectionStrings>
    <add name="ADConnectionString" connectionString="LDAP://full.domain.address:389/DC=mydomain,DC=blah,DC=uk"/>
    <add name="myapp" connectionString="Data Source=myserver;Initial Catalog=myapp;User ID=myapp;Password=myapp" providerName="System.Data.SqlClient"/>
  </connectionStrings>
  <system.web>
    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login.aspx" timeout="129600" name="CookieMonster" protection="All" slidingExpiration="true" cookieless="UseCookies"/>
    </authentication>
    <membership defaultProvider="ADMembershipProvider">
      <providers>
        <clear/>
        <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" 
             connectionStringName="myapp" enablePasswordRetrieval="false" enablePasswordReset="true" 
             requiresQuestionAndAnswer="false" requiresUniqueEmail="false" 
             maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" 
             passwordAttemptWindow="10" applicationName="/"/>
        <add name="ADMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
             connectionStringName="ADConnectionString"/>
      </providers>
    </membership>
    <profile>
      <providers>
        <clear/>
        <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="myapp" applicationName="/"/>
      </providers>
    </profile>

Do I need to do something else to get this to work? I’ve tried logging in with my domain account and domain\myaccount to no avail.

When I try var u = Membership.GetUser("mydomain\\myuser"); I get an error: Usernames must not contain ‘\’ when mapped to ‘userPrincipalName’.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    AD userPrincipalName might be something like user@full.domain.address. Try using the sAMAccountName value for the attributeMapUsername:

    <add name="ADMembershipProvider" 
  type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
  connectionStringName="ADConnectionString"
  attributeMapUsername="sAMAccountName"/>

    If you are unable to connect, you may need to add connectionUsername and connectionUserPassword attributes (check the MSDN documentation).

    • 0