ASP.NET MVC:如何设置web.config中的LDAP身份验证?身份验证、如何设置、MVC、NET
我有一个工作的LDAP服务器使用这些参数:
I have a working LDAP Server with these parameters:
OU=users,OU=mydomain,O=this domain
LDAP://myhost:389
我成功使用的与通用LDAP客户端,像好亚雷克Gawor的LDAP浏览器/客户端,设置如下:
I successfully access with a generic ldap client, like the good Jarek Gawor's ldap browser/client with following settings:
OU=users,OU=mydomain,O=this domain
User info (append base DN):
uid=myid
password=mypwd
我试图以同样的与ASP.NET,得到总是错误错误的用户名或密码。 愿你帮我设置的web.config上述参数,请? 我做了很多尝试,比如改变connectionUsername,删除域名,将UID =本身份识别码,等等...
I tried to to the same with ASP.NET, getting always the error "wrong username or password". May you help me to setup web.config with above parameters, please? I did many tries, like changing connectionUsername, removing domainname, putting uid=myid, etc...
web.config中
<configuration>
<connectionStrings>
<add name="ADConnectionString" connectionString="LDAP://myhost:389"/>
....
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionProtection="None"
connectionUsername="MYDOMAIN\myid"
connectionPassword="mypwd"
attributeMapUsername="sAMAccountName"
enableSearchMethods="True" />
</providers>
</membership>
......
在此先感谢
推荐答案
我成功地得到它具有以下的的web.config 的设置工作。
I succeeded in getting it work with the following web.config setup.
有两个问题/错误:
1日)我没有指定容器内,所以我也跟着@凯文的提示:
1st) I did not specify the container, so I followed @Kevin's hints:
<configuration>
<connectionStrings>
<add name="ADConnectionString" connectionString="LDAP://myhost:389/O=this domain,CN=Users,DC=mydomain,DC=com"/>
....
我认为这是相关的CN,而 0 可以省略,但我不认为这是很重要的......
I think that was relevant the CN, while O could be omitted here, but I do not think this is very important...
2日)我把DN基础和用户名(格式的uid =)一起在 connectionUsername 参数:
2nd) I put the DN base and username (in the form uid=) together inside connectionUsername parameter:
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionProtection="None"
connectionUsername="uid=myid, O=this domain"
connectionPassword="mypwd"
attributeMapUsername="sAMAccountName"
enableSearchMethods="True" />
请注意,在我的情况,我需要投入的uid =本身份识别码。我不知道这可能是一个通用的解决方案;也许它关系到我公司的ADAS配置,我不知道。我希望这可以帮助一些你......请投票,如果你发现这个解决方案很有用,THX。
Please note, in my case I needed to put uid=myid. I do not know if this could be a general solution; perhaps it is related to ADAS configuration of my company, I do not know. I hope this can help some of you...please vote up if you find this solution useful, thx.
@Kevin:非常感谢你。你非常有帮助!
@Kevin: Thank you very much. You have been very helpful!
