基于身份验证使用AD ASP.NET MVC格式本地工作,但无法在服务器上(IIS7)身份验证、器上、格式、工作
我实现了一个基于表单的身份验证使用AD在ASP MVC 3应用程序下面我发现这里的方向ASP.NET MVC - 验证用户在Active Directory中,但需要用户名和密码,将其输入
I implemented a form based authentication that uses AD in an ASP MVC 3 application following the directions I found here ASP.NET MVC - Authenticate users against Active Directory, but require username and password to be inputted
我工作正常,当我运行使用ASP.NET开发服务器,但无法超越的登录页面后,输入我的凭据,并提供了以下错误:
I works fine when I run using the ASP.NET Development Server, but fails to go beyond the login page after I enter my credentials and gives the following error:
配置错误
说明:此请求提供服务所需的配置文件的处理过程中出现错误。请检查下面的特定错误详细信息并适当地修改配置文件。
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
分析器错误信息:时发生操作错误
源错误:
Line 37: <membership defaultProvider="MY_ADMembershipProvider">
Line 38: <providers>
Line 39: <add name="MY_ADMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider" connectionStringName="ADConnectionString" attributeMapUsername="sAMAccountName" />
Line 40: </providers>
Line 41: </membership>
任何帮助将是非常美联社preciated,在此先感谢。
Any help would be much appreciated, thanks in advance.
更新:
到目前为止,经过几个(1)调试的,我认为错误可能是由 System.Web.Security.ActiveDirectoryMembershipProvider 在web.xml中配置的到来,我加入系统名.web (其中的类中)作为参考,也使本地副本,但仍然,拉链...:(
UPDATE:
So far after a couple of debugs I think error might be coming from System.Web.Security.ActiveDirectoryMembershipProvider in the Web.xml config, I added System.Web (in which that class is found) as a reference and also to make a local copy but still, zip... :(
推荐答案
请确保你已经通过具有足够的权限来查询你的AD帐户的有效用户名和密码:
Make sure you have passed a valid username and password of an account that has sufficient privileges to query your AD:
<add
name="MY_ADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider"
connectionStringName="ADConnectionString"
attributeMapUsername="sAMAccountName"
connectionUsername="YOURDOMAIN\SomeAccount"
connectionPassword="secret"
/>
如果你不想这样做,你将不得不在你的IIS中配置应用程序池下有足够的权限来查询您的Active Directory的帐户下运行。默认情况下你的应用程序在其下有到AD不能访问本地网络服务帐户运行。
If you don't want to do that you will have to configure the Application Pool in your IIS to run under an account which has sufficient privileges to query your Active Directory. By default your application runs under a local NetworkService account which has no access to the AD.
