Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Asp.Net Forms authentication using Active Directory

Reply
Thread Tools

Asp.Net Forms authentication using Active Directory

 
 
Egbert
Guest
Posts: n/a
 
      11-03-2004
Hi.

I am using forms authentication in ASP.Net against Active Directory.

I have followed the example provided by Microsoft. Here is my problem.

Standard practise for AD Administrators is to flag the account to change the
password when he logs in. Also that passwords expire after 30 days.

If any of these conditions are true the sample code from MS simply returns
the error message: "Bad username or password". This happens the second the
code tries to bind to AD. It does not tell me that the user has to change his
password or that his password has expired but simple that it is a "Bad
username or password".

Has anyone come accross this or have any ideas.

*Ps I did not implement the portion of code where they create a generic
pricipal object etc as I do not need any other info from AD other than
checking the username or password. Could this have anything to do with the
problem?

--
Regards

Egbert
 
Reply With Quote
 
 
 
 
Joe Kaplan \(MVP - ADSI\)
Guest
Posts: n/a
 
      11-03-2004
If the user needs to change password at next logon, you can't use a simple
LDAP bind to authenticate them, nor can you do the password change via LDAP.
They need to log on to Windows first to do this.

This is one of the many downsides of using LDAP to authenticate users. It
does work in some situations, but you don't get the full Windows
integration.

Joe K.

"Egbert" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi.
>
> I am using forms authentication in ASP.Net against Active Directory.
>
> I have followed the example provided by Microsoft. Here is my problem.
>
> Standard practise for AD Administrators is to flag the account to change
> the
> password when he logs in. Also that passwords expire after 30 days.
>
> If any of these conditions are true the sample code from MS simply returns
> the error message: "Bad username or password". This happens the second the
> code tries to bind to AD. It does not tell me that the user has to change
> his
> password or that his password has expired but simple that it is a "Bad
> username or password".
>
> Has anyone come accross this or have any ideas.
>
> *Ps I did not implement the portion of code where they create a generic
> pricipal object etc as I do not need any other info from AD other than
> checking the username or password. Could this have anything to do with the
> problem?
>
> --
> Regards
>
> Egbert



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Best practices for using forms authentication and security in a hosted env (was: Re: Using a Forms authentication in a shared hosting environment) JEFF ASP .Net 1 11-12-2007 07:00 PM
Asp.Net Forms authentication using Active Directory =?Utf-8?B?RWdiZXJ0?= ASP .Net 0 11-03-2004 11:49 AM
Forms Authentication with Active Directory using vb.net PLam ASP .Net Security 2 04-09-2004 01:53 PM
Problems when authenticating against the Active Directory using Forms Authentication and Visual Basic .NET Paul East ASP .Net Security 3 03-02-2004 12:08 AM
Username not logged in IIS when using forms authentication with Active Directory ThaYoung1! ASP .Net Security 0 08-07-2003 12:46 PM



Advertisments