Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Forms Authentication with Active Directory

Reply
Thread Tools

Forms Authentication with Active Directory

 
 
BigSam
Guest
Posts: n/a
 
      08-31-2007
I have a number of remote users that connect to the domain through a VPN
device. I need a simple process for them to be able to change their passwords
- some of them only have http bookmarks. The VPN is configured to
authenticate users with the Active Directory.
I found this article: http://msdn2.microsoft.com/en-us/library/ms998360.aspx
& followed along - I can do a little hacking, but I'm primarily a system/db
admin.

I can run the web page in the designer & it works fine, however, when I
attempt to run it on the server, from another server in the domain, or from a
bookmark on the VPN, I get an web.config configuration error, & the following
line is highlighted:

<authentication mode="Forms">

I don't understand what's wrong. Is the web.config file case sensitive? Do
the entries need to be in a specific order?

If it will help, here is my entire web.config:
<?xml version="1.0"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
\Windows\Microsoft.Net\Framework\v2.x\Config
-->
<configuration>
<appSettings/>
<connectionStrings>
<add
connectionString="LDAP://MyDomain.local/CN=Users,DC=MyDomain,DC=local"
name="ADConnectionString"/>
</connectionStrings>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="true"/>
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Forms">
<forms
name=".ADAuthCookie"
timeout="10" />
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
<membership defaultProvider="MyADMembershipProvider">
<providers>
<add
name="MyADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershi pProvider,
System.Web, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
attributeMapUsername="sAMAccountName"
connectionStringName="ADConnectionString"
connectionUsername="MyDomain\AdminUser"
connectionPassword="LotsaLuck99$"/>
</providers>
</membership>
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.

<customErrors mode="RemoteOnly"
defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
</system.web>
</configuration>

Thanks in advance





 
Reply With Quote
 
 
 
 
Dominick Baier
Guest
Posts: n/a
 
      09-01-2007
which error.....?


-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

> I have a number of remote users that connect to the domain through a
> VPN device. I need a simple process for them to be able to change
> their passwords - some of them only have http bookmarks. The VPN is
> configured to authenticate users with the Active Directory. I found
> this article: http://msdn2.microsoft.com/en-us/library/ms998360.aspx &
> followed along - I can do a little hacking, but I'm primarily a
> system/db admin.
>
> I can run the web page in the designer & it works fine, however, when
> I attempt to run it on the server, from another server in the domain,
> or from a bookmark on the VPN, I get an web.config configuration
> error, & the following line is highlighted:
>
> <authentication mode="Forms">
>
> I don't understand what's wrong. Is the web.config file case
> sensitive? Do the entries need to be in a specific order?
>
> If it will help, here is my entire web.config:
> <?xml version="1.0"?>
> <!--
> Note: As an alternative to hand editing this file you can use the
> web admin tool to configure settings for your application. Use
> the Website->Asp.Net Configuration option in Visual Studio.
> A full list of settings and comments can be found in
> machine.config.comments usually located in
> \Windows\Microsoft.Net\Framework\v2.x\Config
> -->
> <configuration>
> <appSettings/>
> <connectionStrings>
> <add
> connectionString="LDAP://MyDomain.local/CN=Users,DC=MyDomain,DC=local"
> name="ADConnectionString"/>
> </connectionStrings>
> <system.web>
> <!--
> Set compilation debug="true" to insert debugging
> symbols into the compiled page. Because this
> affects performance, set this value to true only
> during development.
> -->
> <compilation debug="true"/>
> <!--
> The <authentication> section enables configuration
> of the security authentication mode used by
> ASP.NET to identify an incoming user.
> -->
> <authentication mode="Forms">
> <forms
> name=".ADAuthCookie"
> timeout="10" />
> </authentication>
> <authorization>
> <deny users="?" />
> <allow users="*" />
> </authorization>
> <membership defaultProvider="MyADMembershipProvider">
> <providers>
> <add
> name="MyADMembershipProvider"
>
> type="System.Web.Security.ActiveDirectoryMembershi pProvider,
> System.Web, Version=2.0.0.0,
> Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
> attributeMapUsername="sAMAccountName"
> connectionStringName="ADConnectionString"
> connectionUsername="MyDomain\AdminUser"
> connectionPassword="LotsaLuck99$"/>
> </providers>
> </membership>
> <!--
> The <customErrors> section enables configuration
> of what to do if/when an unhandled error occurs
> during the execution of a request. Specifically,
> it enables developers to configure html error pages
> to be displayed in place of a error stack trace.
> <customErrors mode="RemoteOnly"
> defaultRedirect="GenericErrorPage.htm">
> <error statusCode="403" redirect="NoAccess.htm" />
> <error statusCode="404" redirect="FileNotFound.htm" />
> </customErrors>
> -->
> </system.web>
> </configuration>
> Thanks in advance
>



 
Reply With Quote
 
 
 
 
BigSam
Guest
Posts: n/a
 
      09-01-2007
web.config configuration error <authentication mode="Forms">

"Dominick Baier" wrote:

> which error.....?
>
>
> -----
> Dominick Baier (http://www.leastprivilege.com)
>
> Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
>
> > I have a number of remote users that connect to the domain through a
> > VPN device. I need a simple process for them to be able to change
> > their passwords - some of them only have http bookmarks. The VPN is
> > configured to authenticate users with the Active Directory. I found
> > this article: http://msdn2.microsoft.com/en-us/library/ms998360.aspx &
> > followed along - I can do a little hacking, but I'm primarily a
> > system/db admin.
> >
> > I can run the web page in the designer & it works fine, however, when
> > I attempt to run it on the server, from another server in the domain,
> > or from a bookmark on the VPN, I get an web.config configuration
> > error, & the following line is highlighted:
> >
> > <authentication mode="Forms">
> >
> > I don't understand what's wrong. Is the web.config file case
> > sensitive? Do the entries need to be in a specific order?
> >
> > If it will help, here is my entire web.config:
> > <?xml version="1.0"?>
> > <!--
> > Note: As an alternative to hand editing this file you can use the
> > web admin tool to configure settings for your application. Use
> > the Website->Asp.Net Configuration option in Visual Studio.
> > A full list of settings and comments can be found in
> > machine.config.comments usually located in
> > \Windows\Microsoft.Net\Framework\v2.x\Config
> > -->
> > <configuration>
> > <appSettings/>
> > <connectionStrings>
> > <add
> > connectionString="LDAP://MyDomain.local/CN=Users,DC=MyDomain,DC=local"
> > name="ADConnectionString"/>
> > </connectionStrings>
> > <system.web>
> > <!--
> > Set compilation debug="true" to insert debugging
> > symbols into the compiled page. Because this
> > affects performance, set this value to true only
> > during development.
> > -->
> > <compilation debug="true"/>
> > <!--
> > The <authentication> section enables configuration
> > of the security authentication mode used by
> > ASP.NET to identify an incoming user.
> > -->
> > <authentication mode="Forms">
> > <forms
> > name=".ADAuthCookie"
> > timeout="10" />
> > </authentication>
> > <authorization>
> > <deny users="?" />
> > <allow users="*" />
> > </authorization>
> > <membership defaultProvider="MyADMembershipProvider">
> > <providers>
> > <add
> > name="MyADMembershipProvider"
> >
> > type="System.Web.Security.ActiveDirectoryMembershi pProvider,
> > System.Web, Version=2.0.0.0,
> > Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
> > attributeMapUsername="sAMAccountName"
> > connectionStringName="ADConnectionString"
> > connectionUsername="MyDomain\AdminUser"
> > connectionPassword="LotsaLuck99$"/>
> > </providers>
> > </membership>
> > <!--
> > The <customErrors> section enables configuration
> > of what to do if/when an unhandled error occurs
> > during the execution of a request. Specifically,
> > it enables developers to configure html error pages
> > to be displayed in place of a error stack trace.
> > <customErrors mode="RemoteOnly"
> > defaultRedirect="GenericErrorPage.htm">
> > <error statusCode="403" redirect="NoAccess.htm" />
> > <error statusCode="404" redirect="FileNotFound.htm" />
> > </customErrors>
> > -->
> > </system.web>
> > </configuration>
> > Thanks in advance
> >

>
>
>

 
Reply With Quote
 
BigSam
Guest
Posts: n/a
 
      09-03-2007
Silly me - I forgot to set the Application Name in IIS Manager.

"BigSam" wrote:

> web.config configuration error <authentication mode="Forms">
>
> "Dominick Baier" wrote:
>
> > which error.....?
> >
> >
> > -----
> > Dominick Baier (http://www.leastprivilege.com)
> >
> > Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
> >
> > > I have a number of remote users that connect to the domain through a
> > > VPN device. I need a simple process for them to be able to change
> > > their passwords - some of them only have http bookmarks. The VPN is
> > > configured to authenticate users with the Active Directory. I found
> > > this article: http://msdn2.microsoft.com/en-us/library/ms998360.aspx &
> > > followed along - I can do a little hacking, but I'm primarily a
> > > system/db admin.
> > >
> > > I can run the web page in the designer & it works fine, however, when
> > > I attempt to run it on the server, from another server in the domain,
> > > or from a bookmark on the VPN, I get an web.config configuration
> > > error, & the following line is highlighted:
> > >
> > > <authentication mode="Forms">
> > >
> > > I don't understand what's wrong. Is the web.config file case
> > > sensitive? Do the entries need to be in a specific order?
> > >
> > > If it will help, here is my entire web.config:
> > > <?xml version="1.0"?>
> > > <!--
> > > Note: As an alternative to hand editing this file you can use the
> > > web admin tool to configure settings for your application. Use
> > > the Website->Asp.Net Configuration option in Visual Studio.
> > > A full list of settings and comments can be found in
> > > machine.config.comments usually located in
> > > \Windows\Microsoft.Net\Framework\v2.x\Config
> > > -->
> > > <configuration>
> > > <appSettings/>
> > > <connectionStrings>
> > > <add
> > > connectionString="LDAP://MyDomain.local/CN=Users,DC=MyDomain,DC=local"
> > > name="ADConnectionString"/>
> > > </connectionStrings>
> > > <system.web>
> > > <!--
> > > Set compilation debug="true" to insert debugging
> > > symbols into the compiled page. Because this
> > > affects performance, set this value to true only
> > > during development.
> > > -->
> > > <compilation debug="true"/>
> > > <!--
> > > The <authentication> section enables configuration
> > > of the security authentication mode used by
> > > ASP.NET to identify an incoming user.
> > > -->
> > > <authentication mode="Forms">
> > > <forms
> > > name=".ADAuthCookie"
> > > timeout="10" />
> > > </authentication>
> > > <authorization>
> > > <deny users="?" />
> > > <allow users="*" />
> > > </authorization>
> > > <membership defaultProvider="MyADMembershipProvider">
> > > <providers>
> > > <add
> > > name="MyADMembershipProvider"
> > >
> > > type="System.Web.Security.ActiveDirectoryMembershi pProvider,
> > > System.Web, Version=2.0.0.0,
> > > Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
> > > attributeMapUsername="sAMAccountName"
> > > connectionStringName="ADConnectionString"
> > > connectionUsername="MyDomain\AdminUser"
> > > connectionPassword="LotsaLuck99$"/>
> > > </providers>
> > > </membership>
> > > <!--
> > > The <customErrors> section enables configuration
> > > of what to do if/when an unhandled error occurs
> > > during the execution of a request. Specifically,
> > > it enables developers to configure html error pages
> > > to be displayed in place of a error stack trace.
> > > <customErrors mode="RemoteOnly"
> > > defaultRedirect="GenericErrorPage.htm">
> > > <error statusCode="403" redirect="NoAccess.htm" />
> > > <error statusCode="404" redirect="FileNotFound.htm" />
> > > </customErrors>
> > > -->
> > > </system.web>
> > > </configuration>
> > > Thanks in advance
> > >

> >
> >
> >

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Forms Authentication with Active Directory LDAP Problem Tdar ASP .Net 2 10-11-2005 08:52 PM
Asp.Net Forms authentication using Active Directory =?Utf-8?B?RWdiZXJ0?= ASP .Net 0 11-03-2004 11:49 AM
Forms Authentication and Active Directory - Steve - ASP .Net 7 06-04-2004 09:32 PM
Forms Authentication +Active Directory +Roles Marty Underwood ASP .Net 4 10-30-2003 01:54 AM
Impersonation failure with Index Server and Forms Authentication with Active Directory techfuzz ASP .Net 1 08-12-2003 05:54 AM



Advertisments