Windows authentication with ActiveDirectoryMembershipProvider

0
votes

I have an issue with my website authentication.

I'm building an website that needs to use the same single sign on as an intranet site.

My idea was to use windows authentication on the website to get the user credentials and then use LDAP to authenticate them against our client's Domain controller. The website in question is hosted on a server outside the client's domain. I've tried using the ActiveDirectoryMembershipProvider but i cannot get it to work with integrated authentication.

My issue is that my i cannot get windows authentication to use LDAP as a membership provider. At the moment, windows authentication gets the user credentials, tries to authenticate them against users on the computer and fails as the web server is not on the domain. I want to get the credentials and send them using LDAP to a domain controller that will authenticate them.

Is there a way i can do integrated authentication using and LDAP connection for authentication?

1
asp.netiisldapwindows-authentication
When you are running Solution Local , Is it working fine with Windows Authentication?RL89
Yeah, windows authentication on the intranet works fine. The issue isn't getting the windows authentication to work, it's getting the windows authentication to validate it's credentials using the ActiveDirectoryMembershipProvider and a specified LDAP server rather than just going off and checking against its standard user list.zeocrash
What is the issue den?...Do you want to know how you can communicate with Active Directory Server using LDAP Connection?RL89
Yeah, i've set the active directory membership provider as the default membership provider, i've put in the address of our servers. Yet no data is sent to the domain controller of any sort.zeocrash
Your Machine on which you are testing should must be on your domain to which AD you are communicating..I have also provided the Answer how can you Make connection using PrincipalContextRL89

1 Answers

2
votes

Updated

If your website is Hosted on the Server outside the Client's Domain then you can not get the User Authenticated.

Because when you send the Credential to the Hosted Server there is a Location object in the Domain Server, and it will try to find that specified User first locally where you have hosted your website and then to the Doamin Server that have been specified in location(though we can also set the priority)

If it doesn't found any user locally then

After that it will Send request to the Domain Server with those Credentials.

In your case First it will not found that Domain Server name in the location object to which you want it to communicate with.

For ex:

 PrincipalContext pr = new PrincipalContext(ContextType.Domain, "corp.local", "dc=corp,dc=local", username, password);

Here Corp.Local is the Domain name which is in my Location object and Username and Password of that user which have administrative rights for Edit/Update/Delete any user in Domain server.

So the whole process goes again and when the specified Domain Server is found in the Location object then it will make communication with that Domain and generate a TOKEN

The Only Solution for your case is that you need to replicate all your user from Client Server to your Domain Server or else you need to make TRUST between two domain servers.

Hope this is what you are looking for.!!