Asking again Can't get AspNetActiveDirectoryMembershipProvider to

[David Thielen]

Note: complete Web.Config below

When I use AspNetSqlMembershipProvider everything works fine. But when I try
AspNetActiveDirectoryMembershipProvider I get "The specified connection
string does not represent a valid LDAP adspath.".

I can run ldp.exe on the same computer. do Connect, Connect, enter
picard.windward.local and click OK and it connects and gives me back a bunch
of LDAP info.

I ran .NET Framework 2.0 Configuration and for My_Computer_Zone Code Group
it says:
Description:
Code group grants full trust to all code originating on the local computer

Assembly evidence must match this membership condition to belong to the code
group: Zone: MyComputer.

Assemblies matching the membership condition are granted this permission set
at the current policy level: FullTrust.

Permission Set Description:
Allows full access to all resources

so I don't see how permissions can be a problem.

I've run under IIS and the local VS 2005 webserver - same problem with each.

I've tried with and without the <forms> node in Web.Config - same error.

My server is Windows 2003 Small Business Server and is a domain server.

What is going wrong?

Web.Config:
<?xml version="1.0"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<appSettings/>

<connectionStrings>
<add name="WindwardSqlServer"
connectionString="SERVER=.;DATABASE=northwind;UID=sa;Password=mmouse;" />
<add name="ADService" connectionString="LDAP://picard.windward.local/" />
<add name="WindwardPortal" connectionString="Data Source=BELLE;Initial
Catalog=WindwardPortal;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>

<system.web>

<roleManager enabled="true"/>
<compilation debug="true">
<assemblies>
<add assembly="System.Security, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=B03F5F7F11D50A3A"/>
</assemblies>
</compilation>

<pages theme="SmokeAndGlass"/>

<!-- this works!
<authentication mode="Forms">
<forms loginUrl="login.aspx">
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
<membership defaultProvider="AspNetSqlMembershipProvider"/>
-->

<authentication mode="Forms">
<!-- tried with and without this
<forms name=".ADAuthCookie" loginUrl="login.aspx">
</forms>
-->
</authentication>
<authorization>
<deny users="?"/>
</authorization>
<membership defaultProvider="AspNetActiveDirectoryMembershipProvider">
<providers>
<add name="AspNetActiveDirectoryMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADService"
/>
</providers>
</membership>

</system.web>
</configuration>

 

[Luke Zhang [MSFT]]

Hello,

If we perform such a test: create a new application pool, specify a domain
admin account as the identity of the new application pool, and then make
your ASP.NET application run in this application pool, will this help.

BTW, please notice messages you post, from the following section:

<add name="AspNetActiveDirectoryMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADService" />

It seems you use a connection named "ADService" , but I never found one in
the <connectionStrings> section. (there is only one named
"WindwardSqlServer" )

Correct information may help us better understand the problem.

Thanks,

Luke Zhang
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 

[David Thielen]

Hi;

How do I do what you requested - I have a lot of experience with .NET
windows apps, etc but very little with ASP.NET. So I know what an application
pool is, but not how to create a new one in ASP.NET.

On the ADService issue, it is there:
<add name="ADService" connectionString="LDAP://picard.windward.local/" />

 

[David Thielen]

And now it's working - here is the part I changed:

<authentication mode="Forms">
<forms name=".ADAuthCookie" loginUrl="login.aspx">
</forms>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
<membership defaultProvider="MyProvider">
<providers>
<clear/>
<add name="MyProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADService"
/>
</providers>
</membership>

 

[Luke Zhang [MSFT]]

Thank you for update. It seems you only change the provider's name, and
this make it works.

Luke Zhang
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 

[David Thielen]

Right but that leads to two questions:

1) Why does that make a difference?

2) Why did the error messages not address this?

Could you please find out? I like to know why things break so I make sure
that there are not other problems.

 

[Luke Zhang [MSFT]]

If you change it back to "AspNetActiveDirectoryMembershipProvider" ( notice
these are two places we need to change in the config file), can you
reproduce the problem again?

Luke Zhang
Microsoft Online Community Support

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 

[David Thielen]

Still works - no idea why it works now and didn't before. I tried removing
the <clear/> too - still worked.

New problem with IsInRole - started a new post for that.

 

[Luke Zhang [MSFT]]

Maybe the problem was fixed by changes from somewhere else, not the
provider name.

Luke Zhang
Microsoft Online Community Support

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)