ActiveDirectoryMembershipProvider without storing username and password?

K

Karl

Hello;

I am trying to create an ASP login page that authenticates against AD.

Is there any way to setup a connection string in web.config that does not
store a user name and password?

If I do this, it works great, but I need to modify the web.config every time
the password changes:

<providers>
<add connectionStringName="NorthAmericaConnectionString"
attributeMapUsername="sAMAccountName" enableSearchMethods="true"
name="NorthAmericaProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web,
Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionUsername="username" connectionPassword="mypass"/>
</providers>

As everyone who will be logging in is authorized to search AD, I don't see
why I cannot use the login information from the login form?

Does Microsoft really expect me to either use a non expiring password, or
change all my web.config files on password expiration?

Thanks

Karl
 
M

MikeS

If your shop requires you to use expiring passwords for services and
app pools and the rest how is that currently managed and can you fit
this in with that?

It looks like you can use machine$ or the app pool id instead.

How To: Use Membership in ASP.NET 2.0

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/PAGHT000022.asp

.... If you do not specify account credentials, your application's
process identity is used to access Active Directory, regardless of
whether your application uses impersonation....
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top