ActiveDirectoryMembershipProvider without storing username and password?

Discussion in 'ASP .Net Security' started by Karl, Aug 23, 2006.

  1. Karl

    Karl Guest

    Hello;

    I am trying to create an ASP login page that authenticates against AD.

    Is there any way to setup a connection string in web.config that does not
    store a user name and password?

    If I do this, it works great, but I need to modify the web.config every time
    the password changes:

    <providers>
    <add connectionStringName="NorthAmericaConnectionString"
    attributeMapUsername="sAMAccountName" enableSearchMethods="true"
    name="NorthAmericaProvider"
    type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web,
    Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
    connectionUsername="username" connectionPassword="mypass"/>
    </providers>

    As everyone who will be logging in is authorized to search AD, I don't see
    why I cannot use the login information from the login form?

    Does Microsoft really expect me to either use a non expiring password, or
    change all my web.config files on password expiration?

    Thanks

    Karl
    Karl, Aug 23, 2006
    #1
    1. Advertising

  2. Karl

    MikeS Guest

    If your shop requires you to use expiring passwords for services and
    app pools and the rest how is that currently managed and can you fit
    this in with that?

    It looks like you can use machine$ or the app pool id instead.

    How To: Use Membership in ASP.NET 2.0

    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/PAGHT000022.asp

    .... If you do not specify account credentials, your application's
    process identity is used to access Active Directory, regardless of
    whether your application uses impersonation....
    MikeS, Aug 25, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. AAaron123
    Replies:
    2
    Views:
    2,132
    AAaron123
    Jan 16, 2009
  2. AAaron123
    Replies:
    1
    Views:
    1,331
    Oriane
    Jan 16, 2009
  3. Steve Kallal
    Replies:
    9
    Views:
    181
    Joe Kaplan \(MVP - ADSI\)
    Jun 9, 2005
  4. David Thielen

    user/password for ActiveDirectoryMembershipProvider

    David Thielen, Mar 7, 2006, in forum: ASP .Net Security
    Replies:
    4
    Views:
    169
    Luke Zhang [MSFT]
    Mar 13, 2006
  5. J
    Replies:
    1
    Views:
    539
    Joe Kaplan
    Jul 5, 2007
Loading...

Share This Page