Asp.Net Forms authentication using Active Directory

Discussion in 'ASP .Net Security' started by Egbert, Nov 3, 2004.

  1. Egbert

    Egbert Guest

    Hi.

    I am using forms authentication in ASP.Net against Active Directory.

    I have followed the example provided by Microsoft. Here is my problem.

    Standard practise for AD Administrators is to flag the account to change the
    password when he logs in. Also that passwords expire after 30 days.

    If any of these conditions are true the sample code from MS simply returns
    the error message: "Bad username or password". This happens the second the
    code tries to bind to AD. It does not tell me that the user has to change his
    password or that his password has expired but simple that it is a "Bad
    username or password".

    Has anyone come accross this or have any ideas.

    *Ps I did not implement the portion of code where they create a generic
    pricipal object etc as I do not need any other info from AD other than
    checking the username or password. Could this have anything to do with the
    problem?

    --
    Regards

    Egbert
     
    Egbert, Nov 3, 2004
    #1
    1. Advertising

  2. If the user needs to change password at next logon, you can't use a simple
    LDAP bind to authenticate them, nor can you do the password change via LDAP.
    They need to log on to Windows first to do this.

    This is one of the many downsides of using LDAP to authenticate users. It
    does work in some situations, but you don't get the full Windows
    integration.

    Joe K.

    "Egbert" <> wrote in message
    news:...
    > Hi.
    >
    > I am using forms authentication in ASP.Net against Active Directory.
    >
    > I have followed the example provided by Microsoft. Here is my problem.
    >
    > Standard practise for AD Administrators is to flag the account to change
    > the
    > password when he logs in. Also that passwords expire after 30 days.
    >
    > If any of these conditions are true the sample code from MS simply returns
    > the error message: "Bad username or password". This happens the second the
    > code tries to bind to AD. It does not tell me that the user has to change
    > his
    > password or that his password has expired but simple that it is a "Bad
    > username or password".
    >
    > Has anyone come accross this or have any ideas.
    >
    > *Ps I did not implement the portion of code where they create a generic
    > pricipal object etc as I do not need any other info from AD other than
    > checking the username or password. Could this have anything to do with the
    > problem?
    >
    > --
    > Regards
    >
    > Egbert
     
    Joe Kaplan \(MVP - ADSI\), Nov 3, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?RWdiZXJ0?=

    Asp.Net Forms authentication using Active Directory

    =?Utf-8?B?RWdiZXJ0?=, Nov 3, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    546
    =?Utf-8?B?RWdiZXJ0?=
    Nov 3, 2004
  2. ThaYoung1!
    Replies:
    0
    Views:
    176
    ThaYoung1!
    Aug 7, 2003
  3. Paul East
    Replies:
    3
    Views:
    310
    Beginner
    Mar 2, 2004
  4. PLam
    Replies:
    2
    Views:
    292
  5. Deepak Mehta
    Replies:
    0
    Views:
    160
    Deepak Mehta
    Oct 5, 2004
Loading...

Share This Page