Azman with SQL Datastore does not work with LDAP Query Dynamic Gro



I have used Azman with Active Directory data store succesfully in my web
application as a Role Provider. I wanted to use the new features of Windows
Server 2008 version of Azman which can have a SQL Database as a data store.
But when I switched to this new Azman Store with SQL2008 database, the LDAP
Query groups won't return correct answer about membership of a role, which
was working fine in Active Directory Azman.

Here is connection strings of two different kind of Azman:
1) <add name="ConnectionStringAZMAN"
connectionString="msldap:// Apps,CN=Program
2) <add name="ConnectionStringAZMAN"
connectionString="mssql://Driver=SQL Server;Server=SQL2008;/AzMan/AzStore"/>

The following is the LDAP query filter to define a Dynamic Group named
"Inspectors" in Azman: (&(objectClass=user)(title=*Inspector*))
I tried this style too but the same:

This is the code part of checking membership in my web application:
if (System.Web.Security.Roles.IsUserInRole(str_userPrincipal,

This code was working fine (returns true for a user) with Azman of AD data
store but fails (returns false for the same user) in Azman of SQL. I guess
the new library code of MS which checks the membership drilling through
dynamic query group is not working properly but I am not sure. Could it be a
permission related issue? There was no error message but the IsUserInRole()
function returns wrong answer from Azman+SQL.

I am running out of idea stucking at this point. Please help me. Thank you.

Development Environment:
-Visual Studio 2008 in XP with the latest service pack
-The DC with Active Directory is Windows Server 2008 R2
-I tested the same web application with SQL Azman in VS2010 installed in a
Windows Server 2008 R2 because XP wouldn't support the new function of SQL
-SQL Server for Azman is SQL 2008 (not R2)




I have found the solution. I said I copied my web application project to a
Windows Server 2008 machine (we don't have Vista or 7 machine) and installed
VS2010 to test run in it because my XP development machine can't run the new
Azman feature with SQL store.

In the VS2010 of Windows Server 2008 R2 (connected by rdp), when I removed
the System.Web from References entries and added again, the web application
started working again. I mean the IsUserInRole() function returned 'true' for
the user drilling correctly into LDAP query group definition. FYI,
'PaintLog_Inspector' role had a member of a dynamic group, which queries all
AD users who has the word 'inspector' in their title attribute.

I guess the cause of the problem was that my VS project was maintaining XP
binaries of [System.Web] (more specifically
System.Web.Security.AuthorizationStoreRoleProvider) when moved to Windows
Server 2008 R2 machine, which includes Azman related code. By refreshing the
Reference list, VS2010 must have reloaded the right binary from the new
Windows Server 2008 R2 machine.

Just hoping anybody out there who may experience the similar problem...
Happy coding.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question