问题描述
我有一个使用这些参数的 LDAP 服务器:
I have a working LDAP Server with these parameters:
OU=users,OU=mydomain,O=this domain
LDAP://myhost:389
我成功使用通用 ldap 客户端访问,例如 Jarek Gawor 的 ldap 浏览器/客户端,具有以下设置:
I successfully access with a generic ldap client, like the good Jarek Gawor's ldap browser/client with following settings:
OU=users,OU=mydomain,O=this domain
User info (append base DN):
uid=myid
password=mypwd
我尝试使用 ASP.NET 进行相同的操作,但总是收到错误用户名或密码错误".你能帮我用上面的参数设置web.config吗?我做了很多尝试,比如更改连接用户名、删除域名、设置 uid=myid 等...
I tried to to the same with ASP.NET, getting always the error "wrong username or password". May you help me to setup web.config with above parameters, please? I did many tries, like changing connectionUsername, removing domainname, putting uid=myid, etc...
web.config
<configuration>
<connectionStrings>
<add name="ADConnectionString" connectionString="LDAP://myhost:389"/>
....
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionProtection="None"
connectionUsername="MYDOMAINmyid"
connectionPassword="mypwd"
attributeMapUsername="sAMAccountName"
enableSearchMethods="True" />
</providers>
</membership>
......
提前致谢
推荐答案
我成功地使用了以下 web.config 设置.
I succeeded in getting it work with the following web.config setup.
有两个问题/错误:
1st)我没有指定容器,所以我按照@Kevin的提示:
1st) I did not specify the container, so I followed @Kevin's hints:
<configuration>
<connectionStrings>
<add name="ADConnectionString" connectionString="LDAP://myhost:389/O=this domain,CN=Users,DC=mydomain,DC=com"/>
....
我认为这与 CN 相关,而 O 可以在这里省略,但我认为这不是很重要...
I think that was relevant the CN, while O could be omitted here, but I do not think this is very important...
2nd)我将 DN 基础和用户名(以 uid= 形式)放在 connectionUsername 参数中:
2nd) I put the DN base and username (in the form uid=) together inside connectionUsername parameter:
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionProtection="None"
connectionUsername="uid=myid, O=this domain"
connectionPassword="mypwd"
attributeMapUsername="sAMAccountName"
enableSearchMethods="True" />
请注意,在我的情况下,我需要输入 uid=myid.我不知道这是否是一个通用的解决方案;可能和我公司的ADAS配置有关,我不知道.我希望这可以帮助你们中的一些人......如果你觉得这个解决方案有用,请投票,谢谢.
Please note, in my case I needed to put uid=myid. I do not know if this could be a general solution; perhaps it is related to ADAS configuration of my company, I do not know. I hope this can help some of you...please vote up if you find this solution useful, thx.
@Kevin:非常感谢.你帮了大忙!
@Kevin: Thank you very much. You have been very helpful!
这篇关于ASP.NET MVC:如何为 LDAP 身份验证设置 web.config?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!