In my setup, I will have two public facing servers in a DMZ, and one internal server inside our network. Our staff should be able to authenticate against each. The DMZ servers are not in the domain. They will use the ActiveDirectoryMembershipProvider.
Ideally, internally we would like to have "pass through authentication" on the internal box... no extra login if the user is in IE. This is what the organization is "used to" on our existing intranet. My plan was to use WindowsMembershipProvider on this machine.
The issue I'm seeing is that the ActiveDirectoryMembershipProvider using sAMAccountName returns the username as Username, while the WindowsMembershipProvider returns the username as Domain\Username.
The end result is that EPiServer sees the same user as *two different users* depending on the membership provider used. They are logged to the database as both "Username" and "Domain/Username".
Any suggestions on how to get around this?
I should mention that the deletePrefix="DOMAIN\" only seems to delete prefixes from the groups (based on experimentation). The username still comes across as "DOMAIN\USERNAME".
Also, the deletePrefix doesn't seem to work *at all* when the WindowsMembershipProvider is called via the EPiServerCommonMembershipProvider.
Did you find a solution to this problem? I would also like to have the users without prefix.
If you need to modify the values returned by one of the providers maybe a wrapper like what is described here could help?
Hakan is correct, I ended up using my own derived versions of ActiveDirectoryMembershipProvider, ActiveDirectoryRoleProvider, and WindowsRoleProvider so that I could make them all behave the same.