Configuration error using the ActiveDirectoryMembershipProvider

Vote:
 
Hi! Tried to use the ActiveDirectoryMembershipProvider by going through the steps in the TechNote http://www.episerver.com/en/EPiServer_Knowledge_Center/Documentation/TechNotes/CMS-Tech-Notes/Using-the-Authorization-Manager-for-Handling-Roles-in-EPiServer/ Made the following configuration in the web.config-file: ... and the connection strings: When I run this I get the following problem: Server Error in '/' Application. -------------------------------------------------------------------------------- Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: Unable to establish secure connection with the server Source Error: Line 297: passwordStrengthRegularExpression="" name="SqlServerMembershipProvider" Line 298: type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> Line 299: Line 300: Line 301: Source File: C:\Inetpub\TestDemo\web.config Line: 299 -------------------------------------------------------------------------------- Version Information: Microsoft .NET Framework Version:2.0.50727.832; ASP.NET Version:2.0.50727.832 Tried reaching the AD using a LDAP Browser and I can connect with the given username and password, though the server error shown above occurs. Is this a Rights issue? A web.config configuration issue? or what? Any comments would be much appreciated! Regards, Jonas
#15837
Mar 25, 2008 19:07
Vote:
 
Hello, Try using the pre-Windows 2000 domain name for the connectionUsername attribute (it should probably be OUDOMAIN\test rather than oudomain.se\test. If it still does not work you could try adding the attribute connectionProtection="None" - not recommended for production use but useful for debugging. However from your description it seems as if your web server is not a member of the AD domain. Is this correct? If yes, then you will not be able to get the AzMan role provider to work. For some reason the AzMan provider has no provision for entering username/password credentials, but will attempt to connect to the designated server with the running process identity, i e the ASPNET account. It is outlined in the technote that you are referring to, although it takes careful reading not to miss any of the small, but important details. The good news is that we are working on an Active Directory role provider that complements the ActiveDirectory membership provider in the .NET Framework. it is about to go into testing as I type this. No, I cannot say when it will be available ("When it's done", which is hopefully soon) nor how it will be shipped. Rgds, Magnus Stråle
#16458
Mar 25, 2008 19:09
Vote:
 
The webserver is in the domain. When I added connectionProtection="None" I got another error Configuration Error Logon failure: unknown user name or bad password Is this error indicating that we can't bind to the AD server or that the username or password I try to login to EPiServer with is not allowed(because the connection to AzMan dosent't work or something else) Regards, Jonas
#16459
Mar 25, 2008 19:09
Vote:
 
Try creating a new app pool for your web app with an identity from AD. Add the identity to the IIS_WPG on the web server through the local groups. Set IIS to use the identity for anonymous access. The username should be in the form: domain\user. Try selecting Integrated Windows Authentication for authenticated access and login with the username in the form: user@domain (not pre 2000). Make sure the web.config is set to forms authentication.
#19857
May 08, 2008 23:21
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.