I need to configure a connection string for a Active Directory, my web application is on the same machine where I can access the Active Directory
我需要为活动目录配置一个连接字符串,我的web应用程序位于可以访问活动目录的同一台机器上
at the moment I'm using this string with no success
目前我正在使用这个字符串,但没有成功
<add name="ADConnectionString" connectionString="" />
could you please point me out the right direction because this is the first time I'm doing a lookup against Active Directory.
你能给我指出正确的方向吗?因为这是我第一次对活动目录进行查找。
1 个解决方案
#1
1
Access Active Directory security requires a connection string to your Active Directory. Your system administrator should provide you with appropriate connection string information. The Application Security Wizard provides the possible Active Directory connection strings for the root domain controller and for the first-level domain controllers, which is sufficient to connect to Active Directory and use Active Directory security. This is a very powerful feature. Without Active directory available, no one can be authenticated. Configured connection strings are stored as a value of the ADDomainControllers key in your application’s Web.config file. If the Active Directory controller is not available when configuring application security via the Application Security Wizard, then no roles will be visible in the wizard except standard roles. Hence, Active Directory role configuration is possible only when the Application Security Wizard can reach the Active Directory controller.
访问活动目录安全性需要一个到活动目录的连接字符串。系统管理员应该向您提供适当的连接字符串信息。应用程序安全向导为根域控制器和一级域控制器提供了可能的活动目录连接字符串,这足以连接到Active Directory并使用Active Directory安全性。这是一个非常强大的特性。如果没有可用的活动目录,则无法对任何人进行身份验证。配置的连接字符串被存储为应用程序Web中的ADDomainControllers键的值。配置文件。如果通过应用程序安全向导配置应用程序安全性时,活动目录控制器不可用,那么除了标准角色外,向导中将看不到任何角色。因此,只有当应用程序安全向导能够到达活动目录控制器时,才可以进行活动目录角色配置。
Steps required to provide authentication against Active Directory, either for new sites with no authentication, or for existing sites using database authentication...
为不使用身份验证的新站点或使用数据库身份验证的现有站点提供身份验证所需的步骤。
The Active Directory connection string is simliar to the database connection string used in ASP.NET, except that it references an LDAP address.
Active Directory连接字符串是用于ASP中使用的数据库连接字符串的simliar。NET,但是它引用LDAP地址。
<connectionStrings>
<add name="ADConnectionString"
connectionString="LDAP://Product.com.au/DC=Product,DC=prd,DC=au"/>
</connectionStrings>
this in web.config file and its for entire Product. We can do this for particular,
这在网络。配置文件及其整个产品。我们可以这样做,
like
就像
<connectionStrings>
<add name="ADConnectionString"
connectionString="LDAP://Sub.Product.com.au/CN=Sub,DC=Product,DC=prd,DC=au"/>
</connectionStrings>
Then Configure the Membership provider
然后配置成员资格提供程序
<membership defaultProvider="defaultProviderName">
<providers>
<add name="defaultProviderName"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="NmaeActiveDirConnectionString"
attributeMapUsername="Name"/>
</providers>
</membership>
Then Configure the Authentication and Authorization parameters, This settings above require every user to authenticate before accessing your web application. ASP.NET will automatically redirect these users to a Login.aspx page.
然后配置身份验证和授权参数,上面的设置要求每个用户在访问web应用程序之前进行身份验证。ASP。NET将自动将这些用户重定向到登录。aspx页面。
<authentication mode="Forms">
<forms name=".ADAuthCookie" timeout="43200"/>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
Last step is create Login Page,
最后一步是创建登录页面,
Membership.GetUser(UserName) using to get the details.
getuser(用户名)用于获取详细信息。
#1
1
Access Active Directory security requires a connection string to your Active Directory. Your system administrator should provide you with appropriate connection string information. The Application Security Wizard provides the possible Active Directory connection strings for the root domain controller and for the first-level domain controllers, which is sufficient to connect to Active Directory and use Active Directory security. This is a very powerful feature. Without Active directory available, no one can be authenticated. Configured connection strings are stored as a value of the ADDomainControllers key in your application’s Web.config file. If the Active Directory controller is not available when configuring application security via the Application Security Wizard, then no roles will be visible in the wizard except standard roles. Hence, Active Directory role configuration is possible only when the Application Security Wizard can reach the Active Directory controller.
访问活动目录安全性需要一个到活动目录的连接字符串。系统管理员应该向您提供适当的连接字符串信息。应用程序安全向导为根域控制器和一级域控制器提供了可能的活动目录连接字符串,这足以连接到Active Directory并使用Active Directory安全性。这是一个非常强大的特性。如果没有可用的活动目录,则无法对任何人进行身份验证。配置的连接字符串被存储为应用程序Web中的ADDomainControllers键的值。配置文件。如果通过应用程序安全向导配置应用程序安全性时,活动目录控制器不可用,那么除了标准角色外,向导中将看不到任何角色。因此,只有当应用程序安全向导能够到达活动目录控制器时,才可以进行活动目录角色配置。
Steps required to provide authentication against Active Directory, either for new sites with no authentication, or for existing sites using database authentication...
为不使用身份验证的新站点或使用数据库身份验证的现有站点提供身份验证所需的步骤。
The Active Directory connection string is simliar to the database connection string used in ASP.NET, except that it references an LDAP address.
Active Directory连接字符串是用于ASP中使用的数据库连接字符串的simliar。NET,但是它引用LDAP地址。
<connectionStrings>
<add name="ADConnectionString"
connectionString="LDAP://Product.com.au/DC=Product,DC=prd,DC=au"/>
</connectionStrings>
this in web.config file and its for entire Product. We can do this for particular,
这在网络。配置文件及其整个产品。我们可以这样做,
like
就像
<connectionStrings>
<add name="ADConnectionString"
connectionString="LDAP://Sub.Product.com.au/CN=Sub,DC=Product,DC=prd,DC=au"/>
</connectionStrings>
Then Configure the Membership provider
然后配置成员资格提供程序
<membership defaultProvider="defaultProviderName">
<providers>
<add name="defaultProviderName"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="NmaeActiveDirConnectionString"
attributeMapUsername="Name"/>
</providers>
</membership>
Then Configure the Authentication and Authorization parameters, This settings above require every user to authenticate before accessing your web application. ASP.NET will automatically redirect these users to a Login.aspx page.
然后配置身份验证和授权参数,上面的设置要求每个用户在访问web应用程序之前进行身份验证。ASP。NET将自动将这些用户重定向到登录。aspx页面。
<authentication mode="Forms">
<forms name=".ADAuthCookie" timeout="43200"/>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
Last step is create Login Page,
最后一步是创建登录页面,
Membership.GetUser(UserName) using to get the details.
getuser(用户名)用于获取详细信息。