Configuring ASP.NET Membership to use Active Directory Provider

A while back I posted about using the Active Directory Membership Provider in Visual Studio 2005, Beta 2. I finally got around to testing my code and configuration against the RTM bits, and wanted to let folks know that the steps I outline should still work fine on RTM.

One thing that's most likely to be the tripping point if you're having problems getting this working is the LDAP connection string. You need to have this in the correct format in order to be able to connect properly to AD. In my example, the connection string looked like this

<add connectionString="LDAP://win2k3.vstsb2.local/CN=Users,DC=vstsb2,DC=local"

The machine name in this case is win2k3, while the AD domain name is vstsb2.local, and the CN entry tells the provider to look for the Users container. If you modify the connection string to match your AD environment, you should be OK. The other thing is that in your provider configuration, you need to provide credentials with appropriate permission to access the Active Directory you're targeting. If you are concerned about putting this information into web.config, keep in mind that you can encrypt your provider element using the Protected Configuration feature of .net 2.0.

For those of you who may be new to LDAP syntax, you might want to take a look at the following white paper: