I implemented a form based authentication that uses AD in an ASP MVC 3 application following the directions I found here ASP.NET MVC - Authenticate users against Active Directory, but require username and password to be inputted
我实现了一个基于表单的身份验证,在ASP MVC 3应用程序中使用AD遵循我在此处找到的指示ASP.NET MVC - 针对Active Directory验证用户,但需要输入用户名和密码
I works fine when I run using the ASP.NET Development Server, but fails to go beyond the login page after I enter my credentials and gives the following error:
我使用ASP.NET开发服务器运行时工作正常,但在输入凭据后无法超出登录页面并出现以下错误:
Configuration Error
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
描述:处理为此请求提供服务所需的配置文件时发生错误。请查看下面的具体错误详细信息并相应地修改配置文件。
Parser Error Message: An operations error occurred.
分析器错误消息:发生操作错误。
Source Error:
Line 37: <membership defaultProvider="MY_ADMembershipProvider">
Line 38: <providers>
Line 39: <add name="MY_ADMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider" connectionStringName="ADConnectionString" attributeMapUsername="sAMAccountName" />
Line 40: </providers>
Line 41: </membership>
Any help would be much appreciated, thanks in advance.
任何帮助将非常感谢,提前感谢。
UPDATE: So far after a couple of debugs I think error might be coming from System.Web.Security.ActiveDirectoryMembershipProvider in the Web.xml config, I added System.Web (in which that class is found) as a reference and also to make a local copy but still, zip... :(
更新:到目前为止,经过几次调试后,我认为错误可能来自Web.xml配置中的System.Web.Security.ActiveDirectoryMembershipProvider,我添加了System.Web(其中找到了该类)作为参考,也是为了制作一个本地副本,但仍然,拉链...... :(
2 个解决方案
#1
6
Make sure you have passed a valid username and password of an account that has sufficient privileges to query your AD:
确保您已通过具有足够权限查询AD的帐户的有效用户名和密码:
<add
name="MY_ADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider"
connectionStringName="ADConnectionString"
attributeMapUsername="sAMAccountName"
connectionUsername="YOURDOMAIN\SomeAccount"
connectionPassword="secret"
/>
If you don't want to do that you will have to configure the Application Pool in your IIS to run under an account which has sufficient privileges to query your Active Directory. By default your application runs under a local NetworkService account which has no access to the AD.
如果您不想这样做,则必须在IIS中配置应用程序池,以便在具有足够权限查询Active Directory的帐户下运行。默认情况下,您的应用程序在本地NetworkService帐户下运行,该帐户无法访问AD。
#2
6
I changed the Identity of the Application Pool from "ApplicationPoolIdentity" to "NetworkService" and everything works great now.
我将应用程序池的标识从“ApplicationPoolIdentity”更改为“NetworkService”,现在一切都很好。
#1
6
Make sure you have passed a valid username and password of an account that has sufficient privileges to query your AD:
确保您已通过具有足够权限查询AD的帐户的有效用户名和密码:
<add
name="MY_ADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider"
connectionStringName="ADConnectionString"
attributeMapUsername="sAMAccountName"
connectionUsername="YOURDOMAIN\SomeAccount"
connectionPassword="secret"
/>
If you don't want to do that you will have to configure the Application Pool in your IIS to run under an account which has sufficient privileges to query your Active Directory. By default your application runs under a local NetworkService account which has no access to the AD.
如果您不想这样做,则必须在IIS中配置应用程序池,以便在具有足够权限查询Active Directory的帐户下运行。默认情况下,您的应用程序在本地NetworkService帐户下运行,该帐户无法访问AD。
#2
6
I changed the Identity of the Application Pool from "ApplicationPoolIdentity" to "NetworkService" and everything works great now.
我将应用程序池的标识从“ApplicationPoolIdentity”更改为“NetworkService”,现在一切都很好。