December 7, 2005 - 16:46 UTC - Tags: ADAM ASP.NET AD LDS
Making Active Directory Application Mode (ADAM) work with ASP.NET 2.0 in Visual Studio 2005 can be quite a hassle. This post is a step by step guide to successfully creating and using an ADAM instance with ASP.NET 2.0 without the need to install SSL-certificates.
1. Installing ADAM- Download and install ADAM from http://www.microsoft.com/adam
- Run the installer
- Select "unique instance"
- Give the instance a sensible name (I will use TestInstance in this example)
- Select a couple of free ports (I will use 50000 and 50001 in this example)
- Select "Yes, create an application directory" and give it a sensible name. (O=TestDirectory will be used in this example)
- Accept default or select a suitable place for the files
- Choose default for Service Account Selection
- Choose "Currently logged on account" for ADAM Adminstrators
- Import "MS-InetOrgPerson", "MS-User" and "MS-Userproxy"
- Click next to complete the install
2. Configuring the ADAM instance- Open "ADAM ADSI Edit" from the ADAM program group in your start menu
- Select "Action->Connect to..."
- For name use [instance name] + "directory" ("TestInstance directory")
- Alter the correct portnumber in the Port textbox (50000)
- Choose "Distinguished name" and enter the distinguished name of your instance ("O=TestDirectory")
- Click "Ok"
- Right-click the "O=TestDirectory"-folder and select "New" and "Object..". Choose "organizationalUnit" and name it "Users"
- Right-click the new "OU=Users"-folder and select "New" and "Object...". Select "user" and give the user an admin-like name ("ADAMAdmin"). We have now created our ADAM-adminuser
- Right-click the "CN=ADAMAdmin"-account and choose "Reset password". Choose a sensible admin password.
- Double-click the "CN=ADAMAdmin"-user and set the "msDS-UserAccountDisabled" to False
- Go to the "CN=Roles"-folder and double-click the "Administrators"-account. Locate the "member" attrbitute and double-click it. Choose "Add ADAM-account" and enter the distinguished name of your newly created user (CN=ADAMAdmin,OU=Users,O=TestDirectory). Click the Ok-buttons to close the editor.
- Close the "ADAM ADSI Edit"-application
- Open "ADAM Tools Command Prompt" from your ADAM program group on the start menu.
- Type the following commands: "dsmgmt", "ds behavior", "connections", "connect to server localhost:50000", "quit","allow passwd op on unsecured connection", "quit", "quit". This commands allows sending plain text password from you application to the ADAM-instance (avoid this in production enviroments). Thanks to Dan Seller for this part.
3. Configuring your ASP.NET 2.0 application- Open your web.config. If you don't have one, click "Website", "Add new item...", "Web configuration file"
- Replace the "<connectionStrings>"-tag with:
<connectionStrings>
<add name="ADService" connectionString="LDAP://localhost:50000/OU=Users,O=TestDirectory"/>
</connectionStrings>
- Right above the "</system.web>"-tag add the following:
<membership defaultProvider="AspNetActiveDirectoryMembershipProvider">
<providers>
<add name="AspNetActiveDirectoryMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADService" connectionUsername="CN=ADAMAdmin,OU=Users,O=TestDirectory" connectionPassword="myAdminPassword" connectionProtection="None" enableSearchMethods="true"/>
</providers>
</membership>
You should now be able to open the "ASP.NET configuration"-utility and add users.
Comments closed for this post