My current application uses a class PrincipalContextto authenticate the user by default (the selected section is populated in Web.config ) against LDAP (or rather Active Directory):
ldapContext = new PrincipalContext(AdContextType, AdHost, AdContainer,
ContextOptions.SimpleBind,
AdDefaultUser, AdDefaultPassword)
Then this authentication allows you to search for another user (via UserPrincipal.FindByIdentity(ldapContext, username)). BUT I need to change this, since the user explicitly in Web.config is not suitable for my client. Well, I can understand that :-))
So, I have some solutions:
managed to encrypt the corresponding part of Web.config (part membershipusing providersetc.)
Use the account from the IIS 7 application pool on which the application is deployed. This implies getting the Principal from IIS (I think this point should not be so tough), and then use it for authentication against AD; but I can not find any method for this, either through the class PrincipalContextor through ActiveDirectoryMembershipProviderone.
Do you know how to manage either of these two solutions, or do you think of the others?
Thank you so much!
source
share