Try our conversational search powered by Generative AI!

ActiveDirectoryRoleProvider and ActiveDirectoryMembershipProvider issues


I need to use LDAP authentication for EPiServer, but I'm having issues.  The Windows(Role|Membership)Provider(s) work great, but as soon as I swap to the active directory versions, when I try to log in to CMS admin, my username/password is accepted (I'm authenticated), but I'm immediately directed back to the login (which I assume means the system thinks I am not authorized).

I found the following blog post.  Can anyone tell me if this is still true of CMS7?  Do I have to strip the domain from the membership provider in order to get an LDAP solution to work?


My connection settings for the role/membership providers are exactly the same.  I'm using attributeMapUsername="sAMAccountName". What else do I look for?  

May 29, 2013 18:01

After spending all day on this, it seems that the windows providers allow you to specify groups with the domain prefix (eg, MyDomain\MyGroup)... where the AD providers seem to just expect the group name.  I found it by accident.  Replacing all of MyDomain\MyGroup with simply MyGroup in web.config seems to have allowed the basic CMS security to work.  


Next, on to Community....

May 29, 2013 23:15

You can actually specify groups without prefix also with the Windows provider, given that you make use of the deletePrefix attribute on the membership provider :)

May 30, 2013 0:25
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.