locked
Webserver must be member of domein to use ADMembership Provider? RRS feed

  • Question

  • User-384517966 posted
    Our company is not very well organized, we have a domain controller (SBS2003) but only for the Exchange. We also have two web servers (2003 standard and 2000 server) for testing and deploying. My thought was, single signon for all internal webapps. So I started looking into the ADMembership Provider.

    But I am wondering, the webservers, they are not part of the domain, should they be for this too work? Pretty basic maybe, but I couldn't find it, maybe because it's obvious, but not for me, as I have very little knowledge of AD.

    Thank you!
    Friday, March 24, 2006 10:34 AM

All replies

  • User1354132231 posted
    I think you can get it to work.  You have to specify a specific server for a connection string and use explicit credentials in the provider settings, but it should work.

    Tuesday, March 28, 2006 8:02 PM
  • User-384517966 posted

    Is there a way to see exactly what happens when I try to connect? Using this managed providers seems easy, but I don't get much feedback on why I can't login. So I still don't know if it's because I am not correctly connecting to the DC or if I simply don't have the rights or something else entirely.

    Can I trace this from the management console on the Domain Controller (it's a Small Business Server 2003)?

    Friday, March 31, 2006 2:41 AM
  • User1354132231 posted
    Sure, there are a number of ways to approach this.  You can use Ethereal to get a trace that will tell you exactly what your client (the IIS server in this case) is trying to do under the hood.  That will probably be the most informative.  If you have a specific DC targeted in your configuration, you can also audit the event logs there (make sure you have audit failures on) to see what is happening as well.

    Ethereal is free and easy to use.  It also decodes the traffic messages for you on LDAP, which makes your life pretty easy.  If you have not used it before, it is a great tool.
    Friday, March 31, 2006 1:41 PM