locked
Tying AD groups to ASP roles RRS feed

  • Question

  • User1571257218 posted
    I'm using Forms authentication with the ActiveDirectoryMembershipProvider in .NET 2.0. I love how the provider allows you to add/remove/manage AD users from the ASP.NET Configuration page. Is there a way to do the same thing with Roles?

    What I mean is, can I have AD groups transfer directly into my application as roles? Is there a way to enable the RoleManager to manage roles that are directly tied to AD groups? I found a site that seems to suggest this is possible:

    http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.ASPNET2FormsAuthToADRolesInADIntranet

    But it doesn't give details about implementation. I've looked into AzMan, but it seems to require duplicating group information. Can AzMan roles be tied directly to Groups in AD, or will I end up with two independent sets of role/group assignments?

    Thanks in advance.
    Friday, March 24, 2006 11:06 AM

All replies

  • User1354132231 posted
    AzMan roles can be tied to groups is one answer.  As for 'roles' from the ASP.NET point of view, I am not sure there is a role provider in place that will add or remove them.  I think this has to be done with your normal AD or ADAM management tools.  I think this is a good idea as well.  I don't think you want to manage your AD (your admin will hate you) from a web app that is only one consumer of AD services.

    Tuesday, March 28, 2006 8:11 PM