I need to use the ActiveDirectoryMembershipProvider in my application.
I have setup the provider in the web config, etc. When I use the ASP.NET
configuration utility and select the Security tab, it throws an
exception saying that the attribute 'userPasswordQuestion' specified for
the attributeMapPasswordQuestion property is not an attribute of the
user class.
I extended the AD attributes and mapped them to the 'user' class. To
validate them, I used ADSIEdit to add simple editing functions to the
context menu of the AD Users and Computers console. Sure enough, when I
right-click on any user in any OU, I see the 5 attributes listed and the
console calls my custom VB script that displays the current value of the
attribute and lets me set the value to anything I want. Bottom line -
the attributes do exist and are indeed associated with the user class.
I rebooted the machine and ran the application again. Now the exception
is different. It says that the userPasswordQuestion attribute must be
of type 'Directory String'. All of the documentation I have read says
to set it to "Context Insensitive String". I went back to the AD schema
and tried to create an attribute of type 'Directory String', but no such
type exists.
What is going on? And why is this so difficult?
--
John F. Holliday | Principal Architect - Information Worker Solutions
Idea Integration, A MPS Group Company
