On Feb 27, 2:08 pm, "Matt Adamson" <Adamson_Matt...@hotmail.com>
wrote:
Thanks Alexey
However how would I use the existing user store from the membership API i.e.
there are user tables
1) aspnet_Membership
2) aspnet_Users
No, I suggested to use "Windows authentication", not a "Form
authentication".
Should I create a new User table which contains the windows log in name e.g.
MICROSOFT\BGATES and then use a record in the member ship tables for other
data such as full name / email address e.t.c.?
Yes, my idea was to use such tables like AspNetAccessProvider does,
where you can assign MICROSOFT\BGATES to his roles. At the same time,
all information like full name / email address and so on is available
in Active Directory (AD) and this can be a second approach you have to
think of. I said nothing about it in the first post because this way
could be more complex to implement. In this case you can call the
information about group membership, and user profile directly from AD.
How to do that - please google for "ASP.NET Active Directory" - I'm
sure you can find many simple examples you can test. In my experience,
it is better to work with AD through a custom COM+ (can be developed
e.g. in VB6) because of the security reasons. All AD-related functions
could be included in this COM+ and used from ASP.NET. I can give you
more details later on if you'll decide to go this way...