MVC4 AD Authentication issue

Question

I was able to setup AD authentication using this guide. When running it from a PC that is on the domain it works like a charm.

The problem comes in where I use a local account to log in and dev with, but the dev machine itself is on the AD. When running the app using my local credentials, the app returns an error stating: "Logon failure: unknown user name or bad password."

Is there any way around this or is it an absolute must that I log in using my domain credentials?

Answer 1

I resolved this problem by using the secure port (636) in the connection string

<connectionStrings>
     <add name="ADConnectionString" connectionString="LDAP://Server.domain.com:636/DC=domain,DC=com"/>
</connectionStrings>

And defining a valid username/password combo along with the SAM account and secure connection specifiers

<membership defaultProvider="ADMembershipProvider">
  <providers>
    <clear/>
    <add name="ADMembershipProvider" 
         type="System.Web.Security.ActiveDirectoryMembershipProvider" 
         connectionStringName="ADConnectionString" 
         connectionUsername="XXX\Username"
         connectionPassword="Password"
         connectionProtection="Secure"
         attributeMapUsername="sAMAccountName"/>
  </providers>
</membership>

Thanks daren, your comments were helpfull.

Answer 2

In order for integrated windows authentication to work, the client should absolutely be in the domain. Otherwise it completely defeats the purpose of this authentication scheme.

You could support some mixed-mode authentication with Forms Authentication.