User authentication in MVC using LDAP

Question

I want to do the user authentication using LDAP(Lightweight Directory Access Protocol).I dont have any knowledge about this.still I have managed to write some code for this,but the problem is that when i am signing with the Username and Password present at my Databse i.e User table I ma not able to login.But when I am using LDAP's Username and password i am able to login into the application My code goes as follows:

public ActionResult Login(APPUser model, string returnUrl)
  {
    try
      {
       using (PrincipalContext pc = new PrincipalContext(ContextType.Domain,"10.0.0.100"))
             {
               if (pc.ValidateCredentials(model.UserID, model.Password))
                  {
                     FormsAuthentication.SetAuthCookie(model.UserID, false);
                     return RedirectToAction("Index", "Home");
                   }
              }
              if (Membership.ValidateUser(model.UserID, model.Password))
                {
                  FormsAuthentication.SetAuthCookie(model.UserID, false);
                        if (Url.IsLocalUrl(returnUrl))
                        {
                            return Redirect(returnUrl);
                        }
                        else
                        {
                            return RedirectToAction("Index", "Home");
                        }
                }
                 else
                    {
                        ModelState.AddModelError("", "Login failed");
                    }
                }
     catch
        {
        }
          //GetErrorsFromModelState();
                return View(model);

}

and Web.Config

    <connectionStrings>
        <add name="ADConnectionString" connectionString="LDAP://"XXXXXXX":389/DC=XXXX,DC=XXX" />
</connectionStrings>
    <system.web>
        <authentication mode="Forms">
          <forms name=".ADAuthCookie" loginUrl="~/Auth/Login" timeout="2880"/>
        </authentication>
 <membership defaultProvider="ADMembershipProvider">
    <providers>
       <clear />
         <add name="ADMembershipProvider" 
                 type="System.Web.Security.ActiveDirectoryMembershipProvider,System.Web, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
                 connectionStringName="ADConnectionString"
                  connectionProtection="Secure"
                  connectionUsername="admin"
                  connectionPassword="admin234"
                  attributeMapUsername="sAMAccountName"
                  enableSearchMethods="false" />
          </providers>
</membership>

Please try to help me out.

Answer 1

AD (Active Directory) is a directory service provider (a system that provides authentication, directory, policy, and other services in a Windows environment).

LDAP (Lightweight Directory Access Protocol) is a protocol designed for directory service providers for querying and modifying items in directory service providers like AD, which supports a form of LDAP.

In other words, you use LDAP for retrieving information from AD.

Now, if you need to implement an authentication of intranet users against Windows domain (AD) then you need to read about Integrated Windows Authentication. To enable it typically you need

• setup IIS for integrated windows authentication
• setup asp.net application

and optionally enable integrated windows authentication in IE. Read more here

Once done, user will be automatically logged in without entering his login name or password. You will be able to get his identity (User.Identity.Name) and other properties from AD.

This is a secure form of authentication which you can see when using SharePoint, Outlook Web Access or similar intranet applications.