Active Directory Membership Provider login failing under MVC 4 for valid users

Question

I am trying to use the ActiveDirectoryMembershipProvider with MVC 4 and AD LDS for authentication. Using the many posts on the matter I have managed to get the server to connect to the AD server and attempt to authenticate a user, but this authentication always seems to fail (even when I know it’s a valid user). We have a domain (say DC=foo,DC=bar,DC=us) under which our users are organized by groups. For instance, we have OU=someGroup,DC=foo,DC=bar,DC=us under which we have CN=someUser,OU=someGroup,DC=foo,DC=bar,DC=us. I have tried logging in with someUser@foo.bar.us, someUser@someGroup.foo.bar.us, and someUser with the same result.

1. How can I get this user to authenticate?
2. Is there a way to modify the login to search globally by uid? cn?

Mythgarr's response fixed the first part, still not sure on the second.

Answer 1

Hmm - for the first question are you sure you've set up the userPrincipalName for your users? This is a user-defined attribute. You should be able to use ADSI Edit (or Apache Directory Studio, or any other LDAP client) to check the value. If it isn't set that would explain why you are unable to log in.

As to the second, one possibility is to set your userPrincipalName to the desired uid. This may result in duplication within your system. It seems like attributeMapUsername="uid" should work but this throws an exception. Would love to hear from anybody who knows how to do this?