在Web应用程序中使用AD来进行成员管理

ActiveDirectoryMembershipProvider为 Active Directory 和 Active Directory 应用程序模式服务器中的 ASP.NET 应用程序管理成员资格信息的存储。

具体的信息可以参考http://msdn.microsoft.com/zh-cn/library/system.web.security.activedirectorymembershipprovider(VS.80).aspx

 

其中，进行配置的语法如下

<configuration>
  <connectionStrings>
    <add name="ADService" connectionString="LDAP://ldapServer/" />
  </connectionStrings>
  <system.web>
    <membership
      defaultProvider="AspNetActiveDirectoryMembershipProvider">
      <providers>
        <add name="AspNetActiveDirectoryMembershipProvider"
          type="System.Web.Security.ActiveDirectoryMembershipProvider,
          System.Web, Version=1.0.3600, Culture=neutral,
          PublicKeyToken=b03f5f7f11d50a3a"
          connectionStringName="ADService"
          connectionUserName="UserWithAppropriateRights"
          connectionPassword="PasswordForUser"
          connectionProtection="Secure"
          enablePasswordReset="true"
          enableSearchMethods="true"
          requiresQuestionAndAnswer="true"
          applicationName="/"
          description="Default AD connection"
          requiresUniqueEmail="false"
          clientSearchTimeout="30"
          serverSearchTimeout="30"
          attributeMapPasswordQuestion="department"
          attributeMapPasswordAnswer="division"
          attributeMapFailedPasswordAnswerCount="singleIntAttribute"
          attributeMapFailedPasswordAnswerTime="singleLargeIntAttribute"
          attributeMapFailedPassswordAnswerLockoutTime="singleLargeIntAttribute"
          maxInvalidPasswordAttemps = "5"
          passwordAttemptWindow = "10"
          passwordAnswerAttemptLockoutDuration = "30"
          minRequiredPasswordLength="7"
          minRequiredNonalphanumericCharacters="1"
          passwordStrengthRegularExpression="
          @\"(?=.{6,})(?=(.*\d){1,})(?=(.*\W){1,})" />
        />
      </providers>
    </membership>
  </system.web>
</configuration>