asp.net - Will the ActiveDirectoryMembershipProvider traverse a one-way domain trust (in SharePoint)? -


we implementing sharepoint in environment multiple separate domain forests used authenticate users using claims based authentication. various domains have one-way trust single domain act "root" authentication requests. have tested trust , work, , our claims authentication configuration appears working well, when logging in sharepoint using forms authentication can authenticate users exist explicitly in root domain. trusted domain users not authenticate, nor enumerate when using getallusers() method of active directory membership provider.

we've boiled configuration down as possible this:

connection string:

<add name="adconnstring" connectionstring="ldap://therootdomain.org" />

membership provider:

<add name="adprovider"           enablesearchmethods="true"           type="system.web.security.activedirectorymembershipprovider, system.web, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a"           connectionstringname="adconnstring"           attributemapusername="userprincipalname"           connectionusername="svcact"           connectionpassword="svcpwd" />

as configured now, able authenticate forms based users using username@domain.tld convention, if exist in root domain in trust "tree". users other domains fail authentication. think it's worth mentioning if switch ntlm users across trusted domains able authenticate; know trust functioning.

i have of course scoured internet , keep finding conflicting information. in places read one-way trust should "just work" , no special configuration required, , scenario should not have problems. in other places impression activedirectorymembershipprovider not capable of traversing domain trusts , way write customer provider walks through multiple individual providers - have hard time accepting our scenario not seem outlandish; must supported... right?

so basic question can active directory membership provider traverse domain trusts in order authenticate users, , if else needs configured make happen?

thanks in advance!


Comments

Post a Comment

Popular posts from this blog

c# - SharpSVN - How to get the previous revision? -

i trying find efficient way previous revision of file text comparison using sharpsvn. using (svnclient c = new svnclient()) { c.authentication.defaultcredentials = new networkcredential( configurationmanager.appsettings.get("svnserviceusername") , configurationmanager.appsettings.get("svnservicepassword") , configurationmanager.appsettings.get("svnservicedomain") ); c.authentication.sslservertrusthandlers += new eventhandler<svnsslservertrusteventargs>(authentication_sslservertrusthandlers); collection<svnfileversioneventargs> fileversioncollection = new collection<svnfileversioneventargs>(); svnrevisionrange range = new svnrevisionrange(0, this.hooks.revision); svnfileversionsargs args = new svnfileversionsargs(); args.retrieveproperties = true; args.range = range; foreach (svnchangeitem item in log.changedpaths) { string path = this.repositorypath + it...
Read more

c++ - Is it possible to compile a VST on linux? -

for class project i'm attempting write vst plugin backed cuda. current cuda workflow on linux box, i'd prefer compile , link there. according wikipedia , should possible (i couldn't find steinberg documentation relevant linux) can't find makefile or instructions on how build if aren't using xcode or visual studio. i'm vst 3 sdk doesn't support linux. when try compile plugin under linux, error: ./base/source/fatomic.cpp:39:30: fatal error: libkern/osatomic.h: no such file or directory this issue caused following code in "vst3 sdk/base/source/fatomic.cpp" #if mac #include <libkern/osatomic.h> #if mac_os_x_version_min_required > mac_os_x_version_10_4 #define native_atomic_type (volatile int32_t*) #else #define native_atomic_type (int32_t*) #endif #elif windows #include <windows.h> #endif but hope compiling under linux work vst sdk 2.4. reading. jvstwrapper seems run on lin...
Read more

url - Querystring manipulation of email Address in PHP -

i using third party application (email2http) send me emailid, body , message. unable retrieve email id due name appended on , enclosed < , >. here querystring getting. test.php?from=ajay+reddy &subject=cx&body=somebody when print variable in php returns name , not email id. $from = $_get['from']; echo $from; //output ajay reddy please suggest me how can emailid also. i dont want use post method due testing , debugging. it's working fine. forgot use htmlentities() in debugging.
Read more