We use an IIS 8 web farm, located in a separate AD site along with a read only domain controller. When specifying the read only domain controller in the ActiveDirectoryMembershipProvider connection string, the getuser method works but the
validateuser method fails with
IMO a Windows admin group might be better. I guess it does log and it should update maybe the last login date/time ? It seems you rather need someone who knows how an AD read only controller works.
You don't have an inner exception that might better help to understand what happens?
yeah that's definitely a possibility. Thanks PatriceSc. I'll see if I can ask our developer to reproduce the issue and see if there's an inner exception with more details
None
0 Points
5 Posts
using a Read-Only domain controller with validate user method
Jun 02, 2017 02:24 PM|PBSAdmin|LINK
We use an IIS 8 web farm, located in a separate AD site along with a read only domain controller. When specifying the read only domain controller in the ActiveDirectoryMembershipProvider connection string, the getuser method works but the validateuser method fails with
"Event code: 4006 Event message: Membership credential verification failed."
Is this a limitation of the RODC? I would assume the validateuser method does not need to write/modify AD user attributes but I could be wrong.
All-Star
45690 Points
16602 Posts
Re: using a Read-Only domain controller with validate user method
Jun 02, 2017 03:27 PM|PatriceSc|LINK
Hi,
IMO a Windows admin group might be better. I guess it does log and it should update maybe the last login date/time ? It seems you rather need someone who knows how an AD read only controller works.
You don't have an inner exception that might better help to understand what happens?
None
0 Points
5 Posts
Re: using a Read-Only domain controller with validate user method
Jun 02, 2017 07:41 PM|PBSAdmin|LINK
yeah that's definitely a possibility. Thanks PatriceSc. I'll see if I can ask our developer to reproduce the issue and see if there's an inner exception with more details
Member
520 Points
286 Posts
Re: using a Read-Only domain controller with validate user method
Jun 19, 2017 09:12 AM|EvenMa|LINK
Hi PBSAdmin,
According to your description, in generic the problem was occurred by the configuration in web.config.
You could check “ApplictionName” property value for all providers in web.config(such as Membership provider, Role provider, Profile provider etc.) .
If you have any other questions, please feel free to contact me any time.
Best Regards
Even