Last post Jun 19, 2017 09:12 AM by EvenMa
Jun 02, 2017 02:24 PM|PBSAdmin|LINK
We use an IIS 8 web farm, located in a separate AD site along with a read only domain controller. When specifying the read only domain controller in the ActiveDirectoryMembershipProvider connection string, the getuser method works but the
validateuser method fails with
"Event code: 4006 Event message: Membership credential verification failed."
Is this a limitation of the RODC? I would assume the validateuser method does not need to write/modify AD user attributes but I could be wrong.
Jun 02, 2017 03:27 PM|PatriceSc|LINK
IMO a Windows admin group might be better. I guess it does log and it should update maybe the last login date/time ? It seems you rather need someone who knows how an AD read only controller works.
You don't have an inner exception that might better help to understand what happens?
Jun 02, 2017 07:41 PM|PBSAdmin|LINK
yeah that's definitely a possibility. Thanks PatriceSc. I'll see if I can ask our developer to reproduce the issue and see if there's an inner exception with more details
Jun 19, 2017 09:12 AM|EvenMa|LINK
According to your description, in generic the problem was occurred by the configuration in web.config.
You could check “ApplictionName” property value for all providers in web.config(such as Membership provider, Role provider, Profile provider etc.) .
If you have any other questions, please feel free to contact me any time.