Step 2:  Enter Active Directory Connection String

Active Directory security requires a connection string to your Active Directory.

In order to access the Active Directory on your network, your application must have a connection string to the Active Directory.  This connection string allows both Iron Speed Designer and your application to connect to your Active Directory.  Your system administrator should be able to provide you with appropriate connection string information.

The Security Wizard populates the possible Active Directory connection strings for the root domain controller and for the first-level domain controllers, which is sufficient to connect to Active Directory and use Active Directory security.  If the Active Directory has a ‘forest’ with multiple controllers, you can configure security access separately for different controllers by adding separate strings for each controller.  You may add connection strings for multiple (different) Active Directory domains, allowing you to configure security not only with the Active Directory where your computer resides, but also for other Active Directories.  This is very powerful feature.

The first string in the list is default and any user who logs in without specifying domain explicitly will be validated against default controller.  It is a good idea to have connection string to the root controller as a default.  Configured connection strings are stored as a value of the ADDomainControllers key in your application’s Web.config file.

If the Active Directory controller is not available when configuring application security via the Security Wizard, no roles will be visible (populated) in the wizard except standard roles such as ‘everyone’, ‘no one’, and ‘signed-in only’.  Hence, Active Directory role configuration is possible only when the Security Wizard can reach the Active Directory controller.

Configuring Active Directory security on your development machine

It is difficult to configure Active Directory security if Active Directory is not available in your development environment.  It is also difficult to test your Active Directory security configuration because without Active Directory available, no one can be authenticated.

See Also

Security Wizard