> I have a number of remote users that connect to the domain through a
> VPN device. I need a simple process for them to be able to change
> their passwords - some of them only have http bookmarks. The VPN is
> configured to authenticate users with the Active Directory. I found
> this article: http://msdn2.microsoft.com/en-us/library/ms998360.aspx &
> followed along - I can do a little hacking, but I'm primarily a
> system/db admin.
>
> I can run the web page in the designer & it works fine, however, when
> I attempt to run it on the server, from another server in the domain,
> or from a bookmark on the VPN, I get an web.config configuration
> error, & the following line is highlighted:
>
> <authentication mode="Forms">
>
> I don't understand what's wrong. Is the web.config file case
> sensitive? Do the entries need to be in a specific order?
>
> If it will help, here is my entire web.config:
> <?xml version="1.0"?>
> <!--
> Note: As an alternative to hand editing this file you can use the
> web admin tool to configure settings for your application. Use
> the Website->Asp.Net Configuration option in Visual Studio.
> A full list of settings and comments can be found in
> machine.config.comments usually located in
> \Windows\Microsoft.Net\Framework\v2.x\Config
> -->
> <configuration>
> <appSettings/>
> <connectionStrings>
> <add
> connectionString="LDAP://MyDomain.local/CN=Users,DC=MyDomain,DC=local"
> name="ADConnectionString"/>
> </connectionStrings>
> <system.web>
> <!--
> Set compilation debug="true" to insert debugging
> symbols into the compiled page. Because this
> affects performance, set this value to true only
> during development.
> -->
> <compilation debug="true"/>
> <!--
> The <authentication> section enables configuration
> of the security authentication mode used by
> ASP.NET to identify an incoming user.
> -->
> <authentication mode="Forms">
> <forms
> name=".ADAuthCookie"
> timeout="10" />
> </authentication>
> <authorization>
> <deny users="?" />
> <allow users="*" />
> </authorization>
> <membership defaultProvider="MyADMembershipProvider">
> <providers>
> <add
> name="MyADMembershipProvider"
>
> type="System.Web.Security.ActiveDirectoryMembershipProvider,
> System.Web, Version=2.0.0.0,
> Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
> attributeMapUsername="sAMAccountName"
> connectionStringName="ADConnectionString"
> connectionUsername="MyDomain\AdminUser"
> connectionPassword="LotsaLuck99$"/>
> </providers>
> </membership>
> <!--
> The <customErrors> section enables configuration
> of what to do if/when an unhandled error occurs
> during the execution of a request. Specifically,
> it enables developers to configure html error pages
> to be displayed in place of a error stack trace.
> <customErrors mode="RemoteOnly"
> defaultRedirect="GenericErrorPage.htm">
> <error statusCode="403" redirect="NoAccess.htm" />
> <error statusCode="404" redirect="FileNotFound.htm" />
> </customErrors>
> -->
> </system.web>
> </configuration>
> Thanks in advance
>

"BigSam" wrote:

> web.config configuration error <authentication mode="Forms">
>
> "Dominick Baier" wrote:
>
> > which error.....?
> >
> >
> > -----
> > Dominick Baier (http://www.leastprivilege.com)
> >
> > Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
> >
> > > I have a number of remote users that connect to the domain through a
> > > VPN device. I need a simple process for them to be able to change
> > > their passwords - some of them only have http bookmarks. The VPN is
> > > configured to authenticate users with the Active Directory. I found
> > > this article: http://msdn2.microsoft.com/en-us/library/ms998360.aspx &
> > > followed along - I can do a little hacking, but I'm primarily a
> > > system/db admin.
> > >
> > > I can run the web page in the designer & it works fine, however, when
> > > I attempt to run it on the server, from another server in the domain,
> > > or from a bookmark on the VPN, I get an web.config configuration
> > > error, & the following line is highlighted:
> > >
> > > <authentication mode="Forms">
> > >
> > > I don't understand what's wrong. Is the web.config file case
> > > sensitive? Do the entries need to be in a specific order?
> > >
> > > If it will help, here is my entire web.config:
> > > <?xml version="1.0"?>
> > > <!--
> > > Note: As an alternative to hand editing this file you can use the
> > > web admin tool to configure settings for your application. Use
> > > the Website->Asp.Net Configuration option in Visual Studio.
> > > A full list of settings and comments can be found in
> > > machine.config.comments usually located in
> > > \Windows\Microsoft.Net\Framework\v2.x\Config
> > > -->
> > > <configuration>
> > > <appSettings/>
> > > <connectionStrings>
> > > <add
> > > connectionString="LDAP://MyDomain.local/CN=Users,DC=MyDomain,DC=local"
> > > name="ADConnectionString"/>
> > > </connectionStrings>
> > > <system.web>
> > > <!--
> > > Set compilation debug="true" to insert debugging
> > > symbols into the compiled page. Because this
> > > affects performance, set this value to true only
> > > during development.
> > > -->
> > > <compilation debug="true"/>
> > > <!--
> > > The <authentication> section enables configuration
> > > of the security authentication mode used by
> > > ASP.NET to identify an incoming user.
> > > -->
> > > <authentication mode="Forms">
> > > <forms
> > > name=".ADAuthCookie"
> > > timeout="10" />
> > > </authentication>
> > > <authorization>
> > > <deny users="?" />
> > > <allow users="*" />
> > > </authorization>
> > > <membership defaultProvider="MyADMembershipProvider">
> > > <providers>
> > > <add
> > > name="MyADMembershipProvider"
> > >
> > > type="System.Web.Security.ActiveDirectoryMembershipProvider,
> > > System.Web, Version=2.0.0.0,
> > > Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
> > > attributeMapUsername="sAMAccountName"
> > > connectionStringName="ADConnectionString"
> > > connectionUsername="MyDomain\AdminUser"
> > > connectionPassword="LotsaLuck99$"/>
> > > </providers>
> > > </membership>
> > > <!--
> > > The <customErrors> section enables configuration
> > > of what to do if/when an unhandled error occurs
> > > during the execution of a request. Specifically,
> > > it enables developers to configure html error pages
> > > to be displayed in place of a error stack trace.
> > > <customErrors mode="RemoteOnly"
> > > defaultRedirect="GenericErrorPage.htm">
> > > <error statusCode="403" redirect="NoAccess.htm" />
> > > <error statusCode="404" redirect="FileNotFound.htm" />
> > > </customErrors>
> > > -->
> > > </system.web>
> > > </configuration>
> > > Thanks in advance
> > >
> >
> >