ASP.NET Active Directory Membership Provider and SQL Profile Provider

I am currently designing a Membership/Profile scheme for a new project I am working on and I was hoping to get some input from others.

The project is a ASP.NET web application and due to the short time frame, I am trying to use any and all built in .NET framework components I can. The site will probably entertain < 5000 users. Each user will have a profile where custom settings and objects will be persisted between visits.

I am required to use an existing Active Directory for authentication. Since the AD schema cannot be extended to hold new fields, I am required to hold user settings and objects in a different data store. I have also been told ADAM is probably not a possible solution.

I was hoping to use the Active Directory Membership Provider for my authentication scheme and the SQL Profile Provider as a user profile data store. I would prefer not to build a custom profile provider, but I do not see this posing much of a problem if need be.

I was wondering if this is even a possible solution, and if so, has anyone had any luck with this approach.

Any comments would be greatly appreciated.



Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

First off – I’ve never done this myself.

There’s a really excellent series (14 !! parts) on the whole topic of ASP.NET 2.0 membership, roles and profile provider systems by Scott Mitchell at 4 Guys from Rolla.

According to my understanding, you should be able to configure this behavior you are looking for by using basically these two sections in your web.config:

  <!-- configure Active Directory membership provider -->
  <membership defaultProvider="AspNetActiveDirectoryMembershipProvider">
      <add name="AspNetActiveDirectoryMembershipProvider"
                 System.Web, Version=2.0.3600, Culture=neutral, 
                 PublicKeyToken=b03f5f7f11d50a3a" />

  <!-- configure SQL-based profile provider -->      
  <profile defaultProvider="SqlProvider">
      <add name="SqlProvider"
        applicationName="YourApplication" />

    <!-- specify any additional properties to store in the profile -->   
      <add name="ZipCode" />
      <add name="CityAndState" />

I would think this ought to work 🙂

Method 2

In addition to this as replied by Marc :

<add name="AspNetActiveDirectoryMembershipProvider"
                 System.Web, Version=2.0.3600, Culture=neutral, 
                 PublicKeyToken=b03f5f7f11d50a3a" />

you might also need to add

with corresponnding connection string
    <add name="ADService" connectionString="LDAP://ServerIP" />

If you are using .net 4.0 then you will need to replace


So finally ,
<membership defaultProvider="AspNetActiveDirectoryMembershipProvider">
        <add name="AspNetActiveDirectoryMembershipProvider"
                 System.Web, Version=, Culture=neutral, 

and since it is set as default, it can be referenced as :
MembershipProvider provider = Membership.Provider;

Method 3

I am using Visual Studio 2012 and tried to do as sugested, but an error is shown:

To call this method, the "Membership.Provider" property must be an instance of "ExtendedMembershipProvider".

So I discovered that a few changes should be done to the default login form on the VS2012 with MVC 4 and entity framework as follows:

on file “AccountController.cs”

on the “public ActionResult Login(LoginModel model, string returnUrl)”

Change the

    if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe))

    if (ModelState.IsValid && Membership.Provider.ValidateUser(model.UserName, model.Password))

on the “public ActionResult LogOff()”

Change the



and add the following: FormsAuthentication.SetAuthCookie(model.UserName, false);
    public ActionResult Login(LoginModel model, string returnUrl)
        if (ModelState.IsValid && Membership.Provider.ValidateUser(model.UserName, model.Password))

            FormsAuthentication.SetAuthCookie(model.UserName, false);               

            return RedirectToLocal(returnUrl);

        // If we got this far, something failed, redisplay form
        ModelState.AddModelError("", "The user name or password provided is incorrect.");
        return View(model);

Method 4

Thanks for the information, its helped alot. Also rather than Setting the default Provider with MembershipProvider provider = Membership.Provider; you can set it with in the membership tag.

<membership defaultProvider="AspNetActiveDirectoryMembershipProvider">

I”ve also writen a small how to and a download to a Visual Studio Project and Source configured to use AspNetActiveDirectoryMembershipProvider.

ASP.NET Forms Based Authentication – using AspNetActiveDirectoryMembershipProvider

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x