Connection string to connect to Active Directory using LDAP

my system admin gave me this:

Domain :
USER : cappdhr2

Pass : [email protected]

what will the connection string be?

I am very very new to adfs. So i tried this:

<add name="ADConnectionString"
      connectionString="LDAP://,DC=capp,DC=net"  />

<authentication mode="Forms">
  <forms name=".ADAuthCookie" timeout="43200"/>


    <add name="MyADMembershipProvider"
     connectionPassword="<a href="" class="__cf_email__" data-cfemail="9bfafff6f2f5dbaaa9a8afae">[email protected]</a>"


I am always getting this error: Unable to establish secure connection with the server

I am doing someting wrong with the connection string. I just dont know how to fix it.


Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Whenever I’ve accessed AD from .net I’ve done the following:

var directoryEntry = new DirectoryEntry("LDAP://");
directoryEntry.Username = "cappdhr2";
directoryEntry.Password = "<a href="" class="__cf_email__" data-cfemail="6e0f0a0307002e5f5c5d5a5b">[email protected]</a>";

Then you can query “AD” using the DirectorySearcher.
var directorySearcher = new DirectorySearcher(directoryEntry);

Method 2

Thanks to everyone for your help and support.
The correct address in my case was:


What i didnt realize in the beginning was that i was trying to connect to Active Directory in a different domain than my current domain. So the Ip address was the missing part.
thanks a million to Luis who realized that there was something wrong was with the domain.

And thanks Shadow Walker for explaining the ldap connection string in more details.

Method 3

We have found this to work best to be sure you have the right parameters:

Often the hard part of connecting to AD using LDAP is Determining the FDN of the user to login with.
If you know the samAccountName of the user you can find it using:

dsquery user -samid jim
"CN=Jim Willeke,CN=Users,DC=mad,DC=willeke,DC=com"

Method 4

For Active Directory, the ldap connection string can take this form:


where protocol can be either ldap:// or ldaps://, depending on whether to use standard or SSL connection. You should always troubleshoot using standard connection before moving to SSL/TLS to avoid certificate issues at this point.

domaindnsaddress is DNS-resolvable address of your domain – in your case .

Some programming languages, like php, do not require the ldap:// prefix to perform a connect operation. You may try connecting without it as well.

The username to log in can have several forms. The most common are:

You can read Microsoft’s extensive information about the possible forms of your logon name here:
MSDN – Simple Authentication

Password does not need any special treatment – just perform the standard bind operation against your ldap server and you should be authenticated.
Please note that I am intentionally not including any sample code as your question was about the connection string, not about connecting to ldap using C# libraries.

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x