{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 一纸荒年 Trace。 的问题《What are the minimum permissions for connectionUse》','https://www.manongdao.com/q-966196.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am writing an ASP.NET application using ActiveDirectoryMembershipProvider, similar to the scenario outlined here: http://channel9.msdn.com/wiki/securitywiki/aspnet2formsauthtoadrolesinadintranet/
As part of this setup, I configured ASP.NET Membership as follows:
<membership defaultProvider="MyADMembershipProvider">
<providers>
<add
name="MyADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="testdomain\administrator"
connectionPassword="password"/>
</providers>
</membership>
This works, but in production I would like to use a connectionUsername with minimum permissions to anything else, instead of "Administrator". What are the minimum permissions that should be assigned to this account?
See the note in the "Connecting to Active Directory" section at http://msdn.microsoft.com/en-us/library/ms998360.aspx.