FBA tightly integrated with AD



I am looking at ways where we can simplify our user password management. The FBA pack looks really close to being what we want. I would want it to use it against an AD membership provider.  With this in mind I would like to ask the following:


  1. Can I get the sp2010 FBA pack to integrate the AD prior to some many days before the password expiry date then automatically redirect to the password change screen. I suspect a lockout would mean support from our AD team rather than anything the user could do to resolve this.
  2. Are the user emails listed in the setup documentation derived from AD ( later synced to SharePoint user profile) or are they manually added. 




I've only tested this against the SQLMembershipProvider, so you're going to have to try this to see if it works. Theoretically it should, as long as the AD Membership Provider supports all of the methods the SQLMembershipProvider does.

There's another person trying to get this to work with AD LDS and LDAPMembershipProvider:


1) The base membership provider does not support password expiry, so no (without custom coding).

2) No, they were manually added - all screen shots were from a setup with the SQLMembershipProvider


Thanks for your prompt response. Ok I will see how the other chap is getting on and see if I cannot do somethink similar.

1) I guess I will need to download the latest svn source and peek at the code.  I take it I would need to extend the base membership provider and add the functionality required.

2) Again, if I can interrogate AD with code I should be able to populate this list.