Adding LDAP Groups to MOSS groups amended

Posted: February 28, 2008 in MOSS 2007

               Continuing with the previous article I ran on programmatically adding LDAP groups(Domain Groups) to MOSS groups I ran into a fun little bug with MOSS that has the potential to really hose you on this effort. 2 things, make sure your LDAP groups are prefixed with the name of your ROLEPROVIDER name. This will need to match exactly the value you have in your web.config. Now once you do this the bug comes into play.
              MOSS will do next to no validation on your group and username. It will certainly NOT call your providers to verify the Role name exists. In fact as long as you get the prefix of your custom membership OR custom role provider name in there, it will assume it is valid. So you can enter all sorts of groups and users that don’t exist. The important thing here is you are 100% certain the names you enter are valid and that you utilize the ROLEPROVIDER prefix and not the MEMBERSHIPPROVIDER name. Now if you have been bitten by this bug, before you go on a killing spree, I do have some code to assist you in correcting this. Drop me a line and I can post it.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s