views:

999

answers:

2

I am trying to encrypt the "system.web.membership" element within the Web.Config of our .Net application to secure username and password to Active Directory. I am using the aspnet_regiis command to encrypt, and have tried several different strings for the value of the "pe" option with no success. I have successfully encrypted the "connectstrings" element on my web.config.

Cmd

C:\Windows\Microsoft.NET\Framework\v2.0.50727>aspnet_regiis -pe "connectionStrings" -site MySite -app /MyApp
Encrypting configuration section...
Succeeded!

C:\Windows\Microsoft.NET\Framework\v2.0.50727>aspnet_regiis -pe "membership" -site MySite -app /MyApp
Encrypting configuration section...
The configuration section 'membership' was not found.
Failed!

C:\Windows\Microsoft.NET\Framework\v2.0.50727>aspnet_regiis -pe "system.web.membership" -site MySite -app /MyApp
Encrypting configuration section...
The configuration section 'system.web.membership' was not found.
Failed!

Web.Config

<configuration>
    ...
    <system.web>
        ...
        <authentication mode="Forms">
            <forms name=".ADAuthCookie" 
                   timeout="30"/>
        </authentication>
        <authorization>
            <deny users="?"/>
            <allow users="*"/>
        </authorization>
        <membership defaultProvider="MyADMembershipProvider">
            <providers>
                <add name="MyADMembershipProvider"
                     type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0,Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
                     connectionStringName="ADConnectionString" 
                     connectionUsername="MyUserName" 
                     connectionPassword="MyPassowrd"/>
            </providers>
        </membership>
        ...
    </system.web>
    ...
</configuration>

So what gives? What am I missing?

+3  A: 

The configuration section is identified by "system.web/membership", not "membership" nor "system.web.membership".

Paul Lalonde
A: 

I know that your issue has already been solved, but for other people getting this error message, it seems that only certain sections of the web.config can be encrypted. I was trying to encrypt the SMTP settings in my web config:

<?xml version="1.0"?>
<configuration>
  <system.net>
    <mailSettings>
      <smtp>
        <network host="myhost" port="25" userName="myusername" password="mypassword" />
      </smtp>
    </mailSettings>
  </system.net>
</configuration>

This worked:

aspnet_regiis.exe -pef "system.net/mailSettings/smtp" "path_to_site" -prov "DataProtectionConfigurationProvider"

but these didn't:

aspnet_regiis.exe -pef "system.net/mailSettings" "path_to_site" -prov "DataProtectionConfigurationProvider"

aspnet_regiis.exe -pef "system.net" "path_to_site" -prov "DataProtectionConfigurationProvider"
Ben Mills