WSS 3.0 Forms Authentification for RoleManager

Question

I'm trying to set up Forms Authentification with LDAP in SharePoint 2007 (WSS 3.0). I made it to the point where I can see users with prefix ad:<username> but I'm having trouble to get roleManager and adgroup: prefix to work. Most likely the provider type is wrong. Can anyone suggest right way to do it?

<connectionStrings>
    <add name="ADConnectionString" connectionString="LDAP://domain:389/DC=domain,DC=local" />
  </connectionStrings>
  <!--******-->
  <system.web>
    <!--AD FBA-->
    <membership defaultProvider="AD">
      <providers>
        <clear />
        <add name="AD" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADConnectionString" connectionUsername="domain\testgp" connectionPassword="SomePass" attributeMapUsername="SAMAccountName" enableSearchMethods="true" />
      </providers>
    </membership>
    <roleManager defaultProvider="ADGroup">
      <providers>
        <clear />
        <add name="ADGroup" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADConnectionString" connectionUsername="domain\testgp" connectionPassword="SomePass" attributeMapUsername="SAMAccountName" enableSearchMethods="true" />
      </providers>
    </roleManager>

Answer 1

As per this article, Microsoft doesn’t provide an AD role provider similar to membership provider.

If you want to pull back group membership, you’ll have to either buy a 3rd party provider, grab an open source one, or build your own. The free (open source one) can be found at CodeProject. It needs some basic fixes but we were able to get it working.