IIS migration from 6-10; - Forms Authorization - LDAP query (Password Incorrect)
I recently migrated a web application from IIS 6 - IIS 10. Because the web application uses DLLs from ASP.NET 1.0 and 2.0, I decided it was best to configure the application pools to use "classic mode". The web application uses "Mix Mode Authentication" (LDAP and ASP.NET Membership stored in SQL Server). For the forms authentication that uses "ASP.NET Membership stored in SQL Server", the authentication works just fine as those users can log in with no problems and can access the site. For the forms authentication that uses "LDAP query", users cannot log in and access the site from the login page. The supported code issues a "Password is Incorrect" status. Keep in mind this is not a coding issue within the web application nor is it a permissions issue for the domain users attempting to log in because while still under "classic mode" I switched the authentication mode to use "Windows Authentication" and domain users who have access to the web application are able to authenticate using the windows authentication prompt before the page loads to the web application login page. The problem is, once the users attempt to log in after authenticating through the windows authentication prompt, the web application says "Password is Incorrect". So this confirms to me that the windows authentication is working fine. I have also attempted to change the Application Pool Identity User to a service account from the normal "IUSR" account and it still doesn't work as if it doesn't have privileges to query LDAP. On the old IIS 6 windows server the configuration is basic as the windows OS is windows server 2003 and IIS Application Pool Identity being used is the "Network Service Account". The windows OS for the IIS 10 server is Windows 2019. How do I get the Application Pool Identity, which is now a domain service account, to have proper permissions to query LDAP so the user's windows domain credentials can be passed from the login page and bring back authenticated true and allow the domain users to have access to web application? I do not have access to AD and will need to communicate with our AD team to get this done. Listen, I understand that after IIS 6, IIS 7.5 and beyond using Forms Authentication (Mixed Mode) is not allowed in "Integrated Mode", please keep in mind that I am using "Classic Mode".