ASP.NET MVC - Authenticate users against Active Directory, but require username and password to be inputted

Solution 1:

You can use the standard Internet application template with forms authentication and insert an ActiveDirectoryMembershipProvider into the web.config:

<connectionStrings>
    <add name="ADConnectionString" connectionString="LDAP://YOUR_AD_CONN_STRING" />
</connectionStrings>

<system.web>
    <authentication mode="Forms">
        <forms name=".ADAuthCookie" loginUrl="~/Account/LogOn"
               timeout="15" slidingExpiration="false" protection="All" />
    </authentication>
    <membership defaultProvider="MY_ADMembershipProvider">
        <providers>
            <clear />
            <add name="MY_ADMembershipProvider" 
                 type="System.Web.Security.ActiveDirectoryMembershipProvider" 
                 connectionStringName="ADConnectionString"
                 attributeMapUsername="sAMAccountName" />
        </providers>
    </membership>
</system.web>

In this way you get the Internet application template login form, and it validates against AD for you.

Then it's just a matter of some AccountController cleanup to remove reset password/change password/register functionality leaving just Login.

Solution 2:

As mentioned above, you can use the membership provider defined in the web.config file.

The code below is within the implementation of the 'AccountController' from the MVC 3 Template code and has been slightly modified to work with ActiveDirectory:

 [HttpPost]
    public ActionResult LogOn( LogOnModel model, string returnUrl )
    {
      if( ModelState.IsValid )
      {
        // Note: ValidateUser() performs the auth check against ActiveDirectory
        // but make sure to not include the Domain Name in the User Name
        // and make sure you don't have the option set to use Email Usernames.
        if( MembershipService.ValidateUser( model.UserName, model.Password ) )
        {
            // Replace next line with logic to create FormsAuthenticationTicket
            // to encrypt and return in an Http Auth Cookie or Session Cookie
            // depending on the 'Remember Me' option.
            //FormsService.SignIn( model.UserName, model.RememberMe );

            // Fix this to also check for other combinations/possibilities
            if (!String.IsNullOrEmpty(returnUrl))
            {
                return Redirect(returnUrl);
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }
        }
        else
        {
            ModelState.AddModelError("", "The user name or password provided is incorrect.");
        }
    }

If using .NET 3.5 -- then read this article for the alternative: