Reputation: 30163
How to tell ASP.NET application what Active Directory to use?
IIS Configuration:
Anonymous Authentication Enabled
ASP.NET Impersonation Enabled
Windows Authentication Enabled
*the rest is disabled
Web.Config:
<add name="ADConn" connectionString="LDAP://192.168.0.21" />
.
.
.
<authentication mode="Windows" />
<authorization>
<allow users="*"/>
<deny users="?" />
</authorization>
<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider"/>
<identity impersonate="true"/>
<membership defaultProvider="ADMembership">
<providers>
<add name="ADMembership"
type="System.Web.Security.ActiveDirectoryMembershipProvider"
connectionStringName="ADConn"
connectionUsername="dominic"
attributeMapUsername="sAMAccountName"
connectionPassword="p@ssw0rd" />
</providers>
</membership>
And in my web application:
[Authorize]
public class HomeController : Controller
{
I'm trying to convert my application from Form to Windows Authentication. With this configuration, the page prompts me with login dialog. When I use my AD account, I can't login, but when I use my local account, I can visit the page. Why? How would I tell my application to use a specific AD? Is my configuration correct?
Important notes:
- My IIS and AD are on different machines and they are not on the same domain.
- My IIS and client is on the same machine.
- My application works with Form Authentication using AD.
- IIS version: 6.1
- MVC version: 4
- AD OS: Windows 2008
- Client and IIS OS: Windows 7
Upvotes: 0
Views: 355
Answers (1)
Reputation: 439
Here is what I think is happening When you try to open the application, the browser will send your current AD credentials (if IE is configured to do this automatically) Since you are using asp.net impersonation, If the AD account doesn't have access to the application folder it will try to use the anonymous user account instead which also doesn't have access. You might need to add security access to application folder for the anonymous user defined in IIS otherwise remove the anonymous access from IIS you can check the following link for the setting permission guidelines Guidelines for Resolving IIS Permissions Problems
Upvotes: 1
Related Questions
- Authentication using active directory in asp.net MVC
- Configure ASP.NET MVC for authentication against AD
- ASP.NET MVC3 Windows Authentication require from Active Directory
- Getting Active Directory Info when using Windows Authentication?
- Accessing Active Directory from ASP.Net MVC using C#
- Implementing windows authentication in MVC using Active Directory (AD)
- ASP.NET MVC intranet app with windows authentication, how to get the current domain user automatically?
- C# Active Directory authentication
- How work with Active Directory in ASP.NET MVC
- Getting the Active Directory username when using Windows Authentication in MVC2