How to configure Windows Authentication / Impersonation + IIS 7 + MVC

Question

I have a Windows 2008 server running IIS 7 and I'm trying to configure Windows Authentication and ASP.NET Impersonation, specifically for an intranet site which uses MVC. When a user hits the site from IE they are automatically logged to our site using the captured Windows username.

I have everything working in IIS 6 with:

• Anonymous access off

• Integrated Windows Authentication on, and:

  <identity impersonate="true"/> in the web.config.
  

In IIS 7, I can't seem to get it working, even in classic mode.

Under Authentication for the site in IIS 7, I have Windows Authentication and ASP.NET Impersonation enabled, everything else disabled. When I hit the site locally, it works. From a remote machine (on the same domain, using IE, loading it as an intranet site using the machine name i.e. http://servername/site/) I get challenged for my Windows credentials. Even if I enter in valid Windows credentials it fails, and clicking cancel gives me a HTTP Error 401, "The requested resource requires user authentication".

Turning ASP.NET Impersonation does not help anything. Any suggestions?

Answer 1

The problem turned out to be that the server had lost connection with the domain. I tried to remote desktop into the machine using my domain user account instead of a local admin, and I got the error:

The trust relationship between this workstation and the primary domain failed.

I remove the machine from the domain and re-added it, and after that both Windows Authentication and ASP.NET Impersonation work correctly.