stackoom
  简体   繁体   中英

How to tell ASP.NET application what Active Directory to use?

 原文  2013-12-05 04:08:55       asp.net/ asp.net-mvc/ iis/ active-directory/ windows-authentication

Question

IIS Configuration: 

Anonymous Authentication    Enabled
ASP.NET Impersonation       Enabled
Windows Authentication      Enabled
*the rest is disabled

Web.Config: 

<add name="ADConn" connectionString="LDAP://192.168.0.21" />
.
.
.
<authentication mode="Windows" />

<authorization>
  <allow users="*"/>
  <deny users="?" />
</authorization>

<roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider"/>
<identity impersonate="true"/>

<membership defaultProvider="ADMembership">
  <providers>
    <add name="ADMembership"
         type="System.Web.Security.ActiveDirectoryMembershipProvider"
         connectionStringName="ADConn"
         connectionUsername="dominic"
         attributeMapUsername="sAMAccountName"
         connectionPassword="p@ssw0rd" />
  </providers>
</membership>

And in my web application: 

[Authorize]
public class HomeController : Controller
{

I'm trying to convert my application from Form to Windows Authentication. With this configuration, the page prompts me with login dialog. When I use my AD account, I can't login, but when I use my local account, I can visit the page. Why? How would I tell my application to use a specific AD? Is my configuration correct?

Important notes:

  • My IIS and AD are on different machines and they are not on the same domain.
  • My IIS and client is on the same machine.
  • My application works with Form Authentication using AD.
  • IIS version: 6.1
  • MVC version: 4
  • AD OS: Windows 2008
  • Client and IIS OS: Windows 7

1 answers

solution1
 1  2013-12-05 05:52:47

Here is what I think is happening When you try to open the application, the browser will send your current AD credentials (if IE is configured to do this automatically) Since you are using asp.net impersonation, If the AD account doesn't have access to the application folder it will try to use the anonymous user account instead which also doesn't have access. You might need to add security access to application folder for the anonymous user defined in IIS otherwise remove the anonymous access from IIS you can check the following link for the setting permission guidelines Guidelines for Resolving IIS Permissions Problems

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to use active Directory for ASP.Net 5 (MVC6) Intranet application How to use ASP.NET Membership with Active Directory for a company How to use ASP.NET authentication with active directory? How to Use Active Directory Authentication with ASP.NET Web API? Active Directory in ASP.NET Web Forms Application Connecting to Azure Active Directory from ASP.NET application Use standard Active Directory in ASP.NET Core app? How do I authenticate against an Active Directory group in ASP.NET Core application without log in? How to restrict access to a folder to a specific active directory group in an Asp.Net WebForms application? How to filter a specific group in Active Directory from asp.net c# application
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM