So, I have the following in the web.config
<authentication mode="Windows"/>
<authorization>
<allow users="domain\johndoe" />
<!--Deny All Others-->
<deny users="*" />
</authorization>
But, what I want to do, is only allow users in a specific GAL group on our AD server and that doesn't seem to work with these settings.
Is there an authentication mode that will? Everything I find referencing AD wants to use forms! Which I do not want.
Try this
<authorization>
<allow users="*" roles="domain/group" />
<deny users="*" />
</authorization>
I don't think you can do it a simply as settings within the Authorization tag. Check out the Acitve Directory membership provider - perhaps that is what you want...
How To: Use Forms Authentication with Active Directory in Multiple Domains in ASP.NET 2.0
我认为您的组需要是安全组,而不是通讯组(至少,这是我现在遇到的问题)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.