ADS IIS Integration

[Travis A. Clark]

Okay, maybe I'm just not seeing things correctly.
I have an asp.net web application (framework 1.1) that only five
people in the ProjectManager AD Group are supposed to see.
I have the following issues:

Even though I have:
<authentication mode="Windows" />
<authorization>

<allow users="DOMAIN\ProjectManager" />
<deny users="*"/>
</authorization>
in my web.config, and I believe the correct IIS settings (Windows
2000, IIS 5.0, anonymous off, Basic and Windows on)

Anyone in the domain may login and see it. What am I missing?

Secondly, anyone know where a good tutorial is on logging in
automatically. In other words, I want to check their AD credentials
automatically, and if they are in the ProjectManager group, go ahead
and redirect. Else prompt for the logon.

Thanks for the time.

Travis A. Clark

 

[Joe Kaplan \(MVP - ADSI\)]

This should work. The first thing I would check is whether the users who
shouldn't be allowed access are in the role or not. You can do
Context.User.IsInRole("DOMAIN\ProjectManager") to determine that.

If that fails as expected, but users are still being granted access, then it
might be that the UrlAuthorizationModule has been removed from the list of
HttpModules.

HTH,

Joe K.

 

[Patrick.O.Ige]

Travis..
Your Solution is for sure solvable...
I have used forms Auth and Windows Auth(validating against Active Directory)
for
this before...
Try looking at this artcilse at:-
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q316748
for forms Auth?
Hope it helps..
Patrick