Can´t get AD groups to authenticate via web.config

J

John Boghossian

We are trying to limit access for an intranet application to certain people
based on AD groups they belong to.

When we add a key to <allow roles="domain\group" /> it doesn´t work but it
works with explicit users as <allow user="domain\loginid" />

Extract from our web.config
<identity impersonate="true" />
<authentication mode="Windows" />
<authorization>
<allow users="domain\user" roles="domain\group" />
<deny users="*" />
</authorization>

Anyone that knows what could be wrong?

Regards
John Boghossian
 
M

MSFT

Hi John,

In web.config, The machine name or domain name AND the group name are case
sensitive. The group name MUST match case EXACTLY as it is in Windows. You
may double check if it is the problem.

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

validaing security using AD groups... in web.config 2
Windows Authentication - not seeing Groups 4
How do I Authencate and Authorize Users Using AD and SQL App Role 1
ADSI - Able to authenticate but unable to get memberOf information 7
form authentication with AD 1
Nested Groups from AD for Authorization 0
ASP.NET 2.0 WindowsTokenRoleProvider Local Groups Broken 5
location path not functioning within web.config -- no images/css 0

Members online

Total: 52 (members: 2, guests: 50)
Robots: 456

Forum statistics

Threads
473,769
Messages
2,569,580
Members
45,054
Latest member
TrimKetoBoost

Latest Threads

Top