Integrated Windows Authentication

T

thomson

Hi All,
If i log into my windows machine, Iam already
authenticated against the AD, Inorder to identify the Groups, Do i need
to check the Active Directory once again, or Windows Principal.IsInrole
is sufficient.


All the developers are using logon to a particular domain and doing
the work, IF i access one of my developers machine [IIS webserver ],
through my machine , which credentials it take ,will it take mine or
his credentials?

Thnaks in Advance

Thomson
 
N

Norman Yuan

How do you access the IIS on the other machine? Assume the "access" means a
web/ASP.NET application running on that computer. In this case, it depends
on how the IIS the the web application is configured. As you may know, the
user account running an ASP.NET could be MachineName\ASPNET,
MachineName\Network Service, or any user account on that computer or in a
network domain if impersonation is enabled.
 
T

thomson

Hi,
i have enabled Integrated Windows Authentication,disabled
Anonymous and in Identity Impersonate is true,

Any thoughts for this


" If i log into my windows machine, Iam already
authenticated against the AD, Inorder to identify the Groups, Do i
need
to check the Active Directory once again, or Windows
Principal.IsInrole
is sufficient."

Thanks in Advance

Thomson



Norman said:
How do you access the IIS on the other machine? Assume the "access" means a
web/ASP.NET application running on that computer. In this case, it depends
on how the IIS the the web application is configured. As you may know, the
user account running an ASP.NET could be MachineName\ASPNET,
MachineName\Network Service, or any user account on that computer or in a
network domain if impersonation is enabled.

thomson said:
Hi All,
If i log into my windows machine, Iam already
authenticated against the AD, Inorder to identify the Groups, Do i need
to check the Active Directory once again, or Windows Principal.IsInrole
is sufficient.


All the developers are using logon to a particular domain and doing
the work, IF i access one of my developers machine [IIS webserver ],
through my machine , which credentials it take ,will it take mine or
his credentials?

Thnaks in Advance

Thomson
Click to expand...
Click to expand...
 
N

Norman Yuan

OK, Assume you want to access a ASP.NET app on the other developer's
computer. Based on how you have configured that ASP.NET app:

1. IIS: anonymous access is unchecked and Windows integrated authentication
is checked.

So, yes, your access to that APS.NET app on the developer's computer is
automatically authenticated as long as you log on to your computer. meaning
the ASP.NET on that computer knows that you are who you should be, since you
are a logged on domain user.

2. Since you enabled "impersonation", now that ASP.NET will run, using your
identity when you send request to it. So, you do not need to check who the
user is.

Tip: you could verify which user account is actually used for a ASP.NET,
like this (add a lable to a blank page in a ASP.NET app):

private void Page_Load(....)
{
Label1.Text=this.Context.User.Identity.Name + " is the running user
account for this ASP.NET app!";

''Or
''Label1.Text=Page.User.Identity.Name + " is the running user account
for this ASP.NET app!";
}






thomson said:
Hi,
i have enabled Integrated Windows Authentication,disabled
Anonymous and in Identity Impersonate is true,

Any thoughts for this


" If i log into my windows machine, Iam already
authenticated against the AD, Inorder to identify the Groups, Do i
need
to check the Active Directory once again, or Windows
Principal.IsInrole
is sufficient."

Thanks in Advance

Thomson



Norman said:
How do you access the IIS on the other machine? Assume the "access" means
a
web/ASP.NET application running on that computer. In this case, it
depends
on how the IIS the the web application is configured. As you may know,
the
user account running an ASP.NET could be MachineName\ASPNET,
MachineName\Network Service, or any user account on that computer or in a
network domain if impersonation is enabled.

thomson said:
Hi All,
If i log into my windows machine, Iam already
authenticated against the AD, Inorder to identify the Groups, Do i need
to check the Active Directory once again, or Windows Principal.IsInrole
is sufficient.


All the developers are using logon to a particular domain and doing
the work, IF i access one of my developers machine [IIS webserver ],
through my machine , which credentials it take ,will it take mine or
his credentials?

Thnaks in Advance

Thomson
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Integrated Windows Authentication ? 0
ASP.NET Integrated Windows Authentication 2
Intranet and Integrated Windows Authentication 4
Integrated Windows Authentication not working 1
Prob: Connecting to MSSQL using windows authentication 7
Integrated Authentication 1
IIS 7.0 and Windows Integrated Authentication? 1
using integrated windows authentication across 2 domains 0

Members online

Total: 20 (members: 1, guests: 19)
Robots: 343

Forum statistics

Threads
473,769
Messages
2,569,582
Members
45,071
Latest member
MetabolicSolutionsKeto

Latest Threads

Top