Other than BuiltIn groups for Windows Authentication

Discussion in 'ASP .Net Security' started by Joey Lee, Sep 15, 2005.

  1. Joey Lee

    Joey Lee Guest

    Hi,

    I am using windows authentication on my ASP.Net application. With the
    WindowsPrincipal I can authenticate myself against groups such as

    BUILTIN\Users

    I am assuming that this group is supplied by the active directory when i log
    into the domain using my pc.

    The problem now is I have added another custom group - Gamers. I tried
    authentication using IsInRole("Gamers") but this give me false. How do I do
    it with Windows Authentication for this new group?

    I have another way of doing this but that is using ldap authentication, but
    I am trying to understand and make the Windows Authentication work. Please
    help. Thanks

    Joey
     
    Joey Lee, Sep 15, 2005
    #1
    1. Advertising

  2. Hello Joey,

    WindowsPrincipal.IsInRole expects fully qualified group names - these are
    AUTHORITY\GROUP

    e.g. DOMAIN\Gamers for domain accounts

    or MyMachine\Gamers for local accounts


    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Hi,
    >
    > I am using windows authentication on my ASP.Net application. With the
    > WindowsPrincipal I can authenticate myself against groups such as
    >
    > BUILTIN\Users
    >
    > I am assuming that this group is supplied by the active directory when
    > i log into the domain using my pc.
    >
    > The problem now is I have added another custom group - Gamers. I tried
    > authentication using IsInRole("Gamers") but this give me false. How do
    > I do it with Windows Authentication for this new group?
    >
    > I have another way of doing this but that is using ldap
    > authentication, but I am trying to understand and make the Windows
    > Authentication work. Please help. Thanks
    >
    > Joey
    >
     
    Dominick Baier [DevelopMentor], Sep 15, 2005
    #2
    1. Advertising

  3. Joey Lee

    Joey Lee Guest

    Hi,

    I tried <domain>\Gamers but it does not work

    Here is my code

    Class File
    ---------------------------------------------------------------
    AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
    WindowsPrincipal prin = (WindowsPrincipal)Thread.CurrentPrincipal;
    WindowsIdentity identity = (WindowsIdentity)prin.Identity;

    ----------------------------------------------------------------

    Web config
    -------------------------------------------------------------
    <authentication mode="Windows">
    </authentication>
    <identity impersonate="true"/>
    -------------------------------------------------------------

    When I try to get the role thru this code below which i found on the web

    Code--------------------------------------------------------------------------
    public static string GetUserRoles(WindowsPrincipal winPrincipal)
    {
    string userRoles = "";
    WindowsIdentity identity = winPrincipal.Identity as WindowsIdentity;

    if (identity != null)
    {
    Type t = identity.GetType();
    string[] roles = (string[]) t.InvokeMember("GetRoles",
    BindingFlags.Instance | BindingFlags.NonPublic |
    BindingFlags.InvokeMethod,null,identity,null);

    if (roles != null)
    {
    foreach (string role in roles)
    {
    if(userRoles != "")
    {
    userRoles += ",";
    }
    userRoles += role;
    }
    }
    }
    return userRoles;
    }
    -----------------------------------------------------------------

    I got the results as following

    <domainname>\Domain Users,Everyone,BUILTIN\Administrators,BUILTIN\Users,NT
    AUTHORITY\INTERACTIVE,NT AUTHORITY\Authenticated Users,,LOCAL,

    It does not have <domainname\Gamers>

    However by using LDAP i am able to get CN=Gamers

    Did I configure something wrong?.Thanks

    Joey


    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hello Joey,
    >
    > WindowsPrincipal.IsInRole expects fully qualified group names - these are
    > AUTHORITY\GROUP
    >
    > e.g. DOMAIN\Gamers for domain accounts
    >
    > or MyMachine\Gamers for local accounts
    >
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    >> Hi,
    >>
    >> I am using windows authentication on my ASP.Net application. With the
    >> WindowsPrincipal I can authenticate myself against groups such as
    >>
    >> BUILTIN\Users
    >>
    >> I am assuming that this group is supplied by the active directory when
    >> i log into the domain using my pc.
    >>
    >> The problem now is I have added another custom group - Gamers. I tried
    >> authentication using IsInRole("Gamers") but this give me false. How do
    >> I do it with Windows Authentication for this new group?
    >>
    >> I have another way of doing this but that is using ldap
    >> authentication, but I am trying to understand and make the Windows
    >> Authentication work. Please help. Thanks
    >>
    >> Joey
    >>

    >
    >
     
    Joey Lee, Sep 15, 2005
    #3
  4. Hello Joey,

    does you worker process run under a domain account, is your web server joined
    to a domain ?? (which OS)

    it seems you are authenticating with a local user account, could that be??

    you don't need PrincipalPolicy - don't use that under ASP.NET - it is only
    for desktop apps.

    simply calling Context.User will give you the WindowsPrincipal of the client.
    (or in class files HttpContext.Current.User)

    be aware that this "hack" to get all groups of a user will not work when
    updating to 2.0

    another test is call whoami /groups from the command line to see which groups
    the account is member of...

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Hi,
    >
    > I tried <domain>\Gamers but it does not work
    >
    > Here is my code
    >
    > Class File
    > ---------------------------------------------------------------
    > AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrin
    > cipal);
    > WindowsPrincipal prin = (WindowsPrincipal)Thread.CurrentPrincipal;
    > WindowsIdentity identity = (WindowsIdentity)prin.Identity;
    > ----------------------------------------------------------------
    >
    > Web config
    > -------------------------------------------------------------
    > <authentication mode="Windows">
    > </authentication>
    > <identity impersonate="true"/>
    > -------------------------------------------------------------
    > When I try to get the role thru this code below which i found on the
    > web
    >
    > Code------------------------------------------------------------------
    > --------
    > public static string GetUserRoles(WindowsPrincipal winPrincipal)
    > {
    > string userRoles = "";
    > WindowsIdentity identity = winPrincipal.Identity as WindowsIdentity;
    > if (identity != null)
    > {
    > Type t = identity.GetType();
    > string[] roles = (string[]) t.InvokeMember("GetRoles",
    > BindingFlags.Instance | BindingFlags.NonPublic |
    > BindingFlags.InvokeMethod,null,identity,null);
    >
    > if (roles != null)
    > {
    > foreach (string role in roles)
    > {
    > if(userRoles != "")
    > {
    > userRoles += ",";
    > }
    > userRoles += role;
    > }
    > }
    > }
    > return userRoles;
    > }
    > -----------------------------------------------------------------
    >
    > I got the results as following
    >
    > <domainname>\Domain
    > Users,Everyone,BUILTIN\Administrators,BUILTIN\Users,NT
    > AUTHORITY\INTERACTIVE,NT AUTHORITY\Authenticated Users,,LOCAL,
    >
    > It does not have <domainname\Gamers>
    >
    > However by using LDAP i am able to get CN=Gamers
    >
    > Did I configure something wrong?.Thanks
    >
    > Joey
    >
    > "Dominick Baier [DevelopMentor]"
    > <> wrote in message
    > news:...
    >
    >> Hello Joey,
    >>
    >> WindowsPrincipal.IsInRole expects fully qualified group names - these
    >> are AUTHORITY\GROUP
    >>
    >> e.g. DOMAIN\Gamers for domain accounts
    >>
    >> or MyMachine\Gamers for local accounts
    >>
    >> ---------------------------------------
    >> Dominick Baier - DevelopMentor
    >> http://www.leastprivilege.com
    >>> Hi,
    >>>
    >>> I am using windows authentication on my ASP.Net application. With
    >>> the WindowsPrincipal I can authenticate myself against groups such
    >>> as
    >>>
    >>> BUILTIN\Users
    >>>
    >>> I am assuming that this group is supplied by the active directory
    >>> when i log into the domain using my pc.
    >>>
    >>> The problem now is I have added another custom group - Gamers. I
    >>> tried authentication using IsInRole("Gamers") but this give me
    >>> false. How do I do it with Windows Authentication for this new
    >>> group?
    >>>
    >>> I have another way of doing this but that is using ldap
    >>> authentication, but I am trying to understand and make the Windows
    >>> Authentication work. Please help. Thanks
    >>>
    >>> Joey
    >>>
     
    Dominick Baier [DevelopMentor], Sep 15, 2005
    #4
  5. Joey Lee

    Joey Lee Guest

    Hi,

    > does you worker process run under a domain account, is your web server
    > joined to a domain ?? (which OS)


    I am running my web server on my local pc(WinXP) which is log into the
    domain.
    The aspnet wp is running on ASPNET acc on my pc

    >
    > it seems you are authenticating with a local user account, could that be??


    the user that i am using is <domainname>\joey - looking it up at the control
    panel user account this user is under the domain and not my pcname like the
    default administrator acc.

    > you don't need PrincipalPolicy - don't use that under ASP.NET - it is only
    > for desktop apps.
    >
    > simply calling Context.User will give you the WindowsPrincipal of the
    > client. (or in class files HttpContext.Current.User)


    ic. thanks

    > be aware that this "hack" to get all groups of a user will not work when
    > updating to 2.0
    >
    > another test is call whoami /groups from the command line to see which
    > groups the account is member of...


    ok. but i really need a way to get the groups as my folders have web.config
    with <auth> on roles. to restrict user from accessing it. For normal form
    authentication, this is the way i do it, but user wants the authentication
    base on the windows user and the roles base on the group defined in AD. Is
    there other code to do this instead of making a call to command line.

    Thanks for the fast reply.

    Joey




    >> Hi,
    >>
    >> I tried <domain>\Gamers but it does not work
    >>
    >> Here is my code
    >>
    >> Class File
    >> ---------------------------------------------------------------
    >> AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrin
    >> cipal);
    >> WindowsPrincipal prin = (WindowsPrincipal)Thread.CurrentPrincipal;
    >> WindowsIdentity identity = (WindowsIdentity)prin.Identity;
    >> ----------------------------------------------------------------
    >>
    >> Web config
    >> -------------------------------------------------------------
    >> <authentication mode="Windows">
    >> </authentication>
    >> <identity impersonate="true"/>
    >> -------------------------------------------------------------
    >> When I try to get the role thru this code below which i found on the
    >> web
    >>
    >> Code------------------------------------------------------------------
    >> --------
    >> public static string GetUserRoles(WindowsPrincipal winPrincipal)
    >> {
    >> string userRoles = "";
    >> WindowsIdentity identity = winPrincipal.Identity as WindowsIdentity;
    >> if (identity != null)
    >> {
    >> Type t = identity.GetType();
    >> string[] roles = (string[]) t.InvokeMember("GetRoles",
    >> BindingFlags.Instance | BindingFlags.NonPublic |
    >> BindingFlags.InvokeMethod,null,identity,null);
    >>
    >> if (roles != null)
    >> {
    >> foreach (string role in roles)
    >> {
    >> if(userRoles != "")
    >> {
    >> userRoles += ",";
    >> }
    >> userRoles += role;
    >> }
    >> }
    >> }
    >> return userRoles;
    >> }
    >> -----------------------------------------------------------------
    >>
    >> I got the results as following
    >>
    >> <domainname>\Domain
    >> Users,Everyone,BUILTIN\Administrators,BUILTIN\Users,NT
    >> AUTHORITY\INTERACTIVE,NT AUTHORITY\Authenticated Users,,LOCAL,
    >>
    >> It does not have <domainname\Gamers>
    >>
    >> However by using LDAP i am able to get CN=Gamers
    >>
    >> Did I configure something wrong?.Thanks
    >>
    >> Joey
    >>
    >> "Dominick Baier [DevelopMentor]"
    >> <> wrote in message
    >> news:...
    >>
    >>> Hello Joey,
    >>>
    >>> WindowsPrincipal.IsInRole expects fully qualified group names - these
    >>> are AUTHORITY\GROUP
    >>>
    >>> e.g. DOMAIN\Gamers for domain accounts
    >>>
    >>> or MyMachine\Gamers for local accounts
    >>>
    >>> ---------------------------------------
    >>> Dominick Baier - DevelopMentor
    >>> http://www.leastprivilege.com
    >>>> Hi,
    >>>>
    >>>> I am using windows authentication on my ASP.Net application. With
    >>>> the WindowsPrincipal I can authenticate myself against groups such
    >>>> as
    >>>>
    >>>> BUILTIN\Users
    >>>>
    >>>> I am assuming that this group is supplied by the active directory
    >>>> when i log into the domain using my pc.
    >>>>
    >>>> The problem now is I have added another custom group - Gamers. I
    >>>> tried authentication using IsInRole("Gamers") but this give me
    >>>> false. How do I do it with Windows Authentication for this new
    >>>> group?
    >>>>
    >>>> I have another way of doing this but that is using ldap
    >>>> authentication, but I am trying to understand and make the Windows
    >>>> Authentication work. Please help. Thanks
    >>>>
    >>>> Joey
    >>>>

    >
    >
     
    Joey Lee, Sep 15, 2005
    #5
  6. Hello Joey,

    ok - first - <authorization> elements also work for windows auth. No need
    to do that manually.

    What do you get when you do a simple

    Response.Write(Context.User.Identity.Name) ??

    what groups do you see if you run whoami /groups from the commandline??

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Hi,
    >
    >> does you worker process run under a domain account, is your web
    >> server joined to a domain ?? (which OS)
    >>

    > I am running my web server on my local pc(WinXP) which is log into the
    > domain.
    > The aspnet wp is running on ASPNET acc on my pc
    >> it seems you are authenticating with a local user account, could that
    >> be??
    >>

    > the user that i am using is <domainname>\joey - looking it up at the
    > control panel user account this user is under the domain and not my
    > pcname like the default administrator acc.
    >
    >> you don't need PrincipalPolicy - don't use that under ASP.NET - it is
    >> only for desktop apps.
    >>
    >> simply calling Context.User will give you the WindowsPrincipal of the
    >> client. (or in class files HttpContext.Current.User)
    >>

    > ic. thanks
    >
    >> be aware that this "hack" to get all groups of a user will not work
    >> when updating to 2.0
    >>
    >> another test is call whoami /groups from the command line to see
    >> which groups the account is member of...
    >>

    > ok. but i really need a way to get the groups as my folders have
    > web.config with <auth> on roles. to restrict user from accessing it.
    > For normal form authentication, this is the way i do it, but user
    > wants the authentication base on the windows user and the roles base
    > on the group defined in AD. Is there other code to do this instead of
    > making a call to command line.
    >
    > Thanks for the fast reply.
    >
    > Joey
    >
    >>> Hi,
    >>>
    >>> I tried <domain>\Gamers but it does not work
    >>>
    >>> Here is my code
    >>>
    >>> Class File
    >>> ---------------------------------------------------------------
    >>> AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPr
    >>> in
    >>> cipal);
    >>> WindowsPrincipal prin = (WindowsPrincipal)Thread.CurrentPrincipal;
    >>> WindowsIdentity identity = (WindowsIdentity)prin.Identity;
    >>> ----------------------------------------------------------------
    >>> Web config
    >>> -------------------------------------------------------------
    >>> <authentication mode="Windows">
    >>> </authentication>
    >>> <identity impersonate="true"/>
    >>> -------------------------------------------------------------
    >>> When I try to get the role thru this code below which i found on the
    >>> web
    >>> Code----------------------------------------------------------------
    >>> --
    >>> --------
    >>> public static string GetUserRoles(WindowsPrincipal winPrincipal)
    >>> {
    >>> string userRoles = "";
    >>> WindowsIdentity identity = winPrincipal.Identity as WindowsIdentity;
    >>> if (identity != null)
    >>> {
    >>> Type t = identity.GetType();
    >>> string[] roles = (string[]) t.InvokeMember("GetRoles",
    >>> BindingFlags.Instance | BindingFlags.NonPublic |
    >>> BindingFlags.InvokeMethod,null,identity,null);
    >>> if (roles != null)
    >>> {
    >>> foreach (string role in roles)
    >>> {
    >>> if(userRoles != "")
    >>> {
    >>> userRoles += ",";
    >>> }
    >>> userRoles += role;
    >>> }
    >>> }
    >>> }
    >>> return userRoles;
    >>> }
    >>> -----------------------------------------------------------------
    >>> I got the results as following
    >>>
    >>> <domainname>\Domain
    >>> Users,Everyone,BUILTIN\Administrators,BUILTIN\Users,NT
    >>> AUTHORITY\INTERACTIVE,NT AUTHORITY\Authenticated Users,,LOCAL,
    >>>
    >>> It does not have <domainname\Gamers>
    >>>
    >>> However by using LDAP i am able to get CN=Gamers
    >>>
    >>> Did I configure something wrong?.Thanks
    >>>
    >>> Joey
    >>>
    >>> "Dominick Baier [DevelopMentor]"
    >>> <> wrote in message
    >>> news:...
    >>>
    >>>> Hello Joey,
    >>>>
    >>>> WindowsPrincipal.IsInRole expects fully qualified group names -
    >>>> these are AUTHORITY\GROUP
    >>>>
    >>>> e.g. DOMAIN\Gamers for domain accounts
    >>>>
    >>>> or MyMachine\Gamers for local accounts
    >>>>
    >>>> ---------------------------------------
    >>>> Dominick Baier - DevelopMentor
    >>>> http://www.leastprivilege.com
    >>>>> Hi,
    >>>>>
    >>>>> I am using windows authentication on my ASP.Net application. With
    >>>>> the WindowsPrincipal I can authenticate myself against groups such
    >>>>> as
    >>>>>
    >>>>> BUILTIN\Users
    >>>>>
    >>>>> I am assuming that this group is supplied by the active directory
    >>>>> when i log into the domain using my pc.
    >>>>>
    >>>>> The problem now is I have added another custom group - Gamers. I
    >>>>> tried authentication using IsInRole("Gamers") but this give me
    >>>>> false. How do I do it with Windows Authentication for this new
    >>>>> group?
    >>>>>
    >>>>> I have another way of doing this but that is using ldap
    >>>>> authentication, but I am trying to understand and make the Windows
    >>>>> Authentication work. Please help. Thanks
    >>>>>
    >>>>> Joey
    >>>>>
     
    Dominick Baier [DevelopMentor], Sep 15, 2005
    #6
  7. Joey Lee

    Joey Lee Guest

    Hi,

    I am get <domainname>\joey from the response

    From the whoami, the below

    [Group 1] = "<domainname>\Domain Users"
    [Group 2] = "Everyone"
    [Group 3] = "BUILTIN\Administrators"
    [Group 4] = "BUILTIN\Users"
    [Group 5] = "NT AUTHORITY\INTERACTIVE"
    [Group 6] = "NT AUTHORITY\Authenticated Users"
    [Group 7] = "LOCAL"

    Thanks

    Joey

    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hello Joey,
    >
    > ok - first - <authorization> elements also work for windows auth. No need
    > to do that manually.
    >
    > What do you get when you do a simple
    > Response.Write(Context.User.Identity.Name) ??
    >
    > what groups do you see if you run whoami /groups from the commandline??
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    >> Hi,
    >>
    >>> does you worker process run under a domain account, is your web
    >>> server joined to a domain ?? (which OS)
    >>>

    >> I am running my web server on my local pc(WinXP) which is log into the
    >> domain.
    >> The aspnet wp is running on ASPNET acc on my pc
    >>> it seems you are authenticating with a local user account, could that
    >>> be??
    >>>

    >> the user that i am using is <domainname>\joey - looking it up at the
    >> control panel user account this user is under the domain and not my
    >> pcname like the default administrator acc.
    >>
    >>> you don't need PrincipalPolicy - don't use that under ASP.NET - it is
    >>> only for desktop apps.
    >>>
    >>> simply calling Context.User will give you the WindowsPrincipal of the
    >>> client. (or in class files HttpContext.Current.User)
    >>>

    >> ic. thanks
    >>
    >>> be aware that this "hack" to get all groups of a user will not work
    >>> when updating to 2.0
    >>>
    >>> another test is call whoami /groups from the command line to see
    >>> which groups the account is member of...
    >>>

    >> ok. but i really need a way to get the groups as my folders have
    >> web.config with <auth> on roles. to restrict user from accessing it.
    >> For normal form authentication, this is the way i do it, but user
    >> wants the authentication base on the windows user and the roles base
    >> on the group defined in AD. Is there other code to do this instead of
    >> making a call to command line.
    >>
    >> Thanks for the fast reply.
    >>
    >> Joey
    >>
    >>>> Hi,
    >>>>
    >>>> I tried <domain>\Gamers but it does not work
    >>>>
    >>>> Here is my code
    >>>>
    >>>> Class File
    >>>> ---------------------------------------------------------------
    >>>> AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPr
    >>>> in
    >>>> cipal);
    >>>> WindowsPrincipal prin = (WindowsPrincipal)Thread.CurrentPrincipal;
    >>>> WindowsIdentity identity = (WindowsIdentity)prin.Identity;
    >>>> ----------------------------------------------------------------
    >>>> Web config
    >>>> -------------------------------------------------------------
    >>>> <authentication mode="Windows">
    >>>> </authentication>
    >>>> <identity impersonate="true"/>
    >>>> -------------------------------------------------------------
    >>>> When I try to get the role thru this code below which i found on the
    >>>> web
    >>>> Code----------------------------------------------------------------
    >>>> --
    >>>> --------
    >>>> public static string GetUserRoles(WindowsPrincipal winPrincipal)
    >>>> {
    >>>> string userRoles = "";
    >>>> WindowsIdentity identity = winPrincipal.Identity as WindowsIdentity;
    >>>> if (identity != null)
    >>>> {
    >>>> Type t = identity.GetType();
    >>>> string[] roles = (string[]) t.InvokeMember("GetRoles",
    >>>> BindingFlags.Instance | BindingFlags.NonPublic |
    >>>> BindingFlags.InvokeMethod,null,identity,null);
    >>>> if (roles != null)
    >>>> {
    >>>> foreach (string role in roles)
    >>>> {
    >>>> if(userRoles != "")
    >>>> {
    >>>> userRoles += ",";
    >>>> }
    >>>> userRoles += role;
    >>>> }
    >>>> }
    >>>> }
    >>>> return userRoles;
    >>>> }
    >>>> -----------------------------------------------------------------
    >>>> I got the results as following
    >>>>
    >>>> <domainname>\Domain
    >>>> Users,Everyone,BUILTIN\Administrators,BUILTIN\Users,NT
    >>>> AUTHORITY\INTERACTIVE,NT AUTHORITY\Authenticated Users,,LOCAL,
    >>>>
    >>>> It does not have <domainname\Gamers>
    >>>>
    >>>> However by using LDAP i am able to get CN=Gamers
    >>>>
    >>>> Did I configure something wrong?.Thanks
    >>>>
    >>>> Joey
    >>>>
    >>>> "Dominick Baier [DevelopMentor]"
    >>>> <> wrote in message
    >>>> news:...
    >>>>
    >>>>> Hello Joey,
    >>>>>
    >>>>> WindowsPrincipal.IsInRole expects fully qualified group names -
    >>>>> these are AUTHORITY\GROUP
    >>>>>
    >>>>> e.g. DOMAIN\Gamers for domain accounts
    >>>>>
    >>>>> or MyMachine\Gamers for local accounts
    >>>>>
    >>>>> ---------------------------------------
    >>>>> Dominick Baier - DevelopMentor
    >>>>> http://www.leastprivilege.com
    >>>>>> Hi,
    >>>>>>
    >>>>>> I am using windows authentication on my ASP.Net application. With
    >>>>>> the WindowsPrincipal I can authenticate myself against groups such
    >>>>>> as
    >>>>>>
    >>>>>> BUILTIN\Users
    >>>>>>
    >>>>>> I am assuming that this group is supplied by the active directory
    >>>>>> when i log into the domain using my pc.
    >>>>>>
    >>>>>> The problem now is I have added another custom group - Gamers. I
    >>>>>> tried authentication using IsInRole("Gamers") but this give me
    >>>>>> false. How do I do it with Windows Authentication for this new
    >>>>>> group?
    >>>>>>
    >>>>>> I have another way of doing this but that is using ldap
    >>>>>> authentication, but I am trying to understand and make the Windows
    >>>>>> Authentication work. Please help. Thanks
    >>>>>>
    >>>>>> Joey
    >>>>>>

    >
    >
     
    Joey Lee, Sep 15, 2005
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Petra Hübner
    Replies:
    0
    Views:
    459
    Petra Hübner
    Feb 16, 2004
  2. anonymous
    Replies:
    1
    Views:
    4,624
    Francisco Padron
    May 8, 2005
  3. Replies:
    3
    Views:
    369
    Peter Hansen
    Jun 10, 2005
  4. Casey Hawthorne
    Replies:
    2
    Views:
    281
    Peter Hansen
    Aug 5, 2005
  5. bdb112
    Replies:
    2
    Views:
    309
    Chris Torek
    Jul 2, 2011
Loading...

Share This Page