Windows authentication.

[bharath.0523]

Hi

I am using windows authentication for my web application. Some how
i am not able to get what i want from it. I want to authenticate the
users only when they are logged in to the system using there domainname
\username i.e., when they are logged into the domain. If suppose a
user logs in to a machine which is on the domain using machinename
\username he should not be authenticated. As far as i understand
windows authentication authenticates users based on the active
directory. But its authenticating the user who are logged in using
machinename\username. Is there any way that i can achive what i really
want i.e., authenticate only domain users ??. Any help would be highly
appretiated.

Thanks
bharath

 

[Ghostman]

Hi

Generally I set this up as follows:
IIS - Website Properties - Directory Security - Authentication and
Access Control:
Uncheck "Enable Anonymous access"
Make sure Integrated Windows Authentication is checked
File System - Set permissions on the directory to only allow those
accounts that should have access to the directory/files

 

[bruce barker]

check the domain name of the user. if its not one you want, send a 401.

-- bruce (sqlwork.com)