ASP.NET Authenication Question

[Craig]

Hi

I have an intranet app which resides on a web server that is not in a
domain; but in a workgroup. The users of this web app all log into the
domain.

I want to be able to find out who the 'domain user' is when they browser to
my web app on the server, how does one do this? what are the IIS settings?
Currently I have IIS set to intergrate windows authenication -which pops up
the message box for the user credentials. this obvously fails when the user
is not a 'named' user on the web server.

Craig

 

[Andrea D'Onofrio [MSFT]]

I think that the only way to do this is to replicate the domain users as
local users for the web server.
This because:
- If you set the anonymous authentication in you loose the users identity
- If you use "windows integrated" or basic the web server can't contact the
DC for the authentication, then IIS throw a 404 error
- If you use a custom login form you can impersonate in code the credential
provided by the user (LogonAsUser api), but the web server can't contact the
DC, then authentication failed

The last two ways functions properly only if web server has the domain users
as local users, but this is a very expensive solution (ie. password
syncronization problem...). The best (fast, simple, ..) way to do this is to
have the web server in the domain.

HtH,
Andrea