The trust relationship between this workstation and the primary domain failed

Discussion in 'ASP .Net Security' started by Namshub, Jun 28, 2006.

  1. Namshub

    Namshub Guest

    Hi, I'm using Visual Studio 2005 and I'm currently working at home, this
    line of code works perfectly well online
    If Not (HttpContext.Current.User.IsInRole(SecurityGroup)) Then

    But when run disconnected from the network I get the error below. Is this
    correct? Is there a different line to determine if i'm in a group which uses
    cached credentials????

    Regards

    Ric


    System.SystemException was unhandled by user code
    Message="The trust relationship between this workstation and the primary
    domain failed.
    "
    Source="mscorlib"
    StackTrace:
    at
    System.Security.Principal.NTAccount.TranslateToSids(IdentityReferenceCollection
    sourceAccounts, Boolean& someFailed)
    at
    System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection
    sourceAccounts, Type targetType, Boolean& someFailed)
    at
    System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection
    sourceAccounts, Type targetType, Boolean forceSuccess)
    at System.Security.Principal.WindowsPrincipal.IsInRole(String role)
    at DieteticViewer.Global.Application_AuthenticateRequest(Object
    sender, EventArgs e) in
    c:\inetpub\wwwroot\DieteticViewer\App_Code\Global.asax.vb:line 55
    at
    System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
    at System.Web.HttpApplication.ExecuteStep(IExecutionStep step,
    Boolean& completedSynchronously)
     
    Namshub, Jun 28, 2006
    #1
    1. Advertisements

  2. This is probably because the LSA doesn't have the group name cached, so when
    it goes to look it up, it has to ask the domain controller and can't since
    you aren't online. I don't think you have much of an option if you are
    using Windows authentication though.

    You might consider switching to forms authentication for testing purposes
    and then use Windows auth for staging and production. I do that frequently.
    You can make forms auth do whatever you want, so it is pretty flexible.

    Joe K.
     
    Joe Kaplan \(MVP - ADSI\), Jun 28, 2006
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.