Re: windows authentication
From: Harry Poulter (hpoulter_at_cox.net)
Date: 12/31/03
- Next message: Dennis Storm: "isInrole"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 31 Dec 2003 07:25:48 -0500
I hada similar problem using "User.isInRole" until I used "BUILTIN" as the
domain for local groups, as in "BUILTIN\Group Name". Doesn't seem logical,
since these groups aren't "built in" but are local groups I created, but it
works. Using MACHINENAME did not.
Harry Poulter
"wh" <wayne@nospam.pyesmeadow.com> wrote in message
news:br9m10$57v$1@news.freedom2surf.net...
> I'm having problems setting up a web application up to only allow access
to
> users in a specific Windows group:
>
> <authentication mode="Windows"/>
> <authorization>
> <deny users="?"/>
> <allow roles="GroupToAllow"/>
> <deny users="*"/>
> </authorization>
>
> where "GroupToAllow" is the Windows 2000 group containing all users that
are
> able to access the application.
>
> It appears that I need to specify a domain name as well though no domain
> exists as it's on a standalone server. I've tried the following
>
> <allow roles="MACHINENAME\GroupToAllow"/>
>
> but still the same problem.
>
> Is there a solution? If not then I think I can get away checking whether
the
> user belongs to a Windows 2000 group at runtime in the page_load event
> handler though don't know whether this is possible in .NET. Any ideas
where
> I can start looking?
>
> Wayne.
>
>
- Next message: Dennis Storm: "isInrole"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
