Re: windows authentication
From: Harry Poulter (hpoulter_at_cox.net)
Date: Wed, 31 Dec 2003 07:25:48 -0500
I hada similar problem using "User.isInRole" until I used "BUILTIN" as the
domain for local groups, as in "BUILTIN\Group Name". Doesn't seem logical,
since these groups aren't "built in" but are local groups I created, but it
works. Using MACHINENAME did not.
"wh" <email@example.com> wrote in message
> I'm having problems setting up a web application up to only allow access
> users in a specific Windows group:
> <authentication mode="Windows"/>
> <deny users="?"/>
> <allow roles="GroupToAllow"/>
> <deny users="*"/>
> where "GroupToAllow" is the Windows 2000 group containing all users that
> able to access the application.
> It appears that I need to specify a domain name as well though no domain
> exists as it's on a standalone server. I've tried the following
> <allow roles="MACHINENAME\GroupToAllow"/>
> but still the same problem.
> Is there a solution? If not then I think I can get away checking whether
> user belongs to a Windows 2000 group at runtime in the page_load event
> handler though don't know whether this is possible in .NET. Any ideas
> I can start looking?