Re: Windows authentication and availability

From: Paul Clement (UseAdddressAtEndofMessage_at_swspectrum.com)
Date: 10/14/04 

Date: Thu, 14 Oct 2004 14:21:34 -0500

On Tue, 12 Oct 2004 14:25:02 -0700, "howard@nospam.nospam"
<howardnospamnospam@discussions.microsoft.com> wrote:

¤ We are currently deploying an ASP.Net intranet application to our WAN. The
¤ application uses integrated Windows authentication. At present, each time
¤ there is a post-back, our code gets the user’s credentials and queries to see
¤ whether the user is a member of certain Active Directory groups.
¤
¤ In order to improve availability in various disaster scenarios, we deploy
¤ the application to a separate server at each of our 25 physical locations
¤ around the country. There is also a separate domain controller at each
¤ location. The idea is that even if the WAN fails, our application can still
¤ run, provided that the local network is still up.
¤
¤ I have two questions regarding availability in various disaster recovery
¤ scenarios.
¤
¤ 1. If the local domain controller fails, will post-backs fail because of our
¤ use of integrated Windows authentication?
¤

Not if you have a backup domain controller by which authentication can occur with respect to
resource access.

¤ 2. Each time we query the user’s credentials, are round-trips to the domain
¤ controller involved, or do the credentials get cached somewhere? We would be
¤ willing to assume that the user's credentials don't change during a single
¤ ASP.Net session.

Credentials (user ID and password) are cached at the browser level on the client.

Paul ~~~ pclement@ameritech.net
Microsoft MVP (Visual Basic)

Relevant Pages

  • Windows authentication and availability
    ... We are currently deploying an ASP.Net intranet application to our WAN. ... application uses integrated Windows authentication. ... there is a post-back, our code gets the user’s credentials and queries to see ... Each time we query the user’s credentials, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Forcing authentication with a specific DC
    ... >authentication, as in, enter your network user name and ... >site A for the proper credentials. ... >>specific domain controller, that domain controller ... >>controller that holds the PDC emulator role. ...
    (microsoft.public.win2000.security)
  • Forcing authentication with a specific DC
    ... Firewall authentication at site A is required for internet ... Firewall uses domain credentials for ... >specific domain controller, that domain controller ...
    (microsoft.public.win2000.security)
  • Resource Access between domains
    ... All the permissions are correct for the user in domain A. ... credentials and it says "The user name you typed is the same as the user name ... controller cannot be found to verify that user name." ... contact a domain controller in its own domain to verify that user name and ...
    (microsoft.public.windows.server.active_directory)
  • Re: How to Clear the Integrated Windows authentication credential in .
    ... >We have got an application which is using Integrated Windows authentication ... Our customer now is asking for a ... >it should clear the User credentials so that even if the User enters the site ... >the session expires, only authorized users should be allowed to login". ...
    (microsoft.public.dotnet.framework.aspnet.security)