Re: Can groups be entered in the authorization tab?

Yes, they can. The typical problem here is that they are not specified
using the name that Windows uses to do the match, so you don't get a valid

What I typically recommend is writing a little code to dump out the groups
in the user's token so you can see what's in there and see how they are
formatted using the Groups property on WindowsIdentity and the Translate
method on IdentityReferenceCollection.

In some cases, the user may not be in the groups you think they are.

Joe K.

Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
"Randy Galliano" <randy.galliano@xxxxxxxxxxxxxxxx> wrote in message

I put some users in a group in Active Directory who can access an ASP.NET
intra net site internally. When I go to the authorization tab on the
ASP.Net configuration settings, and add the individual users, the users
can get onto the site. When I add the group, of which the users are
members, authentication never works. Can groups be used?