Get NT User ID in ASP.NET RRS feed

  • Question




     I have to get the USERID(System.Security.Principal.WindowsIdentity.GetCurrent()) in ASP.NET. I need to pass this to another Web Service.


             If I disable Anonymous and Enable Windows Authentication then I am getting USERID but it expects my UserID should be added in the Windows Permission. In my production environment they won't allow everyone to add Read and Execute permission.


     Is there any way to
     1. get User ID without adding my User ID in the server
     2. just by changing web.config

    Thanks a lot


    Friday, October 19, 2007 3:50 PM


All replies

  • Try the code sample in the Microsoft support article if that is not good enough then your only other option is to use the USERID from membership database, I am assuming you know the aspnet_regsql utility in your C drive.  Hope this helps.



    Friday, October 19, 2007 6:17 PM
  • Thanks a lot


    I tried the samething like

     In Web.Config
      <authentication mode="Windows" />
             <allow users="*" />

     <identity impersonate="true" userName="AdminID" password="AdminPasswd" />


     In IIS

              Disable Anonymous

              Enable Windows authentication


     I accessed website using
     LoginA(Has Read/Execute access in server) - System.Web.HttpContext.Current.User.Identity.Name - returning  LoginA  that is Correct


     LoginB(Has no access in server) - returning 401.3: You do not have permission to view this directory or page using the credentials you supplied (access denied due to ACLs). Ask the Web server's administrator to give you access to 'D:\inetpub\wwwroot\test\a.aspx.


     My question is If I impersonate. IIS should access/execute the files using my AdminID why its  accessing using LoginB



    a.aspx code






    Friday, October 19, 2007 8:42 PM

  • <authorization>

      <allow users="*" />


    You need to add your users in that section I have covered it in the thread below don't come back to me without reading the article in print and if that does not meet your needs your only other option is to use membership.



    Friday, October 19, 2007 8:56 PM
  • Hi ssk1,

    Next time, if you got an question, recommend posting the question on the forum, there ASP.NET experts can give you satisfying answers.


    Monday, October 22, 2007 3:45 AM
  • Please advise.


    My C# system uses windows authentication. The users belong to diff groups.


    One of them is killing the sql server with a query. We are sure it's a report request and the intend is to overload the application. Logic says that it can only be one of the users within the group.


    How do I get the userid (one used to logon to the network) or the pc ip address that is accessing the web system without making changes to the code behind (recompiling the source code)? Is there a java or some IIS method that I can use?


    Maybe even a monitoring tool ?




    Tuesday, January 15, 2008 12:20 PM