locked
Authentication mode RRS feed

  • Question

  • User-1609827066 posted

    Hi All,

    Please help me since this is very urgent. I am using ASP.NET 2.0 and VB.NET 2005 (not C#).

    I use Windows authentication in web application. and what I have done are :

    1. Change the IIS settings to EDIT "directory security", by checking integrated windows authentication and unchecking Anonymous access.

    2. Change in web.config, Authentication mode = Windows and deny access = "?"

    Identity impersonate = true. It was a "form" authentication mode before, since i want to use AD account as the userID, I take out the FORM and replace with WINDOWS.

    But when I run the application, it still prompt me Windows login screen for me to key in the username and password. It shows the local hostname.

    Regards and many thanks in advance.......

     

     

    Wednesday, March 28, 2007 5:08 AM

Answers

  • User-427396315 posted

    For quick reference please visit here:

    http://blogs.msdn.com/gduthie/archive/2005/08/17/452905.aspx

    http://msdn.microsoft.com/en-us/library/ms998345.aspx

    http://msdn.microsoft.com/en-us/library/ms998358.aspx#paght000025_configuringwindowsauthentication

     

    Hope this helps. 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, March 29, 2007 1:00 AM

All replies

  • User-427396315 posted

    Windows authentication is often used in the intranet environment. If you set impersonate = true without specify the account, aspnet will use your login account, in this case, it is the Network Services account. If this account has no right to your resource, aspnet will prompt you login screen.

    If you are using internet environment, you can use windows authentication, impersonation with specific user (host user):

    <identity impersonate="true" userName="domain\user" password="password" />
    Hope this helps. 

     

    Wednesday, March 28, 2007 6:49 AM
  • User-1609827066 posted

    thanks for your help. I had tried but still encounter the same problem.

    I've added "domain\username" and "password" accordingly. What I had here is intranet environment and I ever added folder access to IUSR_Machine, ASP.NET Machine Account and NETWORK SERVICE, by giving them read and write access. But only NETWORK SERVICE is NOT under local hostname/machine name. The rest are under local machine. Are these settings related to the problem? Do I need to change the local machine to AD? What is actually the right settings? What rights do we need to grant?

    Many thanks again........

    Wednesday, March 28, 2007 11:14 PM
  • User-427396315 posted

    You known, the membership provider name is ActiveDirectoryMembershipProvider, so you must use domain controller environment. Your computer must not be the controller, but some workstation in that domain.

    Hope this helps. 

    Wednesday, March 28, 2007 11:22 PM
  • User-1609827066 posted

    Everyhing is in my laptop (not for AD/Domain Controller): SQL DB, Application and IIS ........this is for testing purpose only before I launch it.

    Currently I'm logging into Active Directory, so basically everything is under AD. Where should I define "ActiveDirectoryMembershipProvider"?

    Is it in the program or just a windows settings?

    I attached a part of the web.config, see whether something's wrong:

    <system.web>

    <httpRuntime maxRequestLength="10240" />

    <pages validateRequest="false" smartNavigation="false" />

    <httpHandlers>

    <add verb="GET" path="FtbWebResource.axd" type="FreeTextBoxControls.AssemblyResourceHandler, FreeTextBox" />

    </httpHandlers>

    <compilation defaultLanguage="vb" debug="true" />

    <identity impersonate="true" userName="DOMAIN\username" password="password" />

    <authentication mode="Windows">

     

    </authentication>

    <authorization>

    <deny users="?" />

    </authorization>

    <trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true" />

    <sessionState

    mode="InProc"

    stateConnectionString="tcpip=127.0.0.1:42424"

    sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"

    cookieless="false"

    timeout="20"

    />

    <globalization requestEncoding="utf-8" responseEncoding="utf-8" />

     

    </system.web>

     

    Thursday, March 29, 2007 12:01 AM
  • User-427396315 posted

    For quick reference please visit here:

    http://blogs.msdn.com/gduthie/archive/2005/08/17/452905.aspx

    http://msdn.microsoft.com/en-us/library/ms998345.aspx

    http://msdn.microsoft.com/en-us/library/ms998358.aspx#paght000025_configuringwindowsauthentication

     

    Hope this helps. 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, March 29, 2007 1:00 AM