0

I'm looking to create a site that will utilize our Active Directory login system. So in an experiment, I created a project with Windows Authentication and tried logging in from other locations. One machine used my user I was logged in. That's great. I logged in from a Mac, it asked me to authenticate. Excellent.

My concern however, is logging in from a computer that isn't logged in as an AD user (and instead as a local admin user). So instead of the user being displayed as AD(USER) it is MACHINE\USER.

Is there any way to require my application to have authenticated users from solely the AD space? Or am I better off making my own authentication logic?

And in a side subject (I haven't done any searching on it, so feel free to avoid this question), is there a way to permit only a certain group of AD users from accessing the website?

(Please note I'm new to both AD and ASP so if I'm simply missing certain terms I'd be glad to do more research)

Thanks!

Improve this question

1 Answer 1

Reset to default
1

That awkward moment when you ask for help, do a bit more searching and answer it yourself.

http://bytes.com/topic/asp-net/answers/343407-using-web-config-allow-access-domain-users-only

So I did this:

<authorization>
  <allow roles="AD\Group.Name" />
  <deny users="?" />
  <deny users="*" />
</authorization>
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.