473,698 Members | 2,557 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Authentication not mapping domain user to local windows group

Hi,

I am using local windows groups as roles in an asp.net application. In my
web.config file, I have the following:

<authenticati on mode="Windows" />
<authorizatio n>
<allow roles="localmac hinename\OOK_CD D" />
<deny users="*" />
</authorization>

The problem is that when I launch the application, a challenge response box
is brought up, even though I have impersonation turned on and have anonymous
access disabled in my virtual directory options. If I type in my qualified
domain name and password, I can get to the application and everything works
fine. However, I can't figure out why either my network credentials are not
being passed to the application (I think that they are) or my authentication
evidence (domain) cannot be mapped to local windows groups.

Thoughts??

tia,

_howard
Nov 19 '05 #1
1 1508
I just had a thought.....
does this happen when you do
http://localhost/app
and also when you use your machine name?
and when you use a fully qualified machine name? i.e. machinename.ara mco.com

"howard dierking" <ho************ @discussions.mi crosoft.com> wrote in
message news:F0******** *************** ***********@mic rosoft.com...
Hi,

I am using local windows groups as roles in an asp.net application. In my
web.config file, I have the following:

<authenticati on mode="Windows" />
<authorizatio n>
<allow roles="localmac hinename\OOK_CD D" />
<deny users="*" />
</authorization>

The problem is that when I launch the application, a challenge response box is brought up, even though I have impersonation turned on and have anonymous access disabled in my virtual directory options. If I type in my qualified domain name and password, I can get to the application and everything works fine. However, I can't figure out why either my network credentials are not being passed to the application (I think that they are) or my authentication evidence (domain) cannot be mapped to local windows groups.

Thoughts??

tia,

_howard

Nov 19 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
2250
by: Mark Aurit | last post by:
I have an intranet application that uses w2k Integrated Windows Authentication to authenticate users. We now have a situation where people will be accessing it who are on our network but will not be logged into w2k - so now they are challenged and fail the challenge. To handle that situation I plan to use iis custom errors with one of the 401 codes to redirect the user to a generic page. The problem is that I cant figure out how to...
1
1644
by: .net user | last post by:
can some one point me what i'm doing wrong? I have spent half a day figuring out and totally stuck now. Here's what I'm trying to accomplish: I am writing a web appl - an intranet portal site (based on the portal starter kit) and I want to apply role based security to the site. - When the users type in the intranet URL, a windows logon window would pop up and then users login with their NT credentials. Based upon theie level of security...
1
1663
by: Sam | last post by:
We have a small ASP.Net app that serves only a specific department. We would like to use windows authentication and only allow the dept folks access the web app. Use IIS6, Windows 2003, a member server of AD domain. Now, we dont want to use IP address based auth. The dept has a group created in local machine as well as in the AD. we dont want anyone besides that group (department) access the app. What is the best way to get...
4
7719
by: Gav | last post by:
Hi, I am writing a windows form application (C#) which access's data from an SQL server. The SQL server is using windows authentication only. At the moment I have to grant the domain users access to the database for the application to work. However, the database includes information that I need to hide from the users, currently the application is taking care of that. There is nothing stopping the users from accessing the database in a...
0
3442
by: Kofa | last post by:
Hi, I cannot create/drop databases from the command line, only from the GUI. Below is a detailed description of my installation and configuration attempts (sorry about the long post). I'm usually logged on to my PC as a domain user, IBE\ikovacs. As IBE\ikovacs, I'm member of my PC's Administrators group. There's also a local user Administrator, who's the default Windows admin user. I used that account (using runas) to install DB2...
6
12771
by: Not Me | last post by:
Hey, We have an sql server 2000 machine and IIS 6 machine running seperately but on the same domain. I can connect fine to the database without using impersonation, but when it's enabled I get the error: "Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection." When I check System.Security.Principal.WindowsIdentity.GetCurrent().Name I get the valid domain user that I would expect, why isn't this...
40
7579
by: webrod | last post by:
Dear All, let's say I have a web service. I would like to authenticate users who try to access it. I am on a winnt server so I will have to use NTLM but I don't want to use IIS settings. Is there a way to authenticate a user using WSE 3.0 against NTLM?? All the samples I have found on the web provide a solution based on
2
7514
by: Frank Swarbrick | last post by:
I am trying to understand "client authentication" works. My environment is DB2/UDB LUW 8.2 on zSeries SLES9 as the database server and DB2 for VSE 7.4 as the client. We currently have DB2/LUW set up as follows: Client Userid-Password Plugin (CLNT_PW_PLUGIN) = Client Kerberos Plugin (CLNT_KRB_PLUGIN) = Group Plugin (GROUP_PLUGIN) = GSS Plugin for Local Authorization ...
1
1502
by: DK | last post by:
I have an intranet application I've built using asp.net 3.5 / running on IIS6 I want to use BUILTIN groups on the server that contain domain users. So I set up my web.config like so for example: <authorization> <allow roles="BUILTIN\Intranet_Admin"/> <!--<allow roles="GNB\archivesemp"/works--> <!--<allow users="GNB\dking"/works--> <deny users="*"/>
0
8683
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
9031
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
1
8902
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
8873
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
7740
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
1
6528
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
5862
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
2
2339
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
2007
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.