web.config : <authentication>

Hi,
I'm having problems with the interpretation of roles in the <authentication> entries in web.config

Scenario :
I'm logging on as 'Administrator' and try to access a site for which the IIS-authentication method is set to 'Integrated Windows' only

Following are the web.config-entries of the site :
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<allow users="MYDOMAIN\Administrator" />
<deny users="*" />
</authorization>

When I access the site it displays :
Authenticated user: MYDOMAIN\Administrator
User was authenticated with: NTLM
Windows identity: MYDOMAIN\Administrator
==> OK

but... the following gives me an "Access Denied"
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<allow roles="MYDOMAIN\Administrators" />
<deny users="*" />
</authorization>

And I double-checked that Administrator is a member of the Administrators-group
I tried with other users-roles and every time I allow only access to roles doesn't I have access ??
How come ?

Any ideas ?
thanks
Chris
************************************************** ********************
Sent via Fuzzy Software @ http://www.fuzzysoftware.com/
Comprehensive, categorised, searchable collection of links to ASP & ASP.NET resources...

Hi,

Try this:

<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<allow roles="Administrators" />
<deny users="*" />
</authorization>

I just removed "MYDOMAIN/".

Saravanan K V

"Chris C" wrote:

Hi,
I'm having problems with the interpretation of roles in the <authentication> entries in web.config
Scenario :
I'm logging on as 'Administrator' and try to access a site for which the IIS-authentication method is set to 'Integrated Windows' only
Following are the web.config-entries of the site :
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<allow users="MYDOMAIN\Administrator" />
<deny users="*" />
</authorization>

When I access the site it displays :
Authenticated user: MYDOMAIN\Administrator
User was authenticated with: NTLM
Windows identity: MYDOMAIN\Administrator
==> OK

but... the following gives me an "Access Denied"
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<allow roles="MYDOMAIN\Administrators" />
<deny users="*" />
</authorization>

And I double-checked that Administrator is a member of the Administrators-group I tried with other users-roles and every time I allow only access to roles doesn't I have access ?? How come ?

Any ideas ?
thanks
Chris
************************************************** ********************
Sent via Fuzzy Software @ http://www.fuzzysoftware.com/
Comprehensive, categorised, searchable collection of links to ASP & ASP.NET resources...