Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Intranet Authentication 1

Status
Not open for further replies.
SpiderBear6

SpiderBear6

Programmer
Sep 17, 2003
422
AU
I have an asp.net intranet web site that I would like to set up security on. The site can be accessed through a dns and basically I would like everyone to have access to the site but I need to know if the user comes from a particular domain as these users will have access to a greater number of features. The web server (Windows Server 2003) is not the domain controller (Novell client - Windows 2000 Server). I was thinking I need to use Windows Authentication and allow all users. Then in the code I could check the domain of the user.

I started by setting the Authentication mode to Windows in the web config file of the web app. I then disabled the anonymous user access and enabled Integrated Windows in IIS. The web site still works. Then to test if it was working properly, I denied my user name. But I can still access the site. What am I doing wrong?

Does the web server have to be the domain controller for Windows authentication to work? Does anyone have any ideas about how I can determine where the user came from?

Thanks for any help provided.

Cheers.

--------------------------------------
"We are star-stuff. We are the universe made manifest trying to figure itself out."
-- Delenn in Babylon 5 - "A Distant Star"
 
Sort by date Sort by votes
Hi SpiderBear

The web server does not need to be a domain controller for windows authentication. The steps you have followed sound to me like they should work.

Check out this link it should clear this up for you as well as demonstrating a few .NET methods of getting the user account details.


Of course you could always use the classic ASP method of Request.ServerVariables["LOGON_USER"]

hth

Rob

Go placidly amidst the noise and haste, and remember what peace there may be in silence - Erhmann 1927
 
Upvote 0 Downvote
I think my problem is the Novell netware software can not validate the user. I have decided to go forms based and store a list of valid user names, then use the LogonUser api to valid the password entered with that of the user's current password.

Thanks for replying crazyboybert. A star for you!.

--------------------------------------
"We are star-stuff. We are the universe made manifest trying to figure itself out."
-- Delenn in Babylon 5 - "A Distant Star"
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

NEAXMAN
  • Locked
  • Question
NPS + CA 802.1x Wireless Authentication
Replies
1
Views
226
NEAXMAN
NEAXMAN
Skittle
  • Locked
  • Question
IIS 7.5 Intranet With Two Websites Access Via Name Instead Of IP Address
Replies
0
Views
202
Skittle
Skittle
disturbedone
  • Locked
  • Question
AD authentication from external sources
Replies
0
Views
138
disturbedone
disturbedone
slobad23
  • Locked
  • Question
Windows authentication when using a DNS name rather than IP.
Replies
1
Views
188
slobad23
slobad23
djhawthorn
  • Locked
  • Question
Active Directory Trusts & Firewalls - Authentication Flows
Replies
0
Views
155
djhawthorn
djhawthorn

Part and Inventory Search

Sponsor

Back
Top