Solved

Problem using Windows authentication

Posted on 2003-12-04
4
573 Views
Last Modified: 2012-05-05
I am working on security for our Intranet site(local) and I would like to use Windows Authentication.   Specifically I want to define roles for different pages on the site(IT,Finance,Police Department, Etc..).   I would then put our employees Windows accounts in different roles and check against that in code to see if they have permission to see a page.  

I have my authentication mode set to Windows and anonymous logon turned off in IIS.  I can use the line of code (User.Identity.Name) to see any users Windows account name that hits the site from a computer they logged into.  

I am having trouble with the line (User.IsInRole()). It returns true when I use "Everyone" but I have tried administrator(s), a group I know I belong to, and that returns false. I then created a new Windows user group, put myself in it, and it still returned false.  

I think that I am not creating roles in the right place. Any ideas you have on the subject would greatly be appreciated.
0
Comment
Question by:JeffDrummond
  • 2
4 Comments
 
LVL 18

Assisted Solution

by:chicagoan
chicagoan earned 125 total points
ID: 9877957


Can't you group the content by directory and use group permissions on the directories?

Did you try BUILTIN\\Administrators (with a capital A)?
and machinename-or-domainneame\\Finance ? etc.

(IsInRole is case sensitive)

0
 
LVL 9

Accepted Solution

by:
TooKoolKris earned 125 total points
ID: 9878741
See if this helps at all:

Specify how HTTP user authentication is handled. To allow anonymous logons, set his value to &H30000. To allow automatic logon only in the Intranet zone, set this value to &H20000. To automatically logon using the current user name and password, set this value to 0. To prompt for a user name and password, set this value to &H10000. Just take the code and paste it into a .vbs file.

Script for carrying out this task :

HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1A00"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue

Script for retrieving the current task setting:

On Error Resume Next
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3"
ValueName = "1A00"
objReg.GetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
If IsNull(strValue) Then
    Wscript.Echo "Specify how HTTP user authentication is handled (Zone 3):  The value is either Null or could not be found in the registry."
Else
    Wscript.Echo "Specify how HTTP user authentication is handled (Zone 3): ", dwValue
End If
0
 

Author Comment

by:JeffDrummond
ID: 9927989
I got my answer elsewhere.  Thanks.
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9928511
can you elaborate on the fix?
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now