Solved

Problem using Windows authentication

Posted on 2003-12-04
4
578 Views
Last Modified: 2012-05-05
I am working on security for our Intranet site(local) and I would like to use Windows Authentication.   Specifically I want to define roles for different pages on the site(IT,Finance,Police Department, Etc..).   I would then put our employees Windows accounts in different roles and check against that in code to see if they have permission to see a page.  

I have my authentication mode set to Windows and anonymous logon turned off in IIS.  I can use the line of code (User.Identity.Name) to see any users Windows account name that hits the site from a computer they logged into.  

I am having trouble with the line (User.IsInRole()). It returns true when I use "Everyone" but I have tried administrator(s), a group I know I belong to, and that returns false. I then created a new Windows user group, put myself in it, and it still returned false.  

I think that I am not creating roles in the right place. Any ideas you have on the subject would greatly be appreciated.
0
Comment
Question by:JeffDrummond
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 18

Assisted Solution

by:chicagoan
chicagoan earned 125 total points
ID: 9877957


Can't you group the content by directory and use group permissions on the directories?

Did you try BUILTIN\\Administrators (with a capital A)?
and machinename-or-domainneame\\Finance ? etc.

(IsInRole is case sensitive)

0
 
LVL 9

Accepted Solution

by:
TooKoolKris earned 125 total points
ID: 9878741
See if this helps at all:

Specify how HTTP user authentication is handled. To allow anonymous logons, set his value to &H30000. To allow automatic logon only in the Intranet zone, set this value to &H20000. To automatically logon using the current user name and password, set this value to 0. To prompt for a user name and password, set this value to &H10000. Just take the code and paste it into a .vbs file.

Script for carrying out this task :

HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1A00"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue

Script for retrieving the current task setting:

On Error Resume Next
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3"
ValueName = "1A00"
objReg.GetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
If IsNull(strValue) Then
    Wscript.Echo "Specify how HTTP user authentication is handled (Zone 3):  The value is either Null or could not be found in the registry."
Else
    Wscript.Echo "Specify how HTTP user authentication is handled (Zone 3): ", dwValue
End If
0
 

Author Comment

by:JeffDrummond
ID: 9927989
I got my answer elsewhere.  Thanks.
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9928511
can you elaborate on the fix?
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question