I am working on security for our Intranet site(local) and I would like to use Windows Authentication. Specifically I want to define roles for different pages on the site(IT,Finance,Police Department, Etc..). I would then put our employees Windows accounts in different roles and check against that in code to see if they have permission to see a page.
I have my authentication mode set to Windows and anonymous logon turned off in IIS. I can use the line of code (User.Identity.Name) to see any users Windows account name that hits the site from a computer they logged into.
I am having trouble with the line (User.IsInRole()). It returns true when I use "Everyone" but I have tried administrator(s), a group I know I belong to, and that returns false. I then created a new Windows user group, put myself in it, and it still returned false.
I think that I am not creating roles in the right place. Any ideas you have on the subject would greatly be appreciated.