I have an asp.net webpage that is used for my company both internally and externally. Users have usernames/passwords that are stored in tables in our sql database but not all users exist in active directory. Because of this, the website is using anonymous authentication and identity impersonate is set to true.
I am needing to determine whether the user is internal or external and the way I was hoping to do so was to determine what domain their pc is on (with something like Request.LogonUserIdentity.Name). After lots of searching and trying, it looks to me that unless I change both my website and IIS to use basic authentication or higher (digest, windows, etc.), then that information is not available to me (meaning Request.LogonUserIdentity.Name will return nothing or server information instead of client information). It also seems to me that if I change to basic, digest, or windows authentication, then all users of my website have to exist in active directory, which is not possible in my situation.
I then thought I might be able to get some sort of browser information (like homepage) with request.browser... to try and differentiate our internal pcs (since we set their homepage to our intranet), but it seems this is also not possible.
So, I am wondering if there are any other ways for me to differentiate between a computer that is internal (on our domain) and a computer that is external (not on our domain). Any ideas would be appreciated.