We help IT Professionals succeed at work.

Mixed Authentication with IIS6 and ASP .NET 3.5

Currently we have a web application that was written to be forms authentication based where the user, regardless of whether they are in the domain or not have to enter their credentials and sign in. We would like to move it from solely forms based to being a mixed mode where users inside the domain are able to login automatically using windows authentication and those outside the domain would still log in the traditional way. Regardless of how they login though the role of the user determines what they will be able to access. The app was written in ASP .NET 3.5 and the server is running IIS 6. I have looked around for some articles on how to do this but I am getting conflicting answers on whether or not this is feasible and how it can be implemented. Thanks for the help.
Watch Question

Sr. Network / Systems Admin
That's a bit of a tough cookie.  The domain users are easy enough, if they are authenticated and you've added them to the resource you are trying to allow, you are good to go there.

Where this becomes a little more difficult is with users outside the domain.  You can allow clear text / basic / mixed, but if they are not a domain user, you then have to maintain some soft of "other than AD" credentials list server side.  You will need either a shared account in which everyone uses the same user / pass, or, you will need some *other* user management system.  User "joe" needs to have his credentials stored somewhere on your side if he is not in AD.  Although you could technically use AD and put these users in, say, their own tight-security OU, I personally hate trashing up my AD more than it has to be.

How to accomplish really becomes a question of your own security and knowledge of technology / ASP.net (since this is what you mentioned you are coding for).
This may help get the ball rolling - http://www.15seconds.com/issue/050216.htm

Explore More ContentExplore courses, solutions, and other research materials related to this topic.