We have a asp.net application. This uses windows authentication and reads the LOGON_USER variable to check if the current user is allowed access etc. This all works from users using a windows 10 PC, but when the user has a windows 11 PC the LOGON_USER variable is blank and the user is prompted for credentials. Is there anything we need to do to make the application work with Windows 11 ( as well as windows 10) ? Is there a setting on the windows 11 PC ( i.e. the client) that controls behaviour ? Thanks

We have a asp.net application. This uses windows authentication and reads the LOGON_USER variable to check if the current user is allowed access etc. The syntax to get the user name in an asp.net application is User.Identity.Name not SERVER_VARIABLE["LOGON_USER"]. User.Identity.Name LOGON_USER is, The Windows account that the user is impersonating while connected to your Web server. Use REMOTE_USER, UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that is contained in the request header. The only time LOGON_USER holds a different value than these other variables is if you have an authentication filter installed. https://video2.skills-academy.com/en-us/previous-versions/iis/6.0-sdk/ms524602(v=vs.90)?redirectedfrom=MSDN

Why is the logon_user variable blank when a user has windows 11 PC ?

Accepted answer

AgaveJoe 28,291 Reputation points

2024-07-08T11:58:12.4733333+00:00
We have a asp.net application. This uses windows authentication and reads the LOGON_USER variable to check if the current user is allowed access etc.

The syntax to get the user name in an asp.net application is User.Identity.Name not SERVER_VARIABLE["LOGON_USER"].

User.Identity.Name

LOGON_USER is, The Windows account that the user is impersonating while connected to your Web server. Use REMOTE_USER, UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that is contained in the request header. The only time LOGON_USER holds a different value than these other variables is if you have an authentication filter installed.

https://video2.skills-academy.com/en-us/previous-versions/iis/6.0-sdk/ms524602(v=vs.90)?redirectedfrom=MSDN
Please sign in to rate this answer.
Greg Booth 1,316 Reputation points

2024-07-08T12:03:33.49+00:00

Hi

We have been using LOGON_USER for years and it works fine with Windows 10, but not with Windows 11. I am sorry, but your response does not help answer my question.

That page says re LOGON_USER

"The Windows account that the user is impersonating while connected to your Web server. Use REMOTE_USER, UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that is contained in the request header. The only time LOGON_USER holds a different value than these other variables is if you have an authentication filter installed."

AgaveJoe 28,291 Reputation points

2024-07-08T12:33:19.4033333+00:00

We have been using LOGON_USER for years and it works fine with Windows 10, but not with Windows 11. I am sorry, but your response does not help answer my question.

There is nothing wrong with Windows Authentication in Windows 11.

An empty username means the user has not been authenticated. This can happen if anonymous authentication is enable. Make sure Windows authentication is enabled and anonymous authentication is disabled.

https://video2.skills-academy.com/en-us/troubleshoot/developer/webapps/aspnet/development/servervariables-logon-user-return-empty

AgaveJoe 28,291 Reputation points

2024-07-08T12:57:39.7766667+00:00

11 PC the LOGON_USER variable is blank and the user is prompted for credentials... Is there a setting on the windows 11 PC ( i.e. the client) that controls behaviour ?

Make sure the browser being used has Windows authentication enabled.

Internet Explorer Open the browser, select Internet Options, click the Advanced tab, and then select Enable Integrated Windows Authentication in the Security section

MotoX80 33,556 Reputation points

2024-07-08T16:09:04.64+00:00

More info here for Edge.

https://stackoverflow.com/questions/57034199/integrated-windows-authentication-in-microsoft-edge

Greg Booth 1,316 Reputation points

2024-07-08T16:11:00.4533333+00:00

Thanks AgaveJoe. The ASP.net application , in the web.config- is set to use Windows auth ( Anonymous is not enalbed). It might be that "Enable Integrated Windows Authentication" has been turned off for the Wndows 11 machines by group policy. Will check
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

Why is the logon_user variable blank when a user has windows 11 PC ?

0 additional answers

Your answer