You'll find the IIS experts over here in dedicated forums.
https://forums.iis.net/
--please don't forget to Accept as answer if the reply is helpful--
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I have an app, e.g. SL. It's running on Web Server using IIS.
SL has it's own authentication method.
I don't want that any user with SL account be able to login. I want only those accounts that have Windows Authentication.
My goal: 1. create account for SL for a few users 2. enable Windows Authentication in IIS 3. list those users in IIS
My expectation: only users listed in IIS will be able to login into SL
I don't want to change web.config directly.
Could I use the Authorization Rules option: (see attachment)
Thanks
You'll find the IIS experts over here in dedicated forums.
https://forums.iis.net/
--please don't forget to Accept as answer if the reply is helpful--
Hi,
Thank you for posting in our forum
》》》My assumption is: if win_user01 wouldn't be granted access to 'directory 'he would fail to login. Is it correct?
According to knowledge, this is ok
Hope this information can help you
Best wishes
Vicky
Well .. the option I attached above I took from IIS 7.5 running on Windows 2008 R2.
In my case I have Window 2016 and IIS 10.0. It does not have "Authorization Rules" in IIS Section. It has "Authorization Rules" only in ASP.NET section.
Could you advice please how to handle my issue in IIS 10.0 ?
Thanks
I added to web.config element
<authorization>
<allow users="abc\user1, abc\user2"/>
<deny users="?"/>
</authorization>
But I've got 404 Error. What I did wrong?
@Dave Patrick - thanks for heads-up. I asked my question on that forum
P.S. Since modifying web.config did not work for me I tried another approach.
Is my expectation of workflow correct:
user win_user01 is a valid user of our network hence when he'll login into his client 'Windows Authentication" will be in place.
Next .. he opens the browser e.g. Chrome and tries to connect to SL app. He will have to provide user1 creds and be able to login.
My assumption is: if win_user01 wouldn't be granted access to 'directory 'he would fail to login. Is it correct?
In other words … only users that are added to directory and granted permission will be able to login into application. Is it correct?
Thanks