I am developing an Intranet application in ASP.NET that uses Windows authentication. I created an AD class that receives information from an Active Directory domain controller. This is what I use to get things like "User Groups" in which the current registered user is located. The problem is the ASP.NET roles the user is in. It seems funny, but the list of AD groups the user is in is completely different from the list of roles that the user has.
Here is what I get:
List of AD groups for user-certian
- Developers
- Account Operators
- Domain Admins
- IS_IUSRS
- Administrators
List of the same users Roles
- PUDDOM\
- BUILTIN\Users
- BUILTIN\
- NT AUTHORITY\INTERACTIVE
- NT AUTHORITY\Authenticated Users
- NT AUTHORITY\This Organization
- LOCAL
- PUDDOM\
- PUDDOM\ RODC
- PUDDOM\DnsAdmins
:
- - Windows IIS7.
web.config
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
<roleManager defaultProvider="AspNetWindowsTokenRoleProvider" enabled="true">
<providers>
<remove name="AspNetSqlRoleProvider" />
</providers>
</roleManager>
?
, , AD, .
Spolarium7