Quantcast
Channel: Security
Viewing all articles
Browse latest Browse all 1881

Can't get IIS Authentication to work with Active Directory group

$
0
0

So I've been working on this for a few days, using so many google searches, reading so many posts and tutorials and websites that I'm pretty sure I've exhausted my capabilities for self-help.

I have the following setup:

  • IIS 10 on Windows Server 2012 (also Active Directory is on the same machine, this is a test VM)
  • Windows Authentication and URL Authentication installed
  • ISAPI Rewrite and ISAPI Extensions installed with Helicon's ISAPI Rewrite Filter (because IIS's URL Rewrite refuses to pass the authenticated username to my reverse proxied back-end)

I have 2 users setup for testing, one is part of a group called "Test IIS Access" and the other is just a normal user.

This is my web.config file in the folder: 

<?xml version="1.0" encoding="UTF-8"?><configuration><system.webServer><security><authorization><remove users="*" roles="" verbs="" /><add accessType="Allow" roles="EXAMPLE\Test IIS Access" /><add accessType="Deny" users="*" /></authorization></security></system.webServer></configuration>

I've even tried removing both the "remove" entry and the "add Deny" entry, and nothing changes. Any time I try to login to this page from IE on that local machine, it prompts for login, I enter example\testuser (the one with access) and it just prompts 3 times before showing the error 401.1. 

Any help troubleshooting this will be greatly appreciated.


Viewing all articles
Browse latest Browse all 1881

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>