Configuration for windows authentication via IIS 7.0 - iis-7

I am trying to configure windows authentication for my asp.net application via IIS 7.0.
I notice that when i try to login using the AD user accounts. I can only login through windows authentication mode for my application if the AD user is added to IIS_IUSRS or Administrator group. Why is this so? Is that any configuration that i need to make or is it true that for every user account that need to login to the asp.net application via windows authentication in IIS 7.0 needed to be added to these few groups?
Kindly advise thanks

Related

IIS - Custom Application Pool identity not being used

I have an ASP.NET web application that uses an Application Pool with a custom identity set to connect to DB via Trusted Authentication.
I have this working correctly on a dozen servers, yet I am having an issue with one: IIS is not using the custom identity and is instead attempting to impersonate the user when initiating the DB connection.
I verified I have the app pool configured to use the custom account and my web.config has <identity impersonate="false"/>. In fact I'm using an exact copy of the code and web.config from another properly working box.
I do have Windows Authentication enabled for the app to get the user login, but not for impersonation, and this is working correctly on 12 of 13 servers. If I disable Windows Authentication on the impacted box, I get Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON when accessing the site.
I tried recreating the application pool and the the IIS Application to no avail.
Anyone seen this behavior before? I'm running out of ideas. Thanks!
ASP.NET MVC4
IIS 7.5
Server 2008 R2 64bit

IIS should not ask login prompt in windows authentication

i have hosted a asp.net web applciation in windows server 2008 R2,IIS 7.0 which was developed in .net framework3.5. i have given the below authentications in IIS.
while i am accessing that website from the other network ,its asking for username and password of the server.
actually it should not ask for the login without enabling the Anonymous Authentication .
You'll need to enable anonymous authentication - there's no other way to do this

Forms authentication allows AD password expired users to login

I am having issue with Active Directory password expired users.
They can login to application and access application though password is expired.
When i try to run same code from local it give me Membership.ValidateUser as "false" ( pointing to same Active Directory)
Why there is diffference on Windows Server 2008 R2 IIS 7 and my Windows 7 IIS 7?
Is there any specific setting on IIS or AD i need to do?
My application - VSTS 2010, ASP.NET 4.0, C# 4.0
Can anyone please help?
Windows Server 2008 R2 behavior is different. Somehow it allows though Change Password on Next logon is checked.
Please share your experience.

Enable windows logon prompt in asp.net application

I have a asp.net application which uses windows authentication. The user are able to access the site without problem as it a intranet application within the organization. But now i need the user to prompt window logon after filling in the details it should authenticate in IIS. How can i achieve this.

What IIS Permission Settings to Change for an Intranet

I'm trying to publish an intranet on the IIS of my local machine. I am running IIS version 7.5 on Windows 7 Enterprise. So far I am getting HTTP Error 401.2 - Unauthorized. I have Anonymous Authentication Disabled, ASP.NET Impersonation Enabled and set to Authenticated User, and Forms Authentication Disabled.
What do I need to change either in IIS or Browser? The intranet is an MVC 4 app. Many thanks for any help.
Make Anonymous Authentication Enabled and rest disabled.
I needed to install Windows Authentication protocol for my IIS. I installed minimally earlier and did not have this. So now I am using this protocol keeping all other ones being disabled and it is firing on all cylindars :)

Resources