Click here to Skip to main content
14,386,085 members

Windows Authentication on Intranet Website using AD and Windows Server 2012 (or Higher)

Rate this:
4.83 (5 votes)
Please Sign up or sign in to vote.
4.83 (5 votes)
21 Oct 2014CPOL
How to implement Windows authentication on an Intranet website using WS2012

Introduction

I have spent hours and hours getting my intranet website working using Windows authentication, but I just couldn't get it to work. All I got was the error message "You do not have permission to view this directory or page".

I had added an AD connectionstring to the web.config, added a membership provider section and tried all options including configuring an AD connectionUsername and Password, but it still didn't work.

Eventually, I found the solution and it's oh so simple!!

Background

Windows Server 2012 and higher, by default, are extremely secure. Everything you need on the server you have to install, activate or configure.

One thing you do not have to configure (if you are working on an Intranet site and everything is available within one domain) is your connection to the AD (Active Directory) server. So we don't need the membership provider section nor the AD connectionstring in the web.config!

But then, why is it that I was still unauthorized!

Well, it turns out all that's left to do is grant access to the installation path of your website to the "Authenticated Users" group and then you're good to go!

Using the Code

In your web.config, within the <system.web> tag, you need to add the following:

<system.web>
    ...
    <authentication mode="Windows">
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>
    ...
</system.web>

On the server, find the installation path of you web application (e.g. C:\inetpub\wwwroot\YourApp).

Go to the properties of that folder --> security tab and add the local "Authenticated Users" group.

Finally, grant the "Authenticated Users" group right to Read & execute, List folder contents and Read.

For example:

Image 1

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Dennis Betten
Software Developer (Senior) Centric Netherlands
Netherlands Netherlands
No Biography provided

Comments and Discussions

 
GeneralMy vote of 5 Pin
andremulder 197922-Oct-14 1:01
Memberandremulder 197922-Oct-14 1:01 
GeneralMy vote of 5 Pin
Humayun Kabir Mamun22-Oct-14 0:41
MemberHumayun Kabir Mamun22-Oct-14 0:41 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Tip/Trick
Posted 21 Oct 2014

Stats

13.8K views
11 bookmarked