I have spent hours and hours getting my intranet website working using Windows authentication, but I just couldn't get it to work. All I got was the error message "You do not have permission to view this directory or page".
I had added an AD
connectionstring to the web.config, added a membership provider section and tried all options including configuring an AD
Password, but it still didn't work.
Eventually, I found the solution and it's oh so simple!!
Windows Server 2012 and higher, by default, are extremely secure. Everything you need on the server you have to install, activate or configure.
One thing you do not have to configure (if you are working on an Intranet site and everything is available within one domain) is your connection to the AD (Active Directory) server. So we don't need the membership provider section nor the AD
connectionstring in the web.config!
But then, why is it that I was still unauthorized!
Well, it turns out all that's left to do is grant access to the installation path of your website to the "Authenticated Users" group and then you're good to go!
Using the Code
In your web.config, within the
<system.web> tag, you need to add the following:
<deny users="?" />
On the server, find the installation path of you web application (e.g. C:\inetpub\wwwroot\YourApp).
Go to the properties of that folder --> security tab and add the local "Authenticated Users" group.
Finally, grant the "Authenticated Users" group right to Read & execute, List folder contents and Read.