特定Windows用户组的Windows身份验证 [英] Windows Authentication for Specific windows user group

问题描述

我创建了asp.net网页，我想在单击登录按钮时使用Windows用户名和密码登录我的asp页面.我已经搜索了一些代码( http://www.codeproject.com /Articles/37558/Windows-Authentication-Using-Form-Authentication )，用于登录我的ASP页面.它适用于我的本地用户名和密码，但是我想访问特定域组成员到我的asp.net页面

I created asp.net webpage , i want to log on my asp page using windows username and password when login button click. i have search some code(http://www.codeproject.com/Articles/37558/Windows-Authentication-Using-Form-Authentication) in net for login my asp page. It works for my local user name and password but i want to access Specific domain group members to my asp.net page

有人帮助我...

推荐答案

要提供/限制对特定用户/组的访问，需要在Web.config中进行适当的输入.

To provide/restrict access to specific users/groups, appropriate entries needs to be done in Web.config.

在Windows中，身份验证名称以DomainName\UserName或ComputerName\UserName格式输入.

In Windows authentication names are entered in the format DomainName\UserName or ComputerName\UserName.

在授权规则中列出用户时，需要使用相同的格式.例如，如果您在名为FARIAMAT的计算机上拥有用户帐户john和nolan，则可以使用这些授权规则.注意<allow>元素中的users属性.

You need to use the same format when listing users in the authorization rules. For example, if you have the user accounts john and nolan on a computer named FARIAMAT, you can use these authorization rules. Note the users attribute in <allow> element.

<authorization> 
<deny users="?" /> 
<!-- permit only specific users to have access -->
<allow users="FARIAMAT\john,FARIAMAT\nolan" /> 
<deny users="*" /> 
</authorization>

要允许名为Managers的NT组的所有用户访问您的资源，请使用以下代码.请注意<allow>元素中的roles属性.

To permit all users of an NT Group named Managers to have access to your resources, use the following code. Note the roles attribute in <allow> element.

<configuration>
  <system.web>
    <authorization>
  <!-- Format is:: <allow roles="DomainName\WindowsGroup" /> -->
      <allow roles="domainname\Managers" />
      <deny users="*" />
    </authorization>
  </system.web>
</configuration>

注意:: Windows组用作角色，格式为domainName\windowsGroup.通过使用BUILTIN前缀来引用诸如Administrators之类的组:

NOTE:: Windows groups are used as roles and they take the form domainName\windowsGroup. Groups such as Administrators are referenced by using the BUILTIN prefix as:

<authorization>
  <allow users="DomainName\john, DomainName\nolan" />
  <allow roles="BUILTIN\Administrators, DomainName\Manager" />
  <deny users="*" />
</authorization>

这篇关于特定Windows用户组的Windows身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！