允许允许AD组访问 [英] Allow allow AD Group access
本文介绍了允许允许AD组访问的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一个ASP.NET网站,我只允许AD组中的用户访问该网站。我正在使用如下的web.config代码段,但这似乎不起作用:
I have an ASP.NET website and I would like to only allow users in an AD group access to the site. I am using a web.config snippet as below, but this does not seem to work:
<authorization>
<deny users="*" />
<add accessType="Allow" roles="DOMAIN\GroupTest" />
</authorization>
任何建议如何实现此功能的建议都值得赞赏!
Any advice how to implement this is much appreciated!
推荐答案
您需要按以下方式更改配置:
You need to change your configuration as follows:
<configuration>
<system.web>
<!-- ... -->
<authorization>
<allow roles="DOMAIN\GroupTest" />
<deny users="*" />
</authorization>
<!-- ... -->
</system.web>
</configuration>
如本文章,ASP.NET会寻找匹配的 allow
或<授予访问权限时使用code> deny 规则。如果首先遇到匹配的 allow
规则,则将授予访问权限。
As described in this article, ASP.NET looks for a matching allow
or deny
rule when granting access. If a matching allow
rule is encountered first, access is granted.
这篇关于允许允许AD组访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文