控制访问与IIS网站/ Active Directory中 [英] Controlling access to a website with IIS/Active Directory

问题描述

我要确保我们的网络上的遗留帮助网站指出，走向世界。理想情况下，我希望让人们与他们的活动目录登录验证，因为每个人都在该公司已经在那里，他们已经知道的东西。理想情况下，我需要设置默认域，以便人们不必键入

I need to secure a legacy help site on our network that points out to the world. Ideally, I want to have people authenticate with their active directory logins, because everybody in the company is already there, and they already know that stuff. Ideally, I'd need to set the default domain so people don't have to type that.

我有一个例子，我的解决方案后的模型，而是把它怪异的是一个有点轻描淡写。启用匿名访问，与身份验证的访问限制在集成的Windows身份验证和基本身份验证，无初始域或领域集中。在该网站的Web.config文件只有这在其认证领域：

I have an example to model my solution after, but to call it weird is a bit of an understatement. Anonymous access is enabled, with authenticated access restricted to Integrated Windows Authentication and Basic Authentication, with no initial domain or realm set. The web.config file in the website has only this in its authentication field:

＆LT;身份验证模式=窗口/＆GT;     ＆LT;授权＆GT;         ＆LT;拒绝用户=？ /＆GT; ＆LT;！ - 允许所有用户 - ＆GT;     ＆LT; /授权＆GT;

<authentication mode="Windows" /> <authorization> <deny users="?" /> <!-- Allow all users --> </authorization>

当然，该网站我保证是纯HTML，所以我甚至不知道web.config文件将工作。是否有一个优雅的，可持续的方式来进行此事？不幸的是，我无法找到很多关于谷歌任何东西。

Of course, the site I am securing is pure HTML, so I am not even sure a web.config file will work. Is there a graceful, sustainable way to go about this? Unfortunately, I am unable to find much of anything on Google.

推荐答案

匿名身份验证在IIS打开并启用集成Windows身份验证。这将在外面工作asp.net。如果是纯HTML，web.config中不被使用。

Turn of anonymous authentication in IIS and enable Integrated Windows Authentication. That will work outside asp.net. If it's pure html, the web.config isn't being used.

这篇关于控制访问与IIS网站/ Active Directory中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！