I have a site runing inside our domain servers witha firewall for external access. It popups up a login box for you to put your AD credentials. This is all how it is supposed to work. But since this week it no longer considers it valid. Users that were able to connetc last week no longer can connect. we all get 401 errors in the IIS 7 log. Is there a way to trace where this is broken?
the server Windows Server 2016 DataCenter.
This is our Web.config:
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime />
<authorization>
<allow roles="SEC_DB_EMAILMANAGER_ADMIN" />
<allow users=".\egadmin" />
<deny users="*" />
</authorization>
<pages controlRenderingCompatibilityVersion="4.0">
<controls>
<add tagPrefix="asp" namespace="AjaxControlToolkit" assembly="AjaxControlToolkit" />
</controls>
</pages>
<authentication mode="Windows" />
<identity impersonate="false" />
</system.web>
In the Authorization section of IIS WE have these settings:
Anonymous Access: Enabled - with specific user:IUSR
Basic Authentication: Enabled - no settings set
The others are all disabled. I tried changing different settings and it doesn't seem to work. we have an automated deployment process that deployed something last week it is possibles some settings were changed we didn't realize
After a day & a half we figured out the problem. When IT Support was adding the last batch of users to the SECURITY GROUP The SAML ( PRE 2000 name) name was renamed to something else, which is used for iis lookup
Related
I have an ASP.NET MVC application hosted on IIS on windows server 2019. The webapp runs fine but upon clicking a button(which triggers a service call), I get windows sign-in pop up intermittently.
Note that, we have disabled windows authentication at IIS level and user authentication is being done at application level using Azure active directory.
We have the following authentication settings in web.config:
<system.web>
<authentication mode="None" />
<authorization>
<allow users="*" />
</authorization>
</system.web>
<modules runAllManagedModulesForAllRequests="true">
<remove name="FormsAuthentication" />
...
</modules>
Every time I deploy a basic ASP.NET MVC site to one of our intranet servers, the authentication mode for the site and any sub sites turns off. We have it set to Windows. This does not happen to a second server that we use.
This is what we have in our root web.config file. We can go in to IIS Manager and turn Windows authentication back on, but why does it get turned off each time even though the config file is set to use Windows authentication?
<system.web>
<customErrors mode="Off" />
<compilation targetFramework="4.6.1" />
<httpRuntime targetFramework="4.5" />
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
<httpModules />
</system.web>
You could try to add the below section in your web.config file.
<system.webServer>
<security >
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
Or you could directly modify the applicationhost.config file which is located at C:\Windows\System32\inetsrv\config
<location path="TestSite">
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
Note: path="TestSite" use your site name in this section and add this code before the </configuration> tag.
I uploaded my website to godaddy windows hosting with plesk.
All files are uploaded but I get an error:
500 - Internal server error.
There is a problem with the resource you are looking for, and it cannot be displayed.
From researching the problem online I figured the prob;em must be in my web.config file
I am showing here what I have in my web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false" allowOverride="false">
<system.webServer>
<httpErrors errorMode="Detailed"/>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\myApp.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" />
</system.webServer>
<system.web>
<trust level="Full" />
</system.web>
</location>
<system.web>
<customErrors mode="Off" />
</system.web>
</configuration>
Your host (GoDaddy) will need to setup their servers to support asp.net core
web.config in asp.net MVC core Project
I tried on myproject also, but it didn't work
So after trying everything including calling godaddy and searching all over, I found out that GoDaddy doesn't support asp.net core 2.0 applications
I hosted with 1and1 windows hosting and it runs!
I have been trying to set my web application session-timeout to 90 minutes without success.
In my web.config I have it set as follow:
<system.web>
<authentication mode="None" />
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<sessionState mode="InProc" timeout="90"></sessionState>
</system.web>
... but the session keeps timing out at 20 minutes (default value).
Any insight on how to trace this problem?
The default idle timeout for a worker process is also 20 minutes. Since you are using InProc, it is likely this timer that is causing the timeout. Switch to ProcServer or SqlServer or better yet quit using the ASP.Net Session all together.
I have two machines:
Windows 2008 - for Active Directory
Windows 7 - installed with IIS7, it also serves as development machine. Note that this PC is not member of the domain.
I tried Forms Authentication and it's working fine with this configuration in my web.config:
<connectionStrings>
<add name="ADConn" connectionString="LDAP://192.168.0.21" />
</connectionStrings>
<membership defaultProvider="ADMembership">
<providers>
<add name="ADMembership"
type="System.Web.Security.ActiveDirectoryMembershipProvider"
connectionStringName="ADConn"
connectionUsername="dominic"
attributeMapUsername="sAMAccountName"
connectionPassword="p#ssw0rd" />
</providers>
</membership>
Now I want to change from Form to Windows Authentication. My questions are:
What configurations do I need to add in Web.Config to enable Windows Authentication?
What configurations should be done in IIS to enable Windows Authentication?
Do I need to configure Windows Firewall?
When logging in using Windows Authentication, what should be my username? Is it "192.168.0.21\dominic" or "dominic"?
Did I miss to ask any question?
I tried many tutorials today but it's either giving me 403 or it's not accepting my username and password. If you know any complete step-by-step tutorial, please let me know.
After days of research, it turns out that IIS at least, should be a member of the domain. The client does not necessarily be a member of the domain.
In the Web.Config, all I need to add is:
<authentication mode="Windows" />
<authorization>
<allow users="*"/>
<deny users="?" />
</authorization>
Connection string and membership are not necessary.