Allow access to only certian AD Group users to IIS site

active-directoryiis-8.5

I have created Active Directory Group to allow access to certain user to IIS site (IIS version 8.5). I have installed "URL Authorization" module as shown in below link:

http://www.iis.net/configreference/system.webserver/security/authorization

Added following Rule in Web.config file to allow access to users under "Domain\Security Group1" to IIS site.

<system.webServer>
        <security>
            <authorization>
                <remove users="*" roles="" verbs="" />
                <add accessType="Allow" users="" roles="Domain\Security Group1" />
            </authorization>
        </security>
</system.webServer>

But, above solution denies access to all users including users under "Domain\Security Group1".

I found following link in this forum, but it seems to for older IIS version (IIS7 and below)
Restrict access to IIS site to an AD Group

Best Answer

I have found the solution. I had to change my C# code to resolve this issue.

I used following link as a reference.

https://stackoverflow.com/questions/4366090/c-sharp-check-if-the-user-member-of-a-group

Specifically, I used following reference code from above mentioned link.

foreach (string GroupPath in result.Properties["memberOf"])
{
    if (GroupPath.Contains(group))
    {
        return true;
    }
}

Best Answer

Related Solutions

Ftp – Configuration for FTP Site in IIS 7.5

IIS 7 Authentication: Certain users can’t authenticate, while almost all others can

Related Topic