I have a web project that uses Active Directory authorization (All controllers marked with AuthorizeAttribute). In web.config i have following authentification section:
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
The problem is: When i run project under Visual Studio Development Server everything goes fine, it pops authorization window, after entering login/password i can see all site contents.
But, when i try to run it under IIS (7.5) authorization window still pops, but login/password is always incorrect (looks like it cannot access AD). Site is configured to use windows authorization. Application pool runs using my windows login/password. What am i missing?
If your host header file is pointing to 127.0.0.1, it may be the authentication loopback check.
If that is the case, the answer is already detailed at why does windows authentication / impersonation fail on asp.net application with iis 7.5 / windows 7 /. In short, open regedit, and add a DWORD DisableLoopbackCheck = 1 to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With