IIS 7.0 Basic AD Authentication

After some searching myself I couldn’t find anything really straight forward for how to tie IIS 7.0 into AD for user authentication. Luckily from the guides I found it was possible to figure out what was needed in order to set things up properly.

Requirements:

  • Windows Authentication enabled under IIS service
  • Ability to add / change website level web.config file

Steps:
1. Open IIS Manager and select site profile
2. Double click on Authentication in middle pane (Figure 1)

Figure1
Figure 1 (IIS Manager)

3. Disable “Anonymous Authentication”
4. Enable “Windows Authentication” (Figure 2)

Figure2
Figure 2 (IIS Manager – Authentication)

5. Create or edit web.config file

Configuration file (new) should look like the following:
<?xml version=”1.0″?>
<configuration>
<system.web>
<compilation debug=”true” />
<authentication mode=”Windows” />
<authorization> <allow roles=”DOMAINNAME\DOMAINGROUP” />
<deny users=”*” />
</authorization>
</system.web>
</configuration>

*DOMAINNAME\DOMAINGROUP – needs to be updated to include the AD group used for access.

And that’s it!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s