12

I can't figure this out for the life of me. I'm trying to get the name of the current user logged onto Windows using the following line:

string user = System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString();

When I run this line after publishing and opening it through IIS, it gives me a name of "IIS APPPOOL/SiteName". However, when I run this through the Visual Studio 2013 debugger, the correct name appears.

LOL. NO.
  • 577
  • 1
  • 6
  • 33

6 Answers6

5

I've fiddled around with the config, IIS settings, and the string...but I think this line is what I needed to use:

string user = System.Web.HttpContext.Current.User.Identity.Name;

Seems to be returning a domain/username which I can use instead. Looks like an alternative solution.

LOL. NO.
  • 577
  • 1
  • 6
  • 33
4

you have to enable windows auth/impersonation on an ASP.NET site, else it will run in the context of the whatever account configured for the app pool.

https://msdn.microsoft.com/en-us/library/ff647405.aspx

 <system.web>
    ...
    <authentication mode="Windows"/>
    <identity impersonate="true"/>
    ...
 </system.web>
cs_tdilo
  • 41
  • 1
  • 5
    I've done this, however when I reload my pages I get an HTTP Error 500.24. Also when I check my IIS Authentication settings for the site, it displays that Anonymous Authentication and ASP.NET Authentication are automatically enabled when I change my Web.config to that. And when I disable ASP.NET Authentication and enable Windows Authentication there, I'm still getting the same error. – LOL. NO. May 14 '15 at 15:23
4

Base on my test under IIS having Windows Authentication only enable and not impersonation on the web.config; System.Web.HttpContext.Current.User.Identity.Name; return to me the current login user not the application pool user and System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString() return the application pool user.

I tried again and having he following on the config file:

    <system.web>
       <authentication mode="Windows" />
   </system.web>

For System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString() I got:

Office\atorr

which is my login account

For System.Web.HttpContext.Current.User.Identity.Name; I got

IIS APPPOOL.NET v4.5 Classic

which is the account the application pool is running.

Albert Torres
  • 163
  • 2
  • 15
0

All mentioned in other answers are true, PLUS THIS:

In IIS Manager, click Basic Settings.

In the Edit Application window click Connect as...

Choose Application User (pass through authentication). Do not use a specific user because that will be the identity detected.

kenalacom
  • 261
  • 2
  • 6
  • 15
0

Click on the project name and press F4 and it will open project properties window:

  1. Enable Windows authentication

  2. Disable anonymous authentication

  3. Add <identity impersonate="true"> in web.config

Now, deploy your code it should work fine.

Bhuwan Pandey
  • 514
  • 1
  • 6
  • 19
  • I've tried all the above and I still get back 'NT AUTHORITY\LOCAL SERVICE' for every user handle I attempt to work with. As others have noted it works perfect with IIS express. I've also ready that for security it may not work on local machine. I've tried some registry hacks to remedy this but to no avail. I wonder if I've just got a borked setup at this point? – Jonathan Mc Namee Jul 23 '18 at 15:27
0

Try This

(((System.Web.Security.RolePrincipal)(ClaimsPrincipal.Current)).Identity).Name
Paul
  • 4,160
  • 3
  • 30
  • 56
Dinesh Negi
  • 1
  • 4
  • 1
    Please try to provide a nice description about how your solution works. See: [How do I write a good answer?](https://stackoverflow.com/help/how-to-answer) Thanks – Rajesh Pandya Nov 06 '20 at 07:19