0

I'm creating a web site using .net core, c#, and IIS. Generally, the site is fine. All is up and playing nice as far as site functionality. But here's the scenario. I have users from 3 domains that I want to have access to the site. I'll call the domains:

'One.boo.hoo' Two.boo.ooh <-Not a typo, it really does vary from One. 'Three.boo.hoo'

Site is hosted on One. Two and Three both have full, two-way trust with One.

Issue. Only folks from One (the site's natural domain) and Two can access the site. Folks on Three get error 500.

I've looked through my config and all of IIS and see nothing specific either to Two or to Three that would make one behave differently than the other.

The only odd thing I did notice, but have no idea how to troubleshoot, is, from the site's hosting server, if I ping One (just One) it will ping One.boo.hoo. If I ping Two, it will ping Two.boo.ooh. But if I ping Three, it fails. It only passes if I ping the full Three.boo.hoo. I can imagine that may have a real impact but have no idea how to address.

Ah, one more thing. I'm actually writing the code for the site using an account from the Three.boo.hoo domain. And when I load, on my computer (also on Three.boo.hoo, just to IIS Express to see how changes look, everything -does- work for my Three.boo.hoo account... leading me further to think this is either IIS or networking but, again, at a loss of where to go from here.

Can anyone point me in the right direction... at least for what to check/look for? I have or can have access to most things I need in the environment but... just don't know what that something is.

Thanks for any help you can provide!

Mark Smith Marcus T
  • 68
  • 1
  • 1
  • 5
  • Does `Three.boo.hoo` have an A record or CNAME in your nameserver? It sounds like it could just be in your own `HOSTS` file as `127.0.0.1 Three.boo.hoo`. – AlwaysLearning Jul 31 '19 at 02:52
  • 1
    If your getting 500 that means your getting to a server, and if you ping Three.boo.hoo probably the correct server. If you have direct access I would recommend turning off custom errors and turning on detailed errors. Typically detail errors are only on when viewing the domain on the local server. Just by setting customerrors off might give you enough. I am going to presume there is either a file permission, something in the config, or possibly an error in the code. ` ` For info about how to show detail error – Ron Jul 31 '19 at 03:21
  • You say 'all three domains need access to the site'. Is there 1 site, or 3 sites? If 1, you should only have one site in IIS and then set up host headers for all 3 domains on the site. If pings to machine work for 2 of them, but only FQDN works for one of them, it's likely DNS on your network. – Jonathan Jul 31 '19 at 04:41

1 Answers1

0

Well, I had tried to ask, last night, how to mark someone's post as the one that at least led me to the right answer but that question seems not posted anymore so I will wrap up here. My apologies if this is outside of good form.

Answer:

Ron pointed to web.config. Despite my best efforts, I couldn't get that to fly with my ASP.NET Core site, however, I did hack away at my json file until it at least logged -everything-. I couldn't figure out how to get it to choose development logging so I just copied dev logging settings and put them in the regular settings (from appsettings.Development.json to appsettings.json). Don't worry, was only publishing to a dev IIS anyway. Despite how much it looked like a network or IIS related thing, it did turn out to be my code and it did, indirectly, only relate to the Three domain user.

Pointed to the exact class, took 3 lines (ironically) to fix, and things now work for users on all three domains. What I don't understand is why that didn't flag while I was writing/checking through IIS Express on local machine with the Three domain user I'm using to write but that's a different dynamic that I guess I need to better understand and unrelated to here.

Thanks to all of you for spit-balling for me. It got me where I needed to go. Happy Hump Day!

Mark Smith Marcus T
  • 68
  • 1
  • 1
  • 5