WindowsPrincipal.IsInRole not working in IIS 7/Win Server 2K8, but working on IIS 6/Win Server 2K3

Question

Is there some setting or permission in IIS 7/Win Server 2008 that would cause WindowsPrincipal.IsInRole to always return false, when the same code running in IIS 6/Win Server 2003 works? Here's how I'm calling the method:

IPrincipal principal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
bool isInRole = principal.IsInRole("DOMAIN\Group"); // Always false in Win 2K8

The web application is running with Integrated Windows Authentication on both servers. Also, the Win 2008 server is in a different sub-domain than the Win 2003 server. The groups that I'm checking against are in the same sub-domain as the Win 2003 server.

I can provide more details if necessary, but I'm not sure which ones are relevant and which would be noise.

score 0 · Answer 1 · answered Nov 10 '11 at 15:00

0

Check on the Domain Controller if 'DOMAIN\Group' is the full name of the group. It must be the Group name (pre Windows2000).

answered Nov 10 '11 at 15:00

nogola

214
4
12

WindowsPrincipal.IsInRole not working in IIS 7/Win Server 2K8, but working on IIS 6/Win Server 2K3

1 Answers1