Allow access to only certian AD Group users to IIS site

Question

I have created Active Directory Group to allow access to certain user to IIS site (IIS version 8.5). I have installed "URL Authorization" module as shown in below link:

http://www.iis.net/configreference/system.webserver/security/authorization

Added following Rule in Web.config file to allow access to users under "Domain\Security Group1" to IIS site.

<system.webServer>
        <security>
            <authorization>
                <remove users="*" roles="" verbs="" />
                <add accessType="Allow" users="" roles="Domain\Security Group1" />
            </authorization>
        </security>
</system.webServer>

But, above solution denies access to all users including users under AD group "Domain\Security Group1". It should to just allows access to the AD group. What can I do to fix this?

Vik Vik · Accepted Answer · 2015-06-30T16:01:52

I have found the solution. I had to change my C# code to resolve this issue.

I used following link as a reference.

c# check if the user member of a group?

Specifically, I used following reference code from above mentioned link.

foreach (string GroupPath in result.Properties["memberOf"])
{
    if (GroupPath.Contains(group))
        {
            return true;
        }
}

Allow access to only certian AD Group users to IIS site

1 Answers