Domain user is not retrieve in IIS after windows server changed to samba4
My application uses Windows authentication in windows AD server, but now the server is changed to samba4.
Below code is used in the application to retrieve domain and username
string Domain_username =System.Environment.UserDomainName + "\" + System.Environment.UserName
It used to return DomainNameusername
as expected.
After upgrading to samba4, above code retrieve the different results
output: IIS APPPOOLAppPoolName
.
if i try
HttpContext.Current.Request.LogonUserIdentity.Name
it worked but, I don't want to do any code changes because it applied to many places. what changes need to do in IIS or system to retrieve domain user
Any help would be appreciated
c# iis active-directory windows-authentication samba
add a comment |
My application uses Windows authentication in windows AD server, but now the server is changed to samba4.
Below code is used in the application to retrieve domain and username
string Domain_username =System.Environment.UserDomainName + "\" + System.Environment.UserName
It used to return DomainNameusername
as expected.
After upgrading to samba4, above code retrieve the different results
output: IIS APPPOOLAppPoolName
.
if i try
HttpContext.Current.Request.LogonUserIdentity.Name
it worked but, I don't want to do any code changes because it applied to many places. what changes need to do in IIS or system to retrieve domain user
Any help would be appreciated
c# iis active-directory windows-authentication samba
If you drill down through the various layers of IIS operation from your code layer to the underlying process threads you may well find more than one user name is returned as the current user at that level. If you want to keep your environment authentication as it is I think you may have to make the code changes.
– pixelda
Nov 28 '18 at 11:26
add a comment |
My application uses Windows authentication in windows AD server, but now the server is changed to samba4.
Below code is used in the application to retrieve domain and username
string Domain_username =System.Environment.UserDomainName + "\" + System.Environment.UserName
It used to return DomainNameusername
as expected.
After upgrading to samba4, above code retrieve the different results
output: IIS APPPOOLAppPoolName
.
if i try
HttpContext.Current.Request.LogonUserIdentity.Name
it worked but, I don't want to do any code changes because it applied to many places. what changes need to do in IIS or system to retrieve domain user
Any help would be appreciated
c# iis active-directory windows-authentication samba
My application uses Windows authentication in windows AD server, but now the server is changed to samba4.
Below code is used in the application to retrieve domain and username
string Domain_username =System.Environment.UserDomainName + "\" + System.Environment.UserName
It used to return DomainNameusername
as expected.
After upgrading to samba4, above code retrieve the different results
output: IIS APPPOOLAppPoolName
.
if i try
HttpContext.Current.Request.LogonUserIdentity.Name
it worked but, I don't want to do any code changes because it applied to many places. what changes need to do in IIS or system to retrieve domain user
Any help would be appreciated
c# iis active-directory windows-authentication samba
c# iis active-directory windows-authentication samba
asked Nov 28 '18 at 10:17
user202user202
434416
434416
If you drill down through the various layers of IIS operation from your code layer to the underlying process threads you may well find more than one user name is returned as the current user at that level. If you want to keep your environment authentication as it is I think you may have to make the code changes.
– pixelda
Nov 28 '18 at 11:26
add a comment |
If you drill down through the various layers of IIS operation from your code layer to the underlying process threads you may well find more than one user name is returned as the current user at that level. If you want to keep your environment authentication as it is I think you may have to make the code changes.
– pixelda
Nov 28 '18 at 11:26
If you drill down through the various layers of IIS operation from your code layer to the underlying process threads you may well find more than one user name is returned as the current user at that level. If you want to keep your environment authentication as it is I think you may have to make the code changes.
– pixelda
Nov 28 '18 at 11:26
If you drill down through the various layers of IIS operation from your code layer to the underlying process threads you may well find more than one user name is returned as the current user at that level. If you want to keep your environment authentication as it is I think you may have to make the code changes.
– pixelda
Nov 28 '18 at 11:26
add a comment |
1 Answer
1
active
oldest
votes
Environment.UserDomainName
and Environment.UserName
indicate the credentials that the application process is running with, not the credentials of the current user, which is why you are seeing what you are seeing. The only way this could ever give the user's credentials is if your application is using impersonation, so maybe it's that impersonation that broke.
Did you have to change your authentication when you switched to samba4?
Strictly speaking, you should be using HttpContext.Current.Request.LogonUserIdentity
or HttpContext.Current.User.Identity
(which both should be the same) to get the credentials of the current user.
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53517068%2fdomain-user-is-not-retrieve-in-iis-after-windows-server-changed-to-samba4%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Environment.UserDomainName
and Environment.UserName
indicate the credentials that the application process is running with, not the credentials of the current user, which is why you are seeing what you are seeing. The only way this could ever give the user's credentials is if your application is using impersonation, so maybe it's that impersonation that broke.
Did you have to change your authentication when you switched to samba4?
Strictly speaking, you should be using HttpContext.Current.Request.LogonUserIdentity
or HttpContext.Current.User.Identity
(which both should be the same) to get the credentials of the current user.
add a comment |
Environment.UserDomainName
and Environment.UserName
indicate the credentials that the application process is running with, not the credentials of the current user, which is why you are seeing what you are seeing. The only way this could ever give the user's credentials is if your application is using impersonation, so maybe it's that impersonation that broke.
Did you have to change your authentication when you switched to samba4?
Strictly speaking, you should be using HttpContext.Current.Request.LogonUserIdentity
or HttpContext.Current.User.Identity
(which both should be the same) to get the credentials of the current user.
add a comment |
Environment.UserDomainName
and Environment.UserName
indicate the credentials that the application process is running with, not the credentials of the current user, which is why you are seeing what you are seeing. The only way this could ever give the user's credentials is if your application is using impersonation, so maybe it's that impersonation that broke.
Did you have to change your authentication when you switched to samba4?
Strictly speaking, you should be using HttpContext.Current.Request.LogonUserIdentity
or HttpContext.Current.User.Identity
(which both should be the same) to get the credentials of the current user.
Environment.UserDomainName
and Environment.UserName
indicate the credentials that the application process is running with, not the credentials of the current user, which is why you are seeing what you are seeing. The only way this could ever give the user's credentials is if your application is using impersonation, so maybe it's that impersonation that broke.
Did you have to change your authentication when you switched to samba4?
Strictly speaking, you should be using HttpContext.Current.Request.LogonUserIdentity
or HttpContext.Current.User.Identity
(which both should be the same) to get the credentials of the current user.
edited Nov 28 '18 at 14:12
answered Nov 28 '18 at 13:22
Gabriel LuciGabriel Luci
11.4k11525
11.4k11525
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53517068%2fdomain-user-is-not-retrieve-in-iis-after-windows-server-changed-to-samba4%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
If you drill down through the various layers of IIS operation from your code layer to the underlying process threads you may well find more than one user name is returned as the current user at that level. If you want to keep your environment authentication as it is I think you may have to make the code changes.
– pixelda
Nov 28 '18 at 11:26