Windows Authentication Restrict by Domain

There seems to be some confusion online in regards to how you restrict a user based on domain when using Windows Authentication.

It can be done in the config file, in my case it was my Web.Config file.

<authentication mode="Windows" />
      <allow roles="DOMAINDomain Users"/>
      <deny users="*" />

Where you see DOMAIN put in the domain you want to allow, leave the user as Domain Users.

You can do this for multiple domains, works a charm!

Source: mvc windows authentication allow all users from domain


Published by

Alan Feekery

Developer, Gamer, Musician, Cyclist and big Motorsport fan... enjoys the odd cup of coffee :)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s