|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Is it possible to use the Windows 2003 user names instead of pre-Windows 2000 user names in WindowsHello,
I am trying to get username information by using User.Identity.Name.ToString, if i logged in with username to given network place, it is ok! It returns SERVERNAME/username. Otherwise if I logged in with "name.surn***@SERVERNAME.com" it again returns SERVERNAME/username although i want it to return "name.surname". I changed the IIS server settings, checked digest authentication and tried the other things, too. But makes no difference. It is said to originated from Kerberos Authentication... If anyone can help me I will be appreciated. Thanks for now, MK IIS must be making the translation internally from the UPN to the
sAMAccountName. It's not hard to get the UPN given the WindowsIdentity object that you have at hand, and relying on the UPN for the user's true name is bad programming practice IMHO. My recommendation is to search AD for that user's object in the directory and retrieve the first and last name properties or whatever else you need in your code. Show quoteHide quote "MaURiCe" <mkas***@gmail.com> wrote in message news:1157462878.505088.151490@m73g2000cwd.googlegroups.com... > Hello, > I am trying to get username information by using > User.Identity.Name.ToString, if i logged in with username to given > network place, it is ok! It returns SERVERNAME/username. > Otherwise if I logged in with "name.surn***@SERVERNAME.com" it again > returns SERVERNAME/username although i want it to return > "name.surname". > I changed the IIS server settings, checked digest authentication and > tried the other things, too. But makes no difference. > It is said to originated from Kerberos Authentication... > If anyone can help me I will be appreciated. > Thanks for now, > MK > Thank you for your answer but is there any other option that we can
solve it by changing the settings of IIS... Moris Brian Desmond [MVP] wrote: Show quoteHide quote > IIS must be making the translation internally from the UPN to the > sAMAccountName. It's not hard to get the UPN given the WindowsIdentity > object that you have at hand, and relying on the UPN for the user's true > name is bad programming practice IMHO. > > My recommendation is to search AD for that user's object in the directory > and retrieve the first and last name properties or whatever else you need in > your code. > > -- > Thanks, > Brian Desmond > Windows Server MVP - Directory Services > > www.briandesmond.com > > > "MaURiCe" <mkas***@gmail.com> wrote in message > news:1157462878.505088.151490@m73g2000cwd.googlegroups.com... > > Hello, > > I am trying to get username information by using > > User.Identity.Name.ToString, if i logged in with username to given > > network place, it is ok! It returns SERVERNAME/username. > > Otherwise if I logged in with "name.surn***@SERVERNAME.com" it again > > returns SERVERNAME/username although i want it to return > > "name.surname". > > I changed the IIS server settings, checked digest authentication and > > tried the other things, too. But makes no difference. > > It is said to originated from Kerberos Authentication... > > If anyone can help me I will be appreciated. > > Thanks for now, > > MK > > When you stated
> It is said to originated from Kerberos Authentication... you are indicating strong evidence from the security eventlogs showing that the login was negotiated to and did then successfully use Kerberos, not NTLM ?? Show quoteHide quote "MaURiCe" <mkas***@gmail.com> wrote in message news:1157462878.505088.151490@m73g2000cwd.googlegroups.com... > Hello, > I am trying to get username information by using > User.Identity.Name.ToString, if i logged in with username to given > network place, it is ok! It returns SERVERNAME/username. > Otherwise if I logged in with "name.surn***@SERVERNAME.com" it again > returns SERVERNAME/username although i want it to return > "name.surname". > I changed the IIS server settings, checked digest authentication and > tried the other things, too. But makes no difference. > It is said to originated from Kerberos Authentication... > If anyone can help me I will be appreciated. > Thanks for now, > MK >  
Other interesting topics
Recommendations for securing IIS 6.0 as a public web server
IIS Failover and CLustering or Virtual Server TEchnology? IIS FTP server authentication via Kerberos remove users from ftp site server certificate from cert service IIS 6 authentication problem iis6 password protected file issue Medium trust and HTTP handlers - help! Security on inetpub/wwwroot IIS Newbie question |
|||||||||||||||||||||||
