X509SecurityTokenAuthenticator.MapCertificateToWindowsAccount Property
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Gets a value that indicates whether to map the X.509 certificate to a Windows account.
public:
property bool MapCertificateToWindowsAccount { bool get(); };public bool MapCertificateToWindowsAccount { get; }member this.MapCertificateToWindowsAccount : boolPublic ReadOnly Property MapCertificateToWindowsAccount As BooleanProperty Value
true to map the X.509 certificate to a Windows account; otherwise, false.
Remarks
The MapCertificateToWindowsAccount property can only be set in a constructor.
If transport-level SSL or HTTPS security is being used and mapping is already provided by the underlying security channel or by Internet Information Services (IIS), then that mapping is applied with no chain validation. Otherwise, prior to doing the mapping, the certificate is validated using a certificate chain, and the certificate must chain to an NT_AUTHORITY identity. The chain structure used corresponds to the CERT_CHAIN_POLICY_NT_AUTH as defined in the CertVerifyCertificateChainPolicy function. This behavior only occurs when mapping a certificate to a Windows account.
