Configuring authentication to an IIS website

Kaplan, Andrew H 101 Reputation points
2023-09-20T17:12:07.4066667+00:00

Hello.

I have set up an IIS website on a Windows 2019 server in our Active Directory environment. My next step is to set up authentication to the site. To that end, I have already installed Authentication services for IIS on the system.

After that, I have disabled Anonymous authenticaion, and have enabled Windows authentication. What I want to do now is limit the ability to log into the website to a specific Active Directory group. How can that be done?

Windows development | Internet Information Services
Windows for business | Windows Client for IT Pros | User experience | Other
0 comments No comments
{count} votes

Accepted answer
  1. Sam Wu-MSFT 7,561 Reputation points Microsoft External Staff
    2023-09-21T02:08:41.1766667+00:00

    @Kaplan, Andrew H

    You can try below steps:

    1. Add Role via Windows Server Manager: Web Server (IIS) --> Web Server --> Security --> URL Authorization.
    2. Open the IIS Manager, now you will see Authorization Rules.
    3. Click on the right side panel: Add Allow Rule...
    4. Under Specified roles or user groups type the name of the AD group you need.

    Screenshot 2023-09-21 100316

    <configuration>
       <system.webServer>
          <security>
             <authorization>
                <remove users="*" roles="" verbs="" />
                <add accessType="Allow" roles="ADGroup" />
             </authorization>
          </security>
       </system.webServer>
    </configuration>
    

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Lex Li 6,037 Reputation points
    2023-09-20T19:36:58.6966667+00:00

    Authentication confirms the identity of a user, while authorization determines what resources users can or cannot access.

    quoted from

    https://learn.microsoft.com/en-us/iis/configuration/system.webserver/security/authorization/

    You should configure authorization rules to achieve this and that page has "Configuration Sample" for your reference.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.