Share via


iisClientCertificateMappingAuthentication Element [IIS Settings Schema]

Note

For more information about the iisClientCertificateMappingAuthentication element, see the following topic on the Microsoft IIS.net Web site: IIS Client Certificate Mapping Authentication <iisClientCertificateMappingAuthentication>.

Specifies the settings Client Certificate Mapping authentication using IIS.

Syntax

Attributes and Elements

The following sections describe attributes, child elements, and parent elements for this section.

Attributes

Attribute

Description

defaultLogonDomain

Optional String attribute.

Specifies the default domain that the server uses to authenticate users.

enabled

Optional Boolean attribute.

Specifies whether Client Certificate Mapping authentication using IIS is enabled.

The default is False.

logonMethod

Optional enum attribute.

The logonMethod attribute can be one of the following possible values. The default is ClearText.

For more information on these values, see LogonUser on the MSDN site.

ValueDescription
BatchThis logon type is intended for batch servers, where processes may be executing on behalf of a user without their direct intervention. The numeric value is 1.
ClearTextThis logon type preserves the name and password in the authentication package, which allows the server to make connections to other network servers while impersonating the client. The numeric value is 3.
InteractiveThis logon type is intended for users who will be using the computer interactively. The numeric value is 0.
NetworkThis logon type is intended for high performance servers to authenticate plaintext passwords. Credentials are not cached for this logon type. The numeric value is 2.

manyToOneCertificateMappingsEnabled

Optional Boolean attribute.

Specifies whether many-to-one mapping is enabled

The default value is True.

oneToOneCertificateMappingsEnabled

Optional Boolean attribute.

Specifies whether one-to-one mapping is enabled

The default value is True.

Child Elements

Element

Description

manyToOneMappings

Optional element.

Maps client certificates to a set of wildcard criteria that authenticate the certificates and assign a user account.

oneToOneMappings

Optional element.

Specifies one-to-one client certificate mappings.

Parent Elements

Element

Description

configuration

Specifies the root element in every configuration file that is used by IIS 7.

system.webServer

Specifies the top-level section group (in ApplicationHost.config) in which this element is defined.

security

Specifies the section group that contains security-related sections.

authentication

Specifies the section group that contains authentication sections.

Remarks

For more information about the iisClientCertificateMappingAuthentication element, see the following topic on the Microsoft IIS.net Web site: IIS Client Certificate Mapping Authentication <iisClientCertificateMappingAuthentication>.

Element Information

Configuration locations

Machine.config

ApplicationHost.config

Root application Web.config

Application Web.config

Directory Web.config

Requirements

Microsoft Internet Information Services (IIS) version 7.0

See Also

Reference

manyToOneMappings Element for iisClientCertificateMappingAuthentication [IIS Settings Schema]

oneToOneMappings Element for security [IIS Settings Schema]