Restrict access to IIS site via AD group

Posted on by Luca Sturlese

Recently I have had to restrict access to an IIS site to users who are in a specific AD group – in my case Domain Admins (but it can be any group you want). This is how you do it….

Instructions

Here are the steps I took to be able to do this:

1. Configure your IIS site to use Windows Authentication. To configure Windows authentication:

  1. Start Internet Information Services (IIS)
  2. Click on your website or application
  3. From the right-hand pane, double click Authentication
  4. Enable: Windows Authentication
  5. Disable: Anonymous Authentication

2. Add the following into your application’s web.config file (if you don’t have one, create it):

3. Test and marvel at how easy it is 🙂

More Info

If you would like some more info in regards to IIS authentication check out these MSDN articles:

And that is how to restrict access to an IIS site.

Let me know if you got any questions or more info in the comments below.

Thanks
Luca

Categories Active Directory, Windows Admin
Tags , ,

Leave a Comment

Comment Formatting
You may use the following HTML tags and attributes in your comments: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Markdown is also supported to style and format your comments, making it useful for when posting code. See the Markdown Quick Refernce Guide for more information.

This site uses Akismet to reduce spam. Learn how your comment data is processed.