Restrict access to IIS site via AD group
Recently I have had to restrict access to an IIS site to users who are in a specific AD group – in my case Domain Admins (but it can be any group you want). This is how you do it….
Here are the steps I took to be able to do this:
1. Configure your IIS site to use Windows Authentication. To configure Windows authentication:
- Start Internet Information Services (IIS)
- Click on your website or application
- From the right-hand pane, double click Authentication
- Enable: Windows Authentication
- Disable: Anonymous Authentication
2. Add the following into your application’s web.config file (if you don’t have one, create it):
3. Test and marvel at how easy it is 🙂
If you would like some more info in regards to IIS authentication check out these MSDN articles:
And that is how to restrict access to an IIS site.
Let me know if you got any questions or more info in the comments below.