02-05-2003, 10:10 AM
I have been told to tighten security on my intranet from zero to maximum. Is there any way in ASP to see what the current user is logged into their machine as and use that to log into the intranet. I don't mind installing any 3rd party components.
02-05-2003, 10:13 AM
if the server is in the same domain as the client, Request.ServerVariables("LOGON_USER") contains the logged on username of the client
02-05-2003, 10:35 AM
It is on the same domain but unfortunately it isn't working, not returning any value.
02-05-2003, 10:53 AM
then you should set the security settings in IIS so that login as anonymous internet user is disabled, that way the username will be known. Dont have IIS running at my machine right now, so cannot tell you where to set these things exactly, but browse a bit through the IIS-settings. You should be able to find it ...
02-06-2003, 12:15 AM
You also could via ADSI have a login screen on your intranet for senstive areas. So the viewer has to re-enter their network username and password.
(Assuming your network is running Active Directory)
02-06-2003, 07:24 AM
what Roelf said.
Go to site properties, Directory Security tab, Edit button in Anonymous Access and Authentication Control, check Basic Authentication and uncheck the other two. Then click the corresponding Edit button if you want to specify a different domain.