Allow access to only certain AD group users to IIS site

Question

I have created Active Directory Group to allow access to certain users to an IIS 8.5 site. I have installed "URL Authorization" module as shown in below link:

http://www.iis.net/configreference/system.webserver/security/authorization

Added following Rule in Web.config file to allow access to users under "Domain\Security Group1" to IIS site.

<system.webServer>
        <security>
            <authorization>
                <remove users="*" roles="" verbs="" />
                <add accessType="Allow" users="" roles="Domain\Security Group1" />
            </authorization>
        </security>
</system.webServer>

But, above solution denies access to all users including users under "Domain\Security Group1".

I found following link in this forum, but it seems to for older IIS version (IIS7 and below)
Restrict access to IIS site to an AD Group

score 0 · Answer 1 · edited May 23 '17 at 12:41

I have found the solution. I had to change my C# code to resolve this issue.

I used following link as a reference.

https://stackoverflow.com/questions/4366090/c-sharp-check-if-the-user-member-of-a-group

Specifically, I used following reference code from above mentioned link.

foreach (string GroupPath in result.Properties["memberOf"])
{
    if (GroupPath.Contains(group))
    {
        return true;
    }
}

Allow access to only certain AD group users to IIS site

1 Answers1