views:

769

answers:

2

I am using Windows Authentication in my ASP.NET MVC application and I am prompted to enter credentials on my webserver which is a domain member [I have domain credentials and can authenticate fine] however when my controller action calls "User.Identity.Name" in an attempt to check a database value against the currently logged in user this is returning the SAM Account from the local machine and NOT the SAM account from the DOMAIN:

Local machine user name (which User.Identity.Name returns): LOCALPC\username

What I am expecting (which is what I am authenticating against AD as): DOMAIN\username

This causes me problems because I cannot accurately verify a user using only the username.

Am I missing something, is there a way to return what I am currently authenticated as to the webserver as opposed to what the local SAM account is on the client machine?

The reason this is important is because not all the intranet application clients will be domain joined (machines that aren't domain joined but belong to users with AD accounts).

A: 

When prompted in your web browser enter "DOMAIN\username" instead of just "username" for the authentication.

EDIT:

Is this a development server? Check the account that IIS is running on. Did you configure impersonation in web.config?

chris
If both users have the same password, this is the case, yes. If not, it shouldn't make a difference.
Martin C.
I always authenticate as DOMAIN\username, however User.Identity.Name apparently doesn't cache 'DOMAIN\username' and just returns 'LOCALPC\username' when asked for the name again (which is the issue) they aren't the same strings so they can't be compared against each other.
mig
It was my mistake, thanks for helping though.
mig
+1  A: 

My mistake, the issue is fixed now, it turned out to be an error in my code and the fact that my machine is not domain joined that was leading me to believe the issue was with the value of User.Identity.Name.

Thanks all for suggestions, hopefully my next contribution to the site will be on a less foolish note.

--

By the way - this link might help people looking for related information on authentication in IIS: http://blog.mike-obrien.net/PermaLink,guid,5e975b20-7b05-472f-bd80-04028ab8b6fa.aspx

mig