Virtual Happy Hour this month, Jun 28, we'll be getting a sneak preview at our soon to launch SaaS CMS!

Try our conversational search powered by Generative AI!

Allowing access to EpiServer CMS website to AD user


We have an EpiServer site in which we unchecked read access for the Everyone group. This forces anyone going to the website to be challenged by the standard EpiServer login screen.

I can log in just fine as I am part of the Administrators Windows group.

We want to allow someone else access so they can test the site and I am having trouble giving them access to log in.

Say their AD name is domain\user, I have the following set up in the site's web.config:


Then in main authorization for the web site root, I have the following:



Regardless, domain\user cannot log in.

Any ideas on how I can set this up so the user can log in?


Dec 01, 2017 15:26

Hi Kenneth 

You can deny unauthenticated users by simply using <deny users="?" />. This ensures users must be authenticated before they are authorised. You should be able to remove the virtualRole mapping then too.


Dec 01, 2017 17:46
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.