WindowsMembership and Role provider and web.config

Vote:
 

Right from windows provider

Can someone please explain how it all sticks together.

I have setup to use windows membership and role provider.
IIS -> Authentication and Anonym Auth is authenticated

       

User: "_ext_szymanra" is in the "U_SQLServerAdmin-VRZ1662TI1" group

User: _test_CMS_Admin01 is not.

in the "U_SQLServerAdmin-VRZ1662TI1" is a second user: _ext_szymanra_admdmz

when i go to EPiServer/CMS/admin/default.aspx

i cannot login with user _ext_szymanra, _test_CMS_Admin01 but i can login with _ext_szymanra_admdmz.

i have tried to:

  • remove 
  • set deny users and then allow users="xxx"

i Just do not understand how episerver works in this auth jungle.
Please help

#175294
Edited, Feb 15, 2017 18:23
Vote:
 

Haven't used windows provider for some years now, but if I remember correct it is important to know the difference between the windows provider, and the AD provider.

The windowsprovider only reads from the local machine, not the AD. But you can still see (some) AD users and groups when you use the windows provider. That is because AD users gets "cached" on the local machine (so you can log in even without being connected to AD).

So the cause for you problem could be that you've never logged in (to Windows) with the failing AD account on the machine. 

If the users and groups in your example are local windows account, I have no clue what could be the problem :-)

#175383
Feb 17, 2017 16:18
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.