How do I get the currently loggedin Windows account from an ASP.NET page?
I have an ASP.NET 3.5 application that uses ASP.NET forms authentication. I want to be able to get the Windows user name currently logged into the computer (NOT logged into the ASP.NET application, but into Windows) when data is edited in a page.
If I use Context.User.Identity.Name.Tostring()
, I get the user name logged into the ASP.NET application, but I need the Windows account name.
System.Security.Principal.WindowsIdentity.GetCurrent().Name.Tostring()
Also, it only works when I run the website from Visual Studio, but after deploying to IIS it returns NT AUTHORITY\SYSTEM.
You have to set authentication mode to Windows
in your configuration & also disable anonymous users in authorization tag.
To get the currently logged in user to a Windows account you have to use Windows authentication
instead of Forms authentication
:
System.Security.Principal.WindowsIdentity.GetCurrent().Name.Tostring() also only works when i run the website from visual studio but after deploying to IIS it returns NT AUTHORITY\SYSTEM
It shows the application current user. When you host your application on the Visual Studio web server it uses your local account. However, when you will log in to the web application with different credentials it will always show your current Windows login.
An application deployed to IIS uses the NT AUTHORITY\SYSTEM account in your case.
To get the currently logged-in user to Windows in C#, use:
string Username = System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString();
I struggled and struggled and struggled with this. One of the things is that I don't have access to IIS, that is locked down, so I couldn't change any of the server settings. I had to go with what I was capable of doing in code. When I researched it, many of the replies said, "set up IIS like this". . .well, that's great when you have access to IIS, but I didn't -- I had to work with what I could do in code. So, I ended up handling it like this:
In my web config file, I added the following lines of code within the section:
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
Then, it returned an error on my local, which I had to go in and fix. I went to the applicationhost.config file located in the following path on my machine (yours might be different):
C:\users\"your user name"\My Documents\"yourIISInstallation"\config\applicationhost.config
and I changed the following settings to "allow", which had been set to "deny":
<section name="anonymousAuthentication" overrideModeDefault="Deny" />
changed to
<section name="anonymousAuthentication" overrideModeDefault="Allow" />
and
<section name="windowsAuthentication" overrideModeDefault="Deny" />
to
<section name="windowsAuthentication" overrideModeDefault="Allow" />
in the
<sectionGroup name="authentication">
section. Before I found out this fix, I was pulling my hair out over this. I hope this helps someone. As soon as I put in the above code into the webconfig file, it worked on the intranet, it just returned errors in my local, but as soon as I added the above to my local applicationhost.config file, it started working on my local as well. Then, I called the following variable to return the name of the logged in user on windows:
HttpContext.Current.User.Identity.Name.ToString().Substring((HttpContext.Current.User.Identity.Name.ToString().IndexOf("\\")) + 1);
Cheers!
I use this:
System.Security.Principal.WindowsPrincipal user;
user = new WindowsPrincipal(this.Request.LogonUserIdentity);
this.Request.LogonUserIdentity.Impersonate();
user_name = user_name.Substring(user_name.LastIndexOf("\\") + 1);