→ 🚀What's New? Join Us for the Fall Product Launch! Register Now !

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dodgal
Engaged Sweeper
Hi,

I want to restrict access to the Web Console to a domain user group.

I followed the steps outlined in Lansweepers Knowledge base article "How to restrict access to the Lansweeper Website". It doesn't work for me. I changed the allowed roles to = BUILTIN\Administrators and I made my domain user group members of the administrators group on my Lansweeper server - this doesn't work either.

I am attaching my web config file and my ASP.NET Authorisation configuration for info. Is there anywhere else I should be looking? Or have I missed something? Anonymous access is disabled and windows authentication is enabled

Thanks in advance

Sorry - I can't upload my web.config file so I've copied it below. Neither can I send the screenshot of the ASP.Net config - file to big to upload.

Web.config file
configuration>
<appSettings>
<add key="MM_CONNECTION_HANDLER_Lansweeper" value="sqlserver.htm"/>
<add key="MM_CONNECTION_STRING_Lansweeper" value="Persist Security Info=False;Data Source=LANSWEEPER\SQLEXPRESS;Initial Catalog=Lansweeper32;User ID=lssqluser32;Password=mysecretpassword0*"/>
<add key="MM_CONNECTION_DATABASETYPE_Lansweeper" value="SQLServer"/>
<add key="MM_CONNECTION_SCHEMA_Lansweeper" value=""/>
<add key="MM_CONNECTION_CATALOG_Lansweeper" value=""/>
<add key="dateformat" value="dd/MM/yyyy"/>
</appSettings>
<system.web>
<identity impersonate="true"/>
<authentication mode="Windows" />
<authorization>
<deny users="?" />
<allow roles="BUILTIN\administrators" />
<deny users="*" />
</authorization>
<compilation debug="false" strict="false" explicit="true">
<assemblies>
<add assembly="System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
<add assembly="System.Web.Extensions.Design, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
<add assembly="System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
</assemblies>
</compilation>
<httpHandlers>
<remove verb="*" path="*.asmx"/>
<add verb="*" path="*.asmx" type="System.Web.Script.Services.ScriptHandlerFactory" validate="false"/>
<add verb="*" path="*_AppService.axd" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" validate="false"/>
<add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" validate="false"/>
</httpHandlers>
<httpModules>
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
</httpModules>
</system.web>
</configuration>



11 REPLIES 11
dodgal
Engaged Sweeper
Thanks so much for the quick response!

I just tried your suggestion and all that has achieved is to deny access to the web console when you browse from the lansweeper server, but any domain user even those not members of the Admin group on the Lansweeper Server can still browse to the Web Console from their own pc's.

Hemoco
Lansweeper Alumni
You need to change this to "DOMAINNAME\administrators" for the domain group or "COMPUTERNAME\administrators" for the local administrator group