Hi,
I have a system that initially used Forms Authentication to authenticate users. It used the default asp membership and roles provider to handle storing of users details (e.g. username in aspnet_Users table), their status (e.g. IsApproved and IsLockedOut in aspnet_Membership table) and their associated roles (aspnet_UsersInRoles table).
It was changed to use Windows Authentication (e.g. the web.config authentication setting now points to Windows (instead of Forms), usernames in the aspnet_Users table are Windows usernames and IIS Authentication settings were changed (e.g. Forms Authentication disabled / Windows Authentication enabled etc..)). Most things seem to work, in that if a Windows user is listed in the aspnet_Users table then they are logged on automatically. If they are not listed in the aspnet_Users table then the user is denied access. Also users roles are picked up successfully. However one thing fails to work and that's the IsApproved and IsLockedOut properties. The app has a user management section where administrators can register Windows logins, assign roles and set the IsApproved property (e.g. to deny access). However, it doen't matter if the IsApproved property is set to True or False, the user can always access the system. Please note I've verifed that all the settings are getting persisted correctly to the database. The only way it seems to deny access is to delete the user but this is not desirable.
Is the Membership provider designed to work with Windows Authentication and if so is there a working example somewhere that demonstrates use of the IsApproved setting? The end goal is to log users on automatically using their Windows accounts (providing they're registered in the aspnet_Users and not disabled in the aspnet_Membership tables).
Please help me.
Thanks