我有一个 ASP.Net 2.0 应用程序,它使用集成的 Windows 身份验证来验证/授权用户。该应用程序在 Windows XP/IIS 5.1、Windows Server 2008/IIS 7 和 Windows Vista/IIS 7 上运行良好。当我尝试在 Windows 7/IIS 7.5 上运行此应用程序时,出现以下异常:The trust relationship between this workstation and the primary domain failed.
堆栈跟踪如下:
[SystemException: The trust relationship between this workstation and the primary domain failed.
]
System.Security.Principal.NTAccount.TranslateToSids(IdentityReferenceCollection sourceAccounts, Boolean& someFailed) +1085
System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) +46
System.Security.Principal.WindowsPrincipal.IsInRole(String role) +128
System.Web.Configuration.AuthorizationRule.IsTheUserInAnyRole(StringCollection roles, IPrincipal principal) +229
System.Web.Configuration.AuthorizationRule.IsUserAllowed(IPrincipal user, String verb) +354
System.Web.Configuration.AuthorizationRuleCollection.IsUserAllowed(IPrincipal user, String verb) +245
System.Web.Security.UrlAuthorizationModule.OnEnter(Object source, EventArgs eventArgs) +11153304
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +80
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +171
web.config 文件包含以下与身份验证/授权相关的信息:
<authentication mode="Windows" />
<authorization>
<!--Deny anonymous users-->
<deny users="?"/>
<allow roles="domain\GroupWithAccess"/>
<deny users="*"/>
</authorization>
我在研究此错误时发现的大多数结果都表明该问题与域中的计算机帐户损坏有关,并将解决方案列为重新加入域。我已经这样做了,但错误仍然出现。“正常”域操作工作正常(访问 UNC 共享、登录等)。
出于兼容性原因,此应用程序在 Classic .Net AppPool 中运行。我尝试将 AppPool 的标识更改为“NetworkService”,但错误仍然存在。
任何帮助是极大的赞赏。