Trust relationship between ... and the primary domain failed in MVC5 Authentication
Questions : Trust relationship between ... and the primary domain failed in MVC5 Authentication
2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00
843
I have a ASP .NET MVC5 application in which anycodings_asp.net-identity I am not using Windows Authentication.
Everything was working fine until I tried anycodings_asp.net-identity running the application outside of the anycodings_asp.net-identity Domain in which it was being developed and anycodings_asp.net-identity [for whatever reason] got a:
The trust relationship between this workstation and the primary domain failed.when I'm trying to do anycodings_asp.net-identity User.IsInRole["Admin"].
I am using custom Identity, Role, anycodings_asp.net-identity IdentityStore, RoleStore, etc. from .NET's anycodings_asp.net-identity Identity and I can see that the User and anycodings_asp.net-identity Role data is being retrieved from the anycodings_asp.net-identity [MongoDB] database correctly.
There are plenty of questions regarding this anycodings_asp.net-identity issue, but they're from people who want to anycodings_asp.net-identity use Windows Auth. and impersonation in their anycodings_asp.net-identity MVC applications:
With windows authentication, The trust anycodings_asp.net-identity relationship between the primary domain and anycodings_asp.net-identity the trusted domain failed, when calling anycodings_asp.net-identity IsInRole
How to configure Windows Authentication / anycodings_asp.net-identity Impersonation + IIS 7 + MVC
The trust relationship between the primary anycodings_asp.net-identity domain and the trusted domain failed
My.User.IsInRole["Role Name"] throws a Trust anycodings_asp.net-identity Relationship error on Windows 7
So why exactly am I getting this anycodings_asp.net-identity SystemException if I'm not using Active anycodings_asp.net-identity Directory and [as far as I know] not doing anycodings_asp.net-identity anything that might depend on the PC's anycodings_asp.net-identity domain? Am I missing some configuration anycodings_asp.net-identity [either in my Web.config or IIS Express]?
EDIT:
Ok, so narrowing it down a bit...
My User.IsInRole["Admin"] line is inside an anycodings_asp.net-identity if[] statement in my _Layout.cshtml View anycodings_asp.net-identity [i.e., to know what to show in the nav. bar anycodings_asp.net-identity depending on the role].
I now know I only get the error above when anycodings_asp.net-identity no user is authenticated and I'm not in the anycodings_asp.net-identity domain I used for dev. If I place a anycodings_asp.net-identity breakpoint on that line, I can see that the anycodings_asp.net-identity User object is is a anycodings_asp.net-identity System.Security.Principal.WindowsIdentity anycodings_asp.net-identity and its underlying Identity is anycodings_asp.net-identity System.Security.Principal.WindowsIdentity.
On the other hand, if the user is anycodings_asp.net-identity authenticated, then the User object and ts anycodings_asp.net-identity Identity are anycodings_asp.net-identity System.Security.Claims.ClaimsPrincipal and anycodings_asp.net-identity System.Security.Claims.ClaimsIdentity.
Why is it using Windows Identity at all anycodings_asp.net-identity [when unauthenticated] and how can I disable anycodings_asp.net-identity it?
Total Answers 10
24
Answers 1 : of Trust relationship between ... and the primary domain failed in MVC5 Authentication
So, based on my EDIT, I've modified my anycodings_asp.net _Layout.cshtml so that instead of having
@if[User.IsInRole["Admin"]] {...}I have
@if[User.Identity.IsAuthenticated && User.IsInRole["Admin"]] {...}which seems to solve the problem.
I believe the problem was that ASP .NET anycodings_asp.net Identity uses an empty WindowsIdentity anycodings_asp.net when no user is authenticated and when I anycodings_asp.net try to check for the User.IsInRole, then anycodings_asp.net it will try to check the roles of a anycodings_asp.net WindowsIdentity against an Active anycodings_asp.net Directory that I don't have. Obviously I anycodings_asp.net should first check if the user is even anycodings_asp.net logged in before attempting to check its anycodings_asp.net roles, so mea culpa.
But, even though the change above seems anycodings_asp.net to fix my code, I'd be very interested anycodings_asp.net in knowing more about this behavior: why anycodings_asp.net is it using an empty anycodings_asp.net System.Security.Principal.WindowsIdentity anycodings_asp.net when no user is authenticated. I'll anycodings_asp.net accept any answer which explains that.
0
2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link
mRahman
1
Answers 2 : of Trust relationship between ... and the primary domain failed in MVC5 Authentication
I've had this issue - It failed for me anycodings_asp.net if I tested an active directory group anycodings_asp.net that didn't exist.
Make sure you're using a group that anycodings_asp.net exists!
0
2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link
raja
2
Answers 3 : of Trust relationship between ... and the primary domain failed in MVC5 Authentication
I was having this issue with Asp.Net anycodings_asp.net Core 3.1 with Windows Authentication, anycodings_asp.net but this thread came up first when anycodings_asp.net searching the internet. I ended up anycodings_asp.net resolving the issue by decorating the anycodings_asp.net controller class declaration with the anycodings_asp.net following:
using Microsoft.AspNetCore.Authorization; [Authorize] public class SetupController : ControllerHope this is helpful for someone that is anycodings_asp.net using Windows Authentication and is anycodings_asp.net having the same error.
0
2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link
miraj
6
Answers 4 : of Trust relationship between ... and the primary domain failed in MVC5 Authentication
We were having this same issue on a new anycodings_asp.net production server. Using the Identity anycodings_asp.net Framework and restricting access to a anycodings_asp.net specific directory with a web.config anycodings_asp.net file denying any unauthenticated users. anycodings_asp.net When unauthenticated users tried to anycodings_asp.net access a page in this directory that anycodings_asp.net contained any User.IsInRole["RoleName"] anycodings_asp.net code, they were getting the "Trust anycodings_asp.net relationship..." error.
None of the fixes mentioned in other SO anycodings_asp.net answers worked for us.
Turns out we just had to enable Forms anycodings_asp.net Authentication in IIS - problem solved.
0
2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link
miraj
2
Answers 5 : of Trust relationship between ... and the primary domain failed in MVC5 Authentication
The "trust relationship between the anycodings_asp.net primary domain and the workstation has anycodings_asp.net failed" error message usaully requires anycodings_asp.net that the computer be removed from the anycodings_asp.net domain and then rejoined. Now there are anycodings_asp.net a few ways to do this. As included in anycodings_asp.net the link above, are instructions on how anycodings_asp.net to do so either on the computer anycodings_asp.net displaying the error or remotely. You anycodings_asp.net can also do so in Active Directory and anycodings_asp.net in PowerShell.
0
2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link
jidam
6
Answers 6 : of Trust relationship between ... and the primary domain failed in MVC5 Authentication
- make sure that you have the above line in your web.config file and complete the user field with the correct user name.
0
2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link
miraj
5
Answers 7 : of Trust relationship between ... and the primary domain failed in MVC5 Authentication
I've just resolved this in our systems, anycodings_asp.net unfortunately, none of the other anycodings_asp.net suggestions worked for me. The issue was anycodings_asp.net caused by an orphaned SID in a network anycodings_asp.net folder the code was attempting to anycodings_asp.net access. Once removed it started working anycodings_asp.net again.
0
2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link
miraj
3
Answers 8 : of Trust relationship between ... and the primary domain failed in MVC5 Authentication
I had exactly the same scenario with anycodings_asp.net custom Authentication Module and the anycodings_asp.net same error when doing IsInRole. The anycodings_asp.net highest ranking solution anycodings_asp.net [User.Identity.IsAuthenticated anycodings_asp.net && ...] did NOT help. So, I anycodings_asp.net played quite a bit with it. Finally I anycodings_asp.net found that I had to remove a anycodings_asp.net [preCondition="managedHandler"] anycodings_asp.net attribute from my module declaration in anycodings_asp.net web.config file. So, instead of:
... ...I would have to have:
... ...That did the trick for me!
0
2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link
miraj
4
Answers 9 : of Trust relationship between ... and the primary domain failed in MVC5 Authentication
For me, the whole membership provider anycodings_asp.net configuration tags were missing. After i anycodings_asp.net copy those from one our previous apps, anycodings_asp.net it worked fine.
0
2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link
jidam
3
Answers 10 : of Trust relationship between ... and the primary domain failed in MVC5 Authentication
On my case, I am not using anycodings_asp.net User.Identity but rather anycodings_asp.net Thread.CurrentPrincipal.Identity.Name
So when I approach this line of code:
Thread.CurrentPrincipal.IsInRole["admin"];That's where I will encounter the same anycodings_asp.net error message of:
The trust relationship between this anycodings_asp.net workstation and the primary domain anycodings_asp.net failed.
There are two cases why I encountered anycodings_asp.net the same issue and of course the fixes I anycodings_asp.net made:
- I was disconnected with my VPN. This will look for the role that doesn't exist since I am not connected with my VPN and not connecting with my AD accounts.
- If I am connected with my VPN and the role admin doesn't exist based on my code above, it will certainly trigger the same error message.
0
2022-08-16T20:23:16+00:00 2022-08-16T20:23:16+00:00Answer Link
joy