[SOLVED] What can cause incorrect user names when using IIS & Windows Authentication?

Issue

I’m currently experiencing an issue with some users of an ASP.NET 4.8 Web API application hosted on Windows Server 2012 and IIS. The following properties are not returning that user’s correct user name, and instead returning the name of a service account used for this server:

  • HttpContext.Current.User.Identity.Name
  • HttpContext.Current.Request.LogonUserIdentity.Name

I have no idea how to begin troubleshooting this – myself and most other users do not experience this issue, but for a handful of users the above does not return the correct username, returning the username of a service account used to remotely connect to the server in question. Forcing a login via a browser private window does rectify the issue, and the application correctly returns the expected username for each of the above properties.

What could be a cause for Windows Authentication not returning the correct user name and what is the best way to troubleshoot an issue like this?

edit: I was able to resolve the issue, see my answer below

Solution

After some additional research and troubleshooting, I determined that the users experiencing the issue described above had the service account in question stored in the Windows Credential Manager:

enter image description here

Removing the service account in question allowed them to be authenticated with the Intranet site with their normal Windows domain\username. As @pcalkins suggested, at some point the affected users had used these credentials on their machine, and Chrome, Edge, IE were using that saved credential when authenticating with the Intranet site.

Answered By – mfcallahan

Answer Checked By – Willingham (BugsFixing Volunteer)

Leave a Reply

Your email address will not be published. Required fields are marked *