Windows
Universal Dashboard is now a part of PowerShell Universal. This documentation is for reference to the v2 version of Universal Dashboard and is no longer maintained.
Windows
Not available in Community Edition.
Next, you need to ensure that your
web.config file has forwardWindowsAuthToken set to true.1
<?xml version="1.0" encoding="utf-8"?>
2
<configuration>
3
<!--
4
Configure your application settings in appsettings.json. Learn more at http://go.microsoft.com/fwlink/?LinkId=786380
5
-->
6
<system.webServer>
7
<handlers>
8
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
9
</handlers>
10
<aspNetCore processPath=".\net472\universaldashboard.server.exe" arguments="" stdoutLogEnabled="true" stdoutLogFile="\\?\%home%\LogFiles\stdout" forwardWindowsAuthToken="true" />
11
</system.webServer>
12
</configuration>
Copied!
The last step is to configure your dashboard to use Windows authentication. Specify a new authentication method with the
-Windows switch parameter and pass it to New-UDLoginPage. Include the -PassThru parameter to avoid having the login page shown. You should now be able to login to your UD site as the current user.1
Start-UDDashboard -Content {
2
$Auth = New-UDAuthenticationMethod -Windows
3
$LoginPage = New-UDLoginPage -AuthenticationMethod @($Auth) -PassThru
4
​
5
New-UDDashboard -Title "Line" -Content {
6
New-UDRow -Columns {
7
New-UDColumn -Size 12 -Endpoint {
8
New-UDHeading -Text "Logged in as $user"
9
}
10
}
11
} -LoginPage $LoginPage
12
} -Wait -AllowHttpForLogin
Copied!
Claims-Based Authorization with Windows Authentication
You can use claims-based authorization with Windows Authentication by use the
$UserPrincipal.HasClaims() method. There are several claims that will be provided by Windows to the Universal Dashboard authorization system. You can find a list here.Here is an example of a dashboard that uses claims-based authorization and Windows authentication to verify that a user has particular group membership before showing a page.
1
$AccountingPolicy = New-UDAuthorizationPolicy -Name "Accounting" -Endpoint {
2
param($ClaimsPrincipal)
3
$ClaimsPrincipal.HasClaim("http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", "S-1-5-21-931991156-4110752182-3137855529-1012")
4
}
5
​
6
$AdminPolicy = New-UDAuthorizationPolicy -Name "Admins" -Endpoint {
7
param($ClaimsPrincipal)
8
$ClaimsPrincipal.HasClaim("http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", "S-1-5-21-931991156-4110752182-3137855529-1011")
9
}
10
​
11
$AuthMethod = New-UDAuthenticationMethod -Windows
12
$LoginPage = New-UDLoginPage -AuthenticationMethod $AuthMethod -PassThru -AuthorizationPolicy @($AccountingPolicy, $AdminPolicy)
13
​
14
$AdminPage = New-UDPage -Name "Admins" -AuthorizationPolicy "Admins" -Content {
15
New-UDCard -Title "Admins" -Content {}
16
}
17
​
18
$AccountingPage = New-UDPage -Name "Accounting" -AuthorizationPolicy "Accounting" -Content {
19
New-UDCard -Title "Accounting" -Content {}
20
}
21
​
22
$Dashboard = New-UDDashboard -LoginPage $LoginPage -Title "Hi" -Pages @($AdminPage, $AccountingPage)
23
​
24
Start-UDDashboard -Wait -Dashboard $Dashboard -AllowHttpForLogin
Copied!
Last modified 8mo ago
Copy link