We have a strange and extreme problem when publishing our latest code from Test/UAT region to a production region.
After publishing to a production the authentication stops working, users cannot login to a site. What is more shocking, we cannot revert the code. Bringing the old code back doesn’t solve the authentication issue.
We had a crisis during the production core hours and and fixed it with the entire server backup of couple of days earlier
Later on Friday night we attempted another migration, and the authentication stopped working again.
We cleaned the folder, restored it by placing the previously backed up files into that folder, but the authentication stayed broken.
We compared folder permissions between the test server and the production server. Synced those permissions, the authentication still didn’t work.
We did other comparisons between production and test, everything seemed to be identical, still the users couldn’t authenticate in a production environment
We restored the site not from the latest backup, but from the backup previous to the latest, authentication started working.
Web.config files were identical in the latest backup and the backup previous to the latest backup
We do have 4.8 dotnet framework confirmed by this command
PS C:Windowssystem32> Get-ChildItem ‘HKLM:SOFTWAREMicrosoftNET
Framework SetupNDP’ -Recurse | Get-ItemProperty -Na me version -EA 0
| Where { $_.PSChildName -Match ‘^(?!S)p{L}’} | Select PSChildName,
versionPSChildName Version
Client 4.8.03761
Full 4.8.03761
Client 4.0.0.0
We have these authentication settings in the web.config
<authentication mode="Forms"> <forms loginUrl="login.aspx" name="adAuthCookie" path="/" requireSSL="true" timeout="15" /> </authentication> <authorization> <deny users="?" /> <allow users="*" /> </authorization> <identity impersonate="false" />
We run our site on the Windows 2016 Datacenter
Can anyone suggest any area we could explore so that the authentication can be a bit more stable?
Thank you everyone in advance
These are the authentication settings in the IIS, we have forms and anonymous authentication both enabled