We have a strange and extreme problem when publishing our latest code from Test/UAT region to a production region.
After publishing to a production the authentication stops working, users cannot login to a site. What is more shocking, we cannot revert the code. Bringing the old code back doesn't solve the authentication issue.
We had a crisis during the production core hours and and fixed it with the entire server backup of couple of days earlier
Later on Friday night we attempted another migration, and the authentication stopped working again.
We cleaned the folder, restored it by placing the previously backed up files into that folder, but the authentication stayed broken.
We compared folder permissions between the test server and the production server. Synced those permissions, the authentication still didn't work.
We did other comparisons between production and test, everything seemed to be identical, still the users couldn't authenticate in a production environment
We restored the site not from the latest backup, but from the backup previous to the latest, authentication started working.
Web.config files were identical in the latest backup and the backup previous to the latest backup
We do have 4.8 dotnet framework confirmed by this command
PS C:\Windows\system32> Get-ChildItem 'HKLM:\SOFTWARE\Microsoft\NET Framework Setup\NDP' -Recurse | Get-ItemProperty -Na me version -EA 0 | Where { $_.PSChildName -Match '^(?!S)\p{L}'} | Select PSChildName, version
PSChildName Version
Client 4.8.03761
Full 4.8.03761
Client 4.0.0.0
We have these authentication settings in the web.config
<authentication mode="Forms">
<forms loginUrl="login.aspx" name="adAuthCookie" path="/" requireSSL="true" timeout="15" />
</authentication>
<authorization>
<deny users="?" />
<allow users="*" />
</authorization>
<identity impersonate="false" />
We run our site on the Windows 2016 Datacenter
Can anyone suggest any area we could explore so that the authentication can be a bit more stable?
Thank you everyone in advance
We have both form and anonymous authentication enabled is IIS.
For Anonymous we have specific user checked and IUSR selected
For Forms we have 15 for a timeout, Use Device profile mode, AdAuthCookie name, Encryption and Validation selected, and Requires SSL and Extend Cookie checked
What I have tried:
Tried to restore from latest backup