This documentation is archived and is not being maintained.

X509SecurityTokenAuthenticator::MapCertificateToWindowsAccount Property

Gets a value that indicates whether to map the X.509 certificate to a Windows account.

Namespace:  System.IdentityModel.Selectors
Assembly:  System.IdentityModel (in System.IdentityModel.dll)

public:
property bool MapCertificateToWindowsAccount {
	bool get ();
}

Property Value

Type: System::Boolean
true to map the X.509 certificate to a Windows account; otherwise, false.

The MapCertificateToWindowsAccount property can only be set in a constructor.

If transport-level SSL or HTTPS security is being used and mapping is already provided by the underlying security channel or by Internet Information Services (IIS), then that mapping is applied with no chain-validation. Otherwise, prior to doing the mapping, the certificate is validated using a certificate chain, and the certificate must chain to an NT_AUTHORITY identity. The chain structure used corresponds to the CERT_CHAIN_POLICY_NT_AUTH as defined in the CertVerifyCertificateChainPolicy function (see the CertVerifyCertificateChainPolicy function in the Cryptography SDK). This behavior only occurs when mapping a certificate to a Windows account.

.NET Framework

Supported in: 4, 3.5, 3.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Show: